twelveparsex
[H]F Junkie
- Joined
- Nov 30, 2000
- Messages
- 12,955
i just install linux on my parents computers problem solved. has everything they need and it's still user friendly
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Do You Really Need Antivirus Software?
- Thread starter HardOCP News
- Start date
i just install linux on my parents computers problem solved. has everything they need and it's still user friendly
You can run Norton on a machine that's 4 or 5 years old....now if you bought a POS machine 4 or 5 years ago, then perhaps not, but a decent machine from that period can run it.
My e4300 (4 years) can run it. My work machine which is regrettably almost 5 years old can as well. Obviously my 9 month old i7 has no problem either. Norton only scans the disk while idle. Scanning files as they come from the web isn't noticeable IME
I get customers calling in quite often with their 5+ year old PCs that they dont want to replace. The culprit is often Norton/McAfee/Kaspersky Full Security suites that just take over the whole PC.
Not good on a 1GB 3GHz single core.
They dont want to get rid of them (the suites) because they paid a huge amount for them. So they keep coming back. Eventually they listen to me, I remove the Suites and just install MSE and the problems just go away. Customers call me to say how much faster their machines run.
In fact it works so well, they really start to enjoy their PCs more and often come back invigorated and wanting to buy a new PC a few months later.
No complaints at all re. the installation of MSE.
Not good on a 1GB 3GHz single core.
They dont want to get rid of them (the suites) because they paid a huge amount for them. So they keep coming back. Eventually they listen to me, I remove the Suites and just install MSE and the problems just go away. Customers call me to say how much faster their machines run.
In fact it works so well, they really start to enjoy their PCs more and often come back invigorated and wanting to buy a new PC a few months later.
No complaints at all re. the installation of MSE.
Anybody that runs a Windows machine connected to a network with no AV is crazy IMO. A lot of sites get hacked everyday and they can be a shopping site, a news site, a forum, a ad server which can be feeding hundreds and thousands of ads to different sites, etc....
How would you know if you have a virus if you don't have a AV installed? Some symptoms may be obvious some may not be obvious at all like with rootkits. Staring at your inbound/outbound connections may help but who wants to do that all of the time? The program you use to scan once a month with may not pick it up. Malwarebytes is a good program but I have seen it not pick up infections a number of times and not be able to clean the machine when it did find something. No AV is perfect but something is better than nothing. Also creating images is very important as well.
My GF visited a animal rescue site(and we know the owner) several months ago that was hit. Anybody that has that little of a life and that much time to hack a animal rescue site will hack any site as far as i'm concerned. Anyway, I use a free AV solution, I won't mention which so we don't get into this vs. that AV debate... that has a network/web scanner and it blocked the site from loading. There was also a shopping site she went to that the AV also blocked from loading and saved the day again. I even went to a hobby site a ways back that sold model cars and airplanes to buy a gift for somebody and the site had a iframe infection, that was blocked. Maybe they were false alarms, I don't know, I doubt it and i'm glad I didn't find out the hard way.
Common sense goes a long way but your common sense is not going to prevent somebody from hacking a site that you think would be safe to go to. This forum was hacked a month or two ago. Luckily Kyle and the crew were on top of it but I have read horror stories of forums getting destroyed, from malformed PHP scripts linking to malware to the hacker just deleting the entire SQL database that php uses.
How would you know if you have a virus if you don't have a AV installed? Some symptoms may be obvious some may not be obvious at all like with rootkits. Staring at your inbound/outbound connections may help but who wants to do that all of the time? The program you use to scan once a month with may not pick it up. Malwarebytes is a good program but I have seen it not pick up infections a number of times and not be able to clean the machine when it did find something. No AV is perfect but something is better than nothing. Also creating images is very important as well.
My GF visited a animal rescue site(and we know the owner) several months ago that was hit. Anybody that has that little of a life and that much time to hack a animal rescue site will hack any site as far as i'm concerned. Anyway, I use a free AV solution, I won't mention which so we don't get into this vs. that AV debate... that has a network/web scanner and it blocked the site from loading. There was also a shopping site she went to that the AV also blocked from loading and saved the day again. I even went to a hobby site a ways back that sold model cars and airplanes to buy a gift for somebody and the site had a iframe infection, that was blocked. Maybe they were false alarms, I don't know, I doubt it and i'm glad I didn't find out the hard way.
Common sense goes a long way but your common sense is not going to prevent somebody from hacking a site that you think would be safe to go to. This forum was hacked a month or two ago. Luckily Kyle and the crew were on top of it but I have read horror stories of forums getting destroyed, from malformed PHP scripts linking to malware to the hacker just deleting the entire SQL database that php uses.
DyNamiC.
[H]ard|Gawd
- Joined
- Mar 27, 2006
- Messages
- 1,256
This is exactly what I am talking about. We still get tons of people that get hit by the latest drive by and come in raging about how we "took off their expensive protection and put on that free crap" and how the one they bought probably would have protected them.
DyNamiC.
[H]ard|Gawd
- Joined
- Mar 27, 2006
- Messages
- 1,256
I'm talking about Joe Random consumer. You know, the people that buy the Wal Mart special computers.
Disposed
Supreme [H]ardness
- Joined
- Mar 2, 2010
- Messages
- 5,211
You didnt even read that post at all did you?
DyNamiC.
[H]ard|Gawd
- Joined
- Mar 27, 2006
- Messages
- 1,256
Yes, I did. I pointed out that my experiences were totally different than his.
He stated that the people call back and thank him for switching them to MSE.
I stated that they call back saying they picked up some new infection with MSE and are upset.
Maybe it was you that didn't read.
MagicMan84
Limp Gawd
- Joined
- Apr 9, 2008
- Messages
- 326
There's a lot of pirated software which is clean, and plenty which isn't. Having AV is a must have for pirates.
GreenMonkey
2[H]4U
- Joined
- Jun 25, 2006
- Messages
- 2,159
Ha. I just clicked on a link looking for details about slow cooker turkey breast cook times and got a virus from a totally legit looking link from google.
Looks like it was a java exploit of some kind. Trojan Downloader: win32/Karagany.A:
http://www.microsoft.com/security/p...nloader:Win32/Karagany.A&ThreatID=-2147328422
All I had to do was click on a google link about turkey breast. Oh wait, if I was smart, I guess I would know that it was dangerous turkey breast article.
Looks like it was a java exploit of some kind. Trojan Downloader: win32/Karagany.A:
http://www.microsoft.com/security/p...nloader:Win32/Karagany.A&ThreatID=-2147328422
All I had to do was click on a google link about turkey breast. Oh wait, if I was smart, I guess I would know that it was dangerous turkey breast article.
Ding ding ding!
We have a winner. I like to use AV software, but only for scanning, not babysitting/CPU wasting. Go ahead and scan away at 3am. I don't care. But the first time my AV tries to hang my PC doing an update while I'm using it, starts unsolicited scans, displays warning pop-ups for no good reason, blocks use of intended programs and/or internet access it gets uninstalled with prejudice, because it's become the malware I was trying to avoid. I've uninstalled a lot of AV software.
While UAC is a good layer of defense, it is not infallible. There has been a breach of UAC just this week which completely bypasses it:
http://nakedsecurity.sophos.com/2010/11/25/new-windows-zero-day-flaw-bypasses-uac/#comments
I've said this before in other threads, but I view using AV software as being like wearing a bulletproof vest in a gunfight. A bulletproof vest is not even close to being 100% coverage - it doesn't cover your head, your arms or your legs. You'd be crazy to rely solely on the vest to protect you; you need to employ other layers of protection and tactics to avoid having bullets come your way in the first place. But you'd also be crazy to not use the vest at all and rely entirely on those other things.
Some posters in this thread insist that they're avoiding the gunfight entirely by staying on legit, trusted websites. That is pure 100% stupid, because legit, trusted websites are exactly the sort of sites hackers like to compromise. No website is immune to attack. HardOCP was hacked just last month, so all readers who believe "smart browsing" is enough should no longer read HardOCP.
Employ multiple layers of defense, because each layer of defense is vulnerable. AV is vulnerable to attack, so you need other layers of defense in case it fails. Those other layers of defense are also vulnerable to attack, so employ AV to fend off some of those attacks. If you believe you are not under attack, layers of defense you don't even know are there are protecting you, and sooner or later, they will fail.
http://nakedsecurity.sophos.com/2010/11/25/new-windows-zero-day-flaw-bypasses-uac/#comments
I've said this before in other threads, but I view using AV software as being like wearing a bulletproof vest in a gunfight. A bulletproof vest is not even close to being 100% coverage - it doesn't cover your head, your arms or your legs. You'd be crazy to rely solely on the vest to protect you; you need to employ other layers of protection and tactics to avoid having bullets come your way in the first place. But you'd also be crazy to not use the vest at all and rely entirely on those other things.
Some posters in this thread insist that they're avoiding the gunfight entirely by staying on legit, trusted websites. That is pure 100% stupid, because legit, trusted websites are exactly the sort of sites hackers like to compromise. No website is immune to attack. HardOCP was hacked just last month, so all readers who believe "smart browsing" is enough should no longer read HardOCP.
Employ multiple layers of defense, because each layer of defense is vulnerable. AV is vulnerable to attack, so you need other layers of defense in case it fails. Those other layers of defense are also vulnerable to attack, so employ AV to fend off some of those attacks. If you believe you are not under attack, layers of defense you don't even know are there are protecting you, and sooner or later, they will fail.
Pieter3dnow
Supreme [H]ardness
- Joined
- Jul 29, 2009
- Messages
- 6,784
Agreed, install Linux even better. if you are using applications which revolve around direct acces to the kernel you better install something. Periodic testing of a system is the most you need to do, that is if you know what you are doing.
Fixing a system can be as easy as format c:
Ha. I just clicked on a link looking for details about slow cooker turkey breast cook times and got a virus from a totally legit looking link from google.
Looks like it was a java exploit of some kind. Trojan Downloader: win32/Karagany.A:
http://www.microsoft.com/security/p...nloader:Win32/Karagany.A&ThreatID=-2147328422
All I had to do was click on a google link about turkey breast. Oh wait, if I was smart, I guess I would know that it was dangerous turkey breast article.
Pro tip #1. Don't run in administrator mode and that wouldn't have been a problem.
Just to see what would happen, I installed MSE and ran a scan just now. Absolutely nothing was found.
This is a 2.5 year old machine that has been on the one XP install since I built it, yet some how I miraculously managed to avoid getting any viruses installed by using common sense. I might go install it on my wife's two computers just out of curiosity. If she can avoid getting viruses then anyone willing to listen to a few tips can avoid it too.
This is a 2.5 year old machine that has been on the one XP install since I built it, yet some how I miraculously managed to avoid getting any viruses installed by using common sense. I might go install it on my wife's two computers just out of curiosity. If she can avoid getting viruses then anyone willing to listen to a few tips can avoid it too.
My A64 3000+ can run this stuff too. If their machine is slower than that, and can't be upgrade, it may be time to tell them they own a Pinto, and they're one rear end accident away from death.
This software is not a resource hog. I've installed it in a VM and it runs fine (OTOH, Norton 2005-2006 literally took a day to install in the same VM). In short, Norton (I don't have a 5 year old copy of the other AV software to compare) uses far fewer resources today than it did 5 years ago. So if your typical user can't run Norton today, then they bought a machine so slow that there as never a time that they could run it.
You'd really have to run it from a boot disk to be relatively certain that that's true. If the exploit loads before the AV software, the exploit will win (if it's well written). Thus, booting from a CD prevents the eploit(s) from loading.
Nevertheless, you may be virus free. In the end, I find that the cost (free, even for Norton (AR)) is worth it...and the resources used are not noticeable, since Norton doesn't scan the HD while you're using the PC, and I'm not worried about losing a few cycles while browsing the web.
DyNamiC.
[H]ard|Gawd
- Joined
- Mar 27, 2006
- Messages
- 1,256
Sadly thats the case with a lot of people I run into. I mean these are people that are so cheap they won't buy 1gb of DDR.
Hell we built a nice quad core Win7 box for a lawyer here in town. Then he tells us his office printer won't work with it. He brings it in for us to set up... It was manufactured in 1994. He was angry that it wouldn't work like it did before. We finally got it setup though.
Sigh.
Emission
Supreme [H]ardness
- Joined
- Dec 6, 2005
- Messages
- 4,420
Ahh, but Chrome was recently rated the *most* vulnerable browser
, and IE the least, . Who knew?
Emission
Supreme [H]ardness
- Joined
- Dec 6, 2005
- Messages
- 4,420
The amount of misinformation in this thread is mind-boggling. Why would anyone use Norton? They only want your money. Same with most of the other anti-virus companies.
Given that you can buy a Laser printer for under $100 (one with a scanner/photocopier/fax for $120), you have to be nuts to worry about using the ancient one...especially if it's anything other than a laser printer.
Aside from the fact that Norton is generally rated at or near the top of all AV software and I get it for FREE every fucking year, I can't imagine why I'd get it
DyNamiC.
[H]ard|Gawd
- Joined
- Mar 27, 2006
- Messages
- 1,256
Tell him that. He outright demanded we make it work with the new machine or he wanted his money back.
To quote him: "I bought a dishwasher, it still working 15 years later. Why shouldn't my printer? Why would I buy a new one when this one works just fine."
These are the cheap asses I deal with day in and day out.
SS_Wehrwolf
Gawd
- Joined
- Apr 5, 2005
- Messages
- 632
If you are not a moron... and dont have any morons who message you regularly with pictures and crap...you dont need virus protection... simple as that...
knock on wood and all.. but 19 years on the internet... 0 virus'... but about 5000 FALSE positives when using virus protection... i dont bother anymore...
knock on wood and all.. but 19 years on the internet... 0 virus'... but about 5000 FALSE positives when using virus protection... i dont bother anymore...
Disposed
Supreme [H]ardness
- Joined
- Mar 2, 2010
- Messages
- 5,211
Pieter3dnow
Supreme [H]ardness
- Joined
- Jul 29, 2009
- Messages
- 6,784
Ahh, but Chrome was recently rated the *most* vulnerable browser
Yeah sadly people believe that stuff too
.PornoSatan
2[H]4U
- Joined
- Sep 3, 2004
- Messages
- 3,493
Finally an article that makes sense. I'm tired of seeing "Your trial has expired, you are no longer protected against the latest threats." on random PC's anyway. Fuck Antivirus software, it's an IO hogging and CPU glutton, waste of cycles. Get some common sense, stay updated, and don't do stupid shit.
Most people are better off with a 24/7 Antivurs though unfortunately. Sad but true, but one will never touch any of my systems.
Most people are better off with a 24/7 Antivurs though unfortunately. Sad but true, but one will never touch any of my systems.
Cerulean
[H]F Junkie
- Joined
- Jul 27, 2006
- Messages
- 9,476
Norton has a "Gaming Edition" version of their Anti-Virus suite that is faster, more efficient, and more effective.. and costs more.Aside from the fact that Norton is generally rated at or near the top of all AV software and I get it for FREE every fucking year, I can't imagine why I'd get it
PornoSatan
2[H]4U
- Joined
- Sep 3, 2004
- Messages
- 3,493
By the way, I keep logs of stuff going in an out of my system in key startup points. The only way shit I don't know about is getting into my system is via some unknown 0day browser exploit (that doesn't involve some suspicious shell prompt briefly popping up or other suspicious activity) that immediately starts using rootkit abilities and cloaks well enough not to get detected by various rootkit tools I have. Not likely but it's possible. I'm pretty OCD with my system, and I'm 99% sure I haven't had a virus or any sort of malware for the atleast 8 years.
All the DLL's loaded in the exe's are obviously safe too. No API hooking, etc. Clean, smooth.
I don't care if a system is totally legit, I get annoyed to no end if I see a system with like 60 processes running, with random names like DFIupdate.exe, QPrinter192.exe, XFCConfig.exe, XdCk.exe, dk1Toolbar.exe, and so on. Most of it isn't needed in order for a user to use the system how he wants and is usually installed without his consent anyway.
All the DLL's loaded in the exe's are obviously safe too. No API hooking, etc. Clean, smooth.
I don't care if a system is totally legit, I get annoyed to no end if I see a system with like 60 processes running, with random names like DFIupdate.exe, QPrinter192.exe, XFCConfig.exe, XdCk.exe, dk1Toolbar.exe, and so on. Most of it isn't needed in order for a user to use the system how he wants and is usually installed without his consent anyway.
Cerulean
[H]F Junkie
- Joined
- Jul 27, 2006
- Messages
- 9,476
Ahh, my bad. Not any more.
They used to thoughhttp://us.norton.com/antivirus-gaming/information/index.jsp
We're supposed to be so smart that we know AV software isn't the end all be all to prevent infection, but is one of several layers of defense. Firewall, network configuration, smart browsing, browsing configuration, group policy, AV software.
Instead you guys are spewing "facts" that AV software doesn't really help, so your "answer" is not to use AV software because it's a waste of effort and resources.
AV software is not a complete solution. If you and the rest of you were [H] you would realize that.
So yes, I laugh at those who claim to be experienced or an IT person and not use AV software.
WBurchnall
2[H]4U
- Joined
- Oct 10, 2009
- Messages
- 2,622
K. Done.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 5178
Windows 6.1.7600
Internet Explorer 9.0.7930.16406
11/25/2010 8:05:08 PM
mbam-log-2010-11-25 (21-36-05).txt
Scan type: Full scan (C:\|)
Objects scanned: 372441
Time elapsed: 39 minute(s), 47 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
SS_Wehrwolf
Gawd
- Joined
- Apr 5, 2005
- Messages
- 632
lol... I started out using windows 3.1 and DOS 6... to this day i;ve never had a virus... i;ve had windows me...xp... and now vista 64bit... I play games primarily.. and download things i shouldnt...and im telling you... 0 virus' in 19 years..thats going back to the first time i ever logged onto a BBS...i've fried one motherboard... an internal speaker... 2 video cards... a dozen memory sticks... an AMD cpu...and 3 hard drives... and god knows how many mice and keyboards over that time...no virus' what so ever were responsible... all i ever got were false positives using the virus scanner...
Dont hate...im sure one day i will get one... it just hasnt happened yet...and i see no reason to use another stupid fucking program running in the background that kills my system resources while i try to suck the life out of my hardware to play my games... but hey... you go through your full body scanners and your pat downs if you choose... i wont...lol
SS_Wehrwolf
Gawd
- Joined
- Apr 5, 2005
- Messages
- 632
See thats the kicker...its part of a good defense... heres the thing that doesnt do that for me...
If i got a virus.. and i lost all of my data... its a nuissance... i could care less... i dont save financial information or anything else on here that wouldnt take me a week of downloading to get back...if my email accounts are compromised... theres nothing there but bullshit...some of us actually still use paper and pen...i know its hard to believe... but if you want to maintain information... electronically with AV protection and a firewall etc. etc. isnt the answer.. you need to diversify...paper and pen are nice.. paper and pen with copies is better... paper and pen with copies in a simple code... maybe phone numbers backwards... different area codes...starting with the 4th number in your bank account... whatever... AV is not useful since its not 100% reliable...and most virus' if you were to become infected... are usually going to be because you were just plain stupid to begin with...
Do you really trust your friends and family electronically to always be sending you things that arent infected? Do you trust they are even the ones sending it to you.. do you check the properties of every single email message to see if it even originated from their domain server? No.. you dont... thats where 90% of virus' come from... friends and family who have infected computers and/or who send you infected material...that you open up because you just do not understand the fundamentals...
Here is a list of the fundamentals on the internet...
TRUST FUCKING NOTHING...
Once you understand that reality...you will realize you only have yourself to blame for getting a virus after opening an attachment or following a stupid fucking youtube like link a buddy sent you....
Disposed
Supreme [H]ardness
- Joined
- Mar 2, 2010
- Messages
- 5,211
OCD... If a service is loaded into memory that takes 2 megs of ram its not going to hurt you or affect you in any way. The whole process obsession is just stupid and always has been.
I have a 14 inch cock and drive a jet to work. The internet is fun.
Once again the dipshit system resources argument. If you are a gamer and think an AV is too much for your system you fail. Trust me guy its not the 10 megs the AV is taking thats getting you killed...
Disposed
Supreme [H]ardness
- Joined
- Mar 2, 2010
- Messages
- 5,211
If you think thats the only way they spread you are worse than i thought.
some people have to learn the hard way...
the other day people were complaining about some ads on reddit were setting off their AV's. If you didn't have an AV and/or don't run adblock, you might have picked it up and wouldnt even know!
"surfing smart" with no AV is just as bad as the people who run AV but still end up with 20 toolbars installed on their IE
Bobthecoolguy
Limp Gawd
- Joined
- Jun 22, 2009
- Messages
- 140
You are implying that it wasn't a false positive.
You Sir, have never actually researched Virus creation and detection!
MrGuvernment
Fully [H]
- Joined
- Aug 3, 2004
- Messages
- 21,810
I wish people would drop the "safe browsing" crap, it is crap, you don't have to be a pirate or hit porn sites to get infected, as already said, but i am sure ignored, many legits sites get hacked up every day, add servers, heck [H] has had links in threads that cause chrome and my AV to go off. I am sure you still think only gay people get HIV too....
You can be as safe as you want but the one day www.cnn.com or something gets hit, this is when you get screwed and your ignorance helps the spread of something that could of been prevented but your arrogance wouldn't allow that cause your a safe browser!
You can be as safe as you want but the one day www.cnn.com or something gets hit, this is when you get screwed and your ignorance helps the spread of something that could of been prevented but your arrogance wouldn't allow that cause your a safe browser!
I sure hope it was an expensive computer. At some point, my desire to put the dick in his place out weighs my desire to make money. There must be a good analogy to the law that would piss the asshole off.