Is Anti-Virus A Joke?

[Bhav]

36 minutes ago, Pesukarhu said:

Norton only deletes automatically files that are viruses, untrusted will just get "paused" until you go to norton and tell that the file is safe. You can actually disable this. But norton eats resources like hell every time it wants to do something. Have noticed that disconneting the internet speeds it up a ton, but then there's really no point having active anti-virus. The default configuration is horrible if you want to use anything that might not be used by thousands of people that have norton.

False. It ate a virus free game mod.

[Pesukarhu]

6 minutes ago, Bhav said:

False. It ate a virus free game mod.

Maybe it was hungry. I might have been lucky with norton

[ekv]

As security engineer and developer i can tell you that anti-virus is far from a joke. This isn't a marketing post so i will not name any anti-virus that i usually recommend but in a last few years anti-virus softwares becomes so sophisticated that even some virus developer gives up from few coding languages and they was forced to use other ones, wich end up dropping number of FUD (Fully Undetected) marvels and malicious softwares. So if you are not advanced PC user i would warmly recommend you to spend few bucks on some AV software. Especially because ransomware is on killing spree in this moment.

[Bhav]

Free Avast is better than most other paid for AV software, and won't display pop ups while gaming or delete safe files. Its also the only AV product recommended by Steam.

[scottyseng]

Hmm, I've used Norton since 2008. I'm running Norton Security now on our PCs, all with no issues. I still don't get the whole it eats system resources argument...it's barely noticeable on any of my PCs. It does flag things as false positive though, I agree on that. It's not too hard to restore said file using the file history setting. If you're using some sketchy software, you'd be better off making a "safe" folder that Norton ignores to keep your stuff in.

 

I know perfectly well that I can live with Windows Defender or Avast, but I'd rather have Norton as a backup. First importance is knowing what you're doing online. They're getting really crafty with viruses these days. I've set up friends with Windows Defender and they've had no issues. I would run with Windows Defender at the minimum.

 

On my NAS though, Symantec Endpoint blocks a lot of intrusion attempts on my NAS running Windows Server 2012 R2. I have no idea how serious that is or why anyone is trying to attack a home NAS, but it's nice to know it's doing something.

 

At the same time though, regardless on how great of a anti virus software you use, it means nothing if a non tech savvy person disables it....stares at cousins...

[Wolf_Lbh]

Believe it or not all products are not the same. An i7 is not the same as an i3. Norton is not the same as an antivirus that actually works.

Yesterday I got an email from my mother and it only had a link in it. I clicked it and it started to load before my brain caught up with me and put two and two together and closed the tab. Was it obvious? Yes. Was clicking it still an easy mistake to make? Yup.

Even without a really dumb moment like I had it is very easy to get a virus. A simple malicious ad (which do show up on legit sites, they don't individually manage each ad that shows up on their site usually but use an ad host) can very easily install a file which modifies your browser to run a malicious script that will infect your computer.

The standard windows antivirus does not cut it. Imagine 600 million bank vaults, all with the same lock... you would be pretty sure to crack that lock if you were a thief right? Well any hacker worth their salt is going to make sure their virus gets by the windows antivirus.

[CyberMist]

On 3/8/2016 at 2:11 AM, Gabriel Manuel said:

snip

Download anvirus tool, with tag ScanOnDemand. thats mean once it start, nothing can terminate it.. Lots of viruses have feature which at first moment kill existing antivirus, next block most common antivirus/antimalware websites, and even block task manager..   

When my friend gave me his infected pc with such virus. I did simple steps.. First used portable Advanced system care, to terminate startup's softwares,, disabled programs.. Then runned Dr.Web scan on demand. And virus get kicked out from that pc.. Latter restarted pc, and first thing Installed decent antivirus and update it.  Then scan again with multiple anvirrus/antimalwares his pc.. And how that it..

[Wolf_Lbh]

1 minute ago, CyberMist said:

Download anvirus tool, with tag ScanOnDemand. thats mean once it start, nothing can terminate it.. Lots of viruses have feature which at first moment kill existing antivirus, next block most common antivirus/antimalware websites, and even block task manager..   

When my friend gave me his infected pc with such virus. I did simple steps.. First used portable Advanced system care, to terminate startup's softwares,, disabled programs.. Then runned Dr.Web scan on demand. And virus get kicked out from that pc.. Latter restarted pc, and first thing Installed decent antivirus and update it.  Then scan again with multiple anvirrus/antimalwares his pc.. And how that it..

Try that with a cryptolocker.

And a lot of malware prevents antimalware programs from running. Just because it works on the easy stuff doesn't mean it can cope with everything out there.

[CyberMist]

1 minute ago, Wolf_Lbh said:

snip

thats why I recomend scan on demand.. Thats mean, antivirus/antimalware simply can't be terminated. Once it start, it goes to the end..  

in order run scan on demand u have to run it from usb memory stick or flash card.  Suggested to firstly add that tool in winrar archive with random name.. Because viruses have protection which block most used antiviruses/antimalwares. Thats mean neither downloading, neither installing. Only scan on demand which runs instantly can help in such situation...  Dr.Web is one of tool which I used. But its not only one. kaspersky I think also have such tool, bit defender too.  

[Wolf_Lbh]

8 minutes ago, CyberMist said:

thats why I recomend scan on demand.. Thats mean, antivirus/antimalware simply can't be terminated. Once it start, it goes to the end..  

in order run scan on demand u have to run it from usb memory stick or flash card.  Suggested to firstly add that tool in winrar archive with random name.. Because viruses have protection which block most used antiviruses/antimalwares. Thats mean neither downloading, neither installing. Only scan on demand which runs instantly can help in such situation...  Dr.Web is one of tool which I used. But its not only one. kaspersky I think also have such tool, bit defender too.  

Except that won't restore the files that get encrypted or corrupted by the virus, or the information it steals from you and uses to spend your money/loot your gaming accounts.

[CyberMist]

4 minutes ago, Wolf_Lbh said:

Except that won't restore the files that get encrypted or corrupted by the virus, or the information it steals from you and uses to spend your money/loot your gaming accounts.

U mean about ransom type virus which encrypt your hardware, change desktop as it look like somekind police or other security office lock your pc.. Then ask to pay fee and other crap... 
I have been infected by such virus..   No Anvirus where able to stop it. Neither bitDefender, neither kaspersky, no one from top 15 most common internet security solution where able protect.. So moral of storry where, don't stick your nose everywhere..

 

And Scan on demand is require more like to break front line, to make sure it remove anvitirus blocking. Once u able to install decent one then u do it. 

 

 

[Wolf_Lbh]

2 minutes ago, CyberMist said:

U mean about ransom type virus which encrypt your hardware, change desktop as it look like somekind police or other security office lock your pc.. Then ask to pay fee and other crap... 
I have been infected by such virus..   No Anvirus where able to stop it. Neither bitDefender, neither kaspersky, no one from top 15 most common internet security solution where able protect.. So moral of storry where, don't stick your nose everywhere..

 

And Scan on demand is require more like to break front line, to make sure it remove anvitirus blocking. Once u able to install decent one then u do it. 

 

 

Moral of the story is to have a decent antimalware program installed that offers real time protection.

[CyberMist]

Just now, Wolf_Lbh said:

Moral of the story is to have a decent antimalware program installed that offers real time protection.

and such would be?? malwarebytes? Tested,, ransom ignored it. 

I can repeat what I wrote before.. 

I tested at that time top 15 most commong internet security solutions,, non one where able to stop it.  I still do have that bastard ransom in my cd.   

[Wolf_Lbh]

1 minute ago, CyberMist said:

and such would be?? malwarebytes? Tested,, ransom ignored it. 

I can repeat what I wrote before.. 

I tested at that time top 15 most commong internet security solutions,, non one where able to stop it.  I still do have that bastard ransom in my cd.   

Don't be stupid. If Mbam blocks 99.9% of malware that is obviously a lot better than 0% (or 50% or however much the default windows setup blocks). Maybe you found one piece of malware mbam doesn't block, maybe you found 100, doesn't matter. There are millions.

[SansVarnic]

16 hours ago, Wolf_Lbh said:

Believe it or not all products are not the same. An i7 is not the same as an i3. Norton is not the same as an antivirus that actually works.

Yesterday I got an email from my mother and it only had a link in it. I clicked it and it started to load before my brain caught up with me and put two and two together and closed the tab. Was it obvious? Yes. Was clicking it still an easy mistake to make? Yup.

Even without a really dumb moment like I had it is very easy to get a virus. A simple malicious ad (which do show up on legit sites, they don't individually manage each ad that shows up on their site usually but use an ad host) can very easily install a file which modifies your browser to run a malicious script that will infect your computer.

The standard windows antivirus does not cut it. Imagine 600 million bank vaults, all with the same lock... you would be pretty sure to crack that lock if you were a thief right? Well any hacker worth their salt is going to make sure their virus gets by the windows antivirus.

Windows Defender is pretty solid. I have used it since it was a paid service. It is not a simple low grade antivirus program you make it out to be.

 

Wikipedia source reference;

Started with this: https://en.wikipedia.org/wiki/Windows_Live_OneCare

Turned it this: https://en.wikipedia.org/wiki/Microsoft_Security_Essentials

Eventualy became this: https://en.wikipedia.org/wiki/Windows_Defender

 

Windows Defender is the culmination of the three projects combined in Windows10. I find to be a strong contender in the antivirus market. 

As you state with everyone having the same lock .... that is true.

I am not out to to be the defender of Windows defender but you do give a low regard to what it is. You imply that it is nothing more than sugar coating and sweep it under the rug.

[Wolf_Lbh]

4 minutes ago, SansVarnic said:

Windows Defender is pretty solid. I have used it since it was a paid service. It is not a simple low grade antivirus program you make it out to be.

 

Wikipedia source reference;

Started with this: https://en.wikipedia.org/wiki/Windows_Live_OneCare

Turned it this: https://en.wikipedia.org/wiki/Microsoft_Security_Essentials

Eventualy became this: https://en.wikipedia.org/wiki/Windows_Defender

 

Windows Defender is the culmination of the three projects combined in Windows10. I find to be a strong contender in the antivirus market. 

As you state with everyone having the same lock .... that is true.

I am not out to to be the defender of Windows defender but you do give a low regard to what it is. You imply that it is nothing more than sugar coating and sweep it under the rug.

I didn't say it was a bad product. The problem is the vast majority of computer users use it because it is decent or because they don't know how/can't be bothered to change it. The fact that if you make a virus that gets by windows defender it means you can probably infect the vast majority of computers in circulation means hackers are highly motivated to beat it. It is simply about targeting the largest audience you can.

[Maihym]

On 3/8/2016 at 4:11 PM, Gabriel Manuel said:

Hello, I'm new to this forum and I hope to feel welcomed as a new-comer in LinusTechTips .

 

Anyways, I'd like to focus on if anti-virus is actually a joke. I had a virus on my old computer that just made it very slow and unreliable. My step-brother decided to add an anti-virus software to help clean out the problem but it still did not work. Today, I have what I like to call "A Gaming PC" and I don't want to hurt it . The PC case is a Corsair Spec 02 Case running with a:

CPU
    Intel Core i5 4690K @ 3.50GHz    25 °C
    Haswell 22nm Technology
RAM
    8.00GB Dual-Channel DDR3 @ 666MHz (9-9-9-24)
Motherboard
    MSI H97 PC Mate(MS-7850) (SOCKET 0)    
Graphics
    2757 (1920x1080@60Hz)
    2047MB NVIDIA GeForce GTX 750 Ti (EVGA) 
Storage
    232GB Samsung SSD 850 EVO 250G SCSI Disk Device (SSD

Continuing it is running with a Windows 10 Pro 64-Bit.

 

I just got off topic lol, anyways I have an Anti-Malware Software and a CCleaner software. Would these be considered the best or the worse for protecting my computer? 

I just use Quihoo 360 and I enabled it to use the two other antivirus engines it has on there. Plus malwarebytes every now and then.

[CyberMist]

1 minute ago, Wolf_Lbh said:

Don't be stupid. If Mbam blocks 99.9% of malware that is obviously a lot better than 0% (or 50% or however much the default windows setup blocks). Maybe you found one piece of malware mbam doesn't block, maybe you found 100, doesn't matter. There are millions.

99.99%? Where did u read it? Its almost as most common/template promote line in most common security solution websites... 

 

I telling what I have been through, I used MBam before,, but I stopped, because non of av, internet security, antimalware able to protect more than 80%, And its far from 99% as u say..... 

 

Plus by how it where measured its protection??? if it can hold like 99 malwares from 100, Then sure its nice.. But if all 100 of them where trashes?? So what? 

 

Want to see how antimalwares antiviruses perform. simply downloading virus packs and bang lets see how it fight back.. Thats my way..   I don't go with any cheap marketing lines  

[SansVarnic]

7 minutes ago, Wolf_Lbh said:

I didn't say it was a bad product. The problem is the vast majority of computer users use it because it is decent or because they don't know how/can't be bothered to change it. The fact that if you make a virus that gets by windows defender it means you can probably infect the vast majority of computers in circulation means hackers are highly motivated to beat it. It is simply about targeting the largest audience you can.

Of course.

[Wolf_Lbh]

2 minutes ago, CyberMist said:

99.99%? Where did u read it? Its almost as most common/template promote line in most common security solution websites... 

 

I telling what I have been through, I used MBam before,, but I stopped, because non of av, internet security, antimalware able to protect more than 80%, And its far from 99% as u say..... 

 

Plus by how it where measured its protection??? if it can hold like 99 malwares from 100, Then sure its nice.. But if all 100 of them where trashes?? So what? 

 

Want to see how antimalwares antiviruses perform. simply downloading virus packs and bang lets see how it fight back.. Thats my way..   I don't go with any cheap marketing lines  

Yes, 99.9%. You underestimate how many viruses there are and how many crappy ones exist. Soap kills 99.9%+ of bacteria and people still get sick all the time.

Your argument has no logic at all as you haven't refuted my initial point which still holds true. Even if mbam only blocked a single virus that is still 1 more than 0. And it blocks a hell of a lot of them. Not using it (or at least a decent antimalware program) is just dumb.

[CyberMist]

10 minutes ago, SansVarnic said:

snip

I read about Windows defender story, and how it evolved, But lets be honest.   Its not best solution arround, Its ok to keep it as secondary av. it will not hurt. I have defender on all times, while using other one as primary protection.

[SansVarnic]

Just now, CyberMist said:

I read about Windows defender story, and how it evolved, But lets be honest.   Its not best solution arround, Its ok to keep it as secondary av. it will not hurt. I have defender on all times, while using other one as primary protection.

Multiple AV's working together will cancel each other out. FYI.

[CyberMist]

2 minutes ago, Wolf_Lbh said:

Yes, 99.9%. You underestimate how many viruses there are and how many crappy ones exist. Soap kills 99.9%+ of bacteria and people still get sick all the time.

Your argument has no logic at all as you haven't refuted my initial point which still holds true. Even if mbam only blocked a single virus that is still 1 more than 0. And it blocks a hell of a lot of them. Not using it (or at least a decent antimalware program) is just dumb.

I didn't say I don't have interent security.. Plus my current one doing well enough, plus from my 5000 virus pack testing it proved good enough. and this is why I using it now..  

Your logic that MBam is better than nothing would work for guys who don't have any protection. But I do have.  Plus do not think that only MBam  is one security solution arround.. 

[CyberMist]

4 minutes ago, SansVarnic said:

Multiple AV's working together will cancel each other out. FYI.

For now, my current anvirus have no conflict with defender... But  yes, it could happen. Like if I would use my current av with MBav then they will start blocking each other and so one..  Some av have no conflict with defender.. some does..  

Plus defender don't have active resident protection so don't get in way. And I use it when I suspect that my primary one failed.  And if defender pass that file too, I use totalvirus(multi engine av) scan on website..

 

 

[Wolf_Lbh]

3 minutes ago, SansVarnic said:

Multiple AV's working together will cancel each other out. FYI.

Although Mbam pro is a "second opinion scanner" which runs 24/7 so you can use that with an antimalware program. I've only used it with windows defender though so I can't say it will play nice with joe's crab shack antimalware program but it shouldn't have any issues with the major ones. I have never had a single issue with windows defender anyways.
 

 

1 minute ago, CyberMist said:

I didn't say I don't have interent security.. Plus my current one doing well enough, plus from my 5000 virus pack testing it proved good enough. and this is why I using it now..  

Your logic that MBam is better than nothing would work for guys who don't have any protection. But I do have.  Plus do not think that only MBam  is one security solution arround.. 

I said multiple times mbam or something decent. I think the issue here is a language barrier.

Also a 5000 virus pack is probably mostly made up of older crapier viruses or even pups and false positives that some programs might not flag by default because they are simply annoying but not malicious. To truly test the worth of an antimalware program it should be tested against 0 day threats as odds are any older viruses worth blocking have already been added to the database and heuristics are the key selling point.