Stop Paying For Anti-Virus

GSDragoon

Limp Gawd
Joined
Feb 24, 2004
Messages
174
how easy is it to disable completely disable windows defender for gaming though? don't you have to use a registry hack or group policy? see i'm still using win7 as long as i can. and i like to get as many FPS as possible.
Use NSudo to run things as Local System or Trusted Installer and you can disable a lot more stuff than administrators can, including the Windows Security Service and whatnot. That way you don't have to change permissions and take ownership of system registry keys. It's a much cleaner way.
 

d3athf1sh

Gawd
Joined
Dec 16, 2015
Messages
672
Use NSudo to run things as Local System or Trusted Installer and you can disable a lot more stuff than administrators can, including the Windows Security Service and whatnot. That way you don't have to change permissions and take ownership of system registry keys. It's a much cleaner way.
that's cool. but w/ nod32 i just put the service on manual (and uncheck in msconfig) and then when i do a fresh boot it doesn't start my AV. So then i get faster boots and gaming performance then if i want to surf the web i just start the service. with windows defender to disable it completely you got mess with the registry and whatever else and restart then go thtough all the same stuff to get it going again.

That's all i was talking about was how much harder it is to disable W.D. if you don't like it having it running when you are gaming, music production, etc, etc. Especially when you also use same computer for other use cases when you would want it running.
 

SvenBent

2[H]4U
Joined
Sep 13, 2008
Messages
3,171
We all know the best av is your finger. If you don't click the link, read the email or open the attachment you're probably safe.
Sorry But You gotta pe pretty ignorent into attack vectors to ever think this.

MSblaster is my favorit example how this i just not correct. it could infect you system during isntall of windows xp even before you dekstop would load the first time.
Thinking you infection always reqiures human clicking or running something is just plain out incorrect, and dont know how buffer overflows. SQL injection or any moderne attack vector works
 

SvenBent

2[H]4U
Joined
Sep 13, 2008
Messages
3,171
Yep, this is unfortunately the majority of PC/Mac users.

I went to an undergraduate class yesterday at a major university, 50k+ student university. I sat in the way back of the lecture hall with 300+ students. For shits and giggles I looked at everybodys computer screen (Only looked at the top of the screen) and saw that the majority of them had these devices over their laptop camera or a sticker over it. Easily 70+ people.... Good on a company to capitalize on the fear of someone spying on them through the camera but... Yeah.....
Well you read how dell technician have been spying on a girl through her webcam then yeah.
the shit i see on some ppl workcomputer because they dont know i can see anything anytime. i have one guy and the "last picture feom desktop" i always some porn. i swear i think he only uses his work laptop for porn
offcause this is work computer
 

cybereality

Supreme [H]ardness
Joined
Mar 22, 2008
Messages
6,180
Thinking you infection always reqiures human clicking or running something is just plain out incorrect
Right. I have seen ad networks compromised and attempting to inject malicious code from seemingly legitimate websites like IGN, etc. that you would assume are safe.

I've also, in the past, visited not-so-legit websites and had them install a rootkit on my computer without me clicking any link. Just visiting a sketchy site with Javascript and Java enabled can do it.
 

nutzo

Supreme [H]ardness
Joined
Feb 15, 2004
Messages
7,380
So I guess you worked for an organization that made several huge mistakes like having Windows workstations and no off-site backups lol.
Every application we use runs under Windows, including our own software product we sell.
No Windows means no company.


You are also underestimating the current generation of RansonWare and the damage done.
These are criminal organizations that are targeting companies to extort money.
All they need is for someone to click on a link or open an attachment, and they have a path into your network.
AV software is always playing catchup, so if you get hit with something new, your AV software will not see it.

It's also not a gradual infection. Once they are in, they will take their time and infiltrate as many of your servers/systems as possible.
They will delete any backups you have, they will even erase tapes waiting to be swapped out in your tape changer.
If they get passwords to you cloud storage, they will even attack that.
Then they will unlease the encryption late at night or early in the morning so it has time to encrypt as much as possible before being discovered.

Even if you pay for the keys, you will likely have a lot of files that are corrupted, system that won't boot, etc.
It will also take days to unencrypt any large servers, assuming the even decryption works.
Even if everything decrypts and is restore, you are left with a network that has been compromised.
This means that they could have passwords, account information, and that there are likely back doors left for others to get into your systems again.

Many of the experts recommend wiping every system and reloading from scratch. Every server, every workstation, then just restoring the data files.
That's the only way you can be safe.

And yes, I'm speaking from experience.
Anyone caught participating in one of these Ransomware attacks should face a lifetime in jail or worse.

Ransomware is only possible because they can accept anonymous payments like bitcoin.
Only way I can see to stop ransomware is to ban all anonymous cryptocurrency payments.
Either ban cryptocurrency or force all payments through exchanges that require all users to provide a full identification so the transactions can be tracked.
 

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
8,459
Every application we use runs under Windows, including our own software product we sell.
No Windows means no company.


You are also underestimating the current generation of RansonWare and the damage done.
These are criminal organizations that are targeting companies to extort money.
All they need is for someone to click on a link or open an attachment, and they have a path into your network.
AV software is always playing catchup, so if you get hit with something new, your AV software will not see it.

It's also not a gradual infection. Once they are in, they will take their time and infiltrate as many of your servers/systems as possible.
They will delete any backups you have, they will even erase tapes waiting to be swapped out in your tape changer.
If they get passwords to you cloud storage, they will even attack that.
Then they will unlease the encryption late at night or early in the morning so it has time to encrypt as much as possible before being discovered.

Even if you pay for the keys, you will likely have a lot of files that are corrupted, system that won't boot, etc.
It will also take days to unencrypt any large servers, assuming the even decryption works.
Even if everything decrypts and is restore, you are left with a network that has been compromised.
This means that they could have passwords, account information, and that there are likely back doors left for others to get into your systems again.

Many of the experts recommend wiping every system and reloading from scratch. Every server, every workstation, then just restoring the data files.
That's the only way you can be safe.

And yes, I'm speaking from experience.
Anyone caught participating in one of these Ransomware attacks should face a lifetime in jail or worse.

Ransomware is only possible because they can accept anonymous payments like bitcoin.
Only way I can see to stop ransomware is to ban all anonymous cryptocurrency payments.
Either ban cryptocurrency or force all payments through exchanges that require all users to provide a full identification so the transactions can be tracked.
Ever heard of cycling off site offline backups? And even if you're unfortunate enough to run Windows only software you could still diversify your hardware and run windows virtualized. That way all your eggs are not in the same basket.
 

Jagger100

Supreme [H]ardness
Joined
Oct 31, 2004
Messages
7,616
We all know the best av is your finger. If you don't click the link, read the email or open the attachment you're probably safe. But for those times when your finger does something it's not supposed to do there are Anti-Virus programs, both free and paid, that are supposed to stop bad things from happening. This article says the default av that ships with windows is more than sufficient.
https://www.pcworld.com/article/3434097/why-you-can-stop-paying-for-antivirus-software.html
Easy to say about people on this forum. But what about Grandma's porn habit.

Suprise Google wanted AV out of its browser and Microsoft want AV off its OS. And surprise, the press falls in line. Call me cynical, but this is about keeping your mined data exclusive to SV.
 

SvenBent

2[H]4U
Joined
Sep 13, 2008
Messages
3,171
Every application we use runs under Windows, including our own software product we sell.
No Windows means no company.
They will delete any backups you have, they will even erase tapes waiting to be swapped out in your tape changer.

Serious sounds like a backup design failure if you have write access to any old backups.
We (were i work) have recovered several companies server from ransomware attacks.
none of our backups system are writeable to the old backup from the client site.
 

SvenBent

2[H]4U
Joined
Sep 13, 2008
Messages
3,171
Easy to say about people on this forum. But what about Grandma's porn habit.

Suprise Google wanted AV out of its browser and Microsoft want AV off its OS. And surprise, the press falls in line. Call me cynical, but this is about keeping your mined data exclusive to SV.
not even easy to say for people on this forum
its plain out technical incorrect. and any person on this forum believing you only get infected from clicking on something is utterly incompetent in security.

These kind of attack is low hangin fruit attack. and it does help being smarter not clicking random thins, but it does not protect you 100% like peopel think once the hang their online ego on not using AV
 
Top