How effective are anti-viruses, are they worth the money?

hi,

 

Like everyone i'm concerned about my security online, i use a lot of bank application on my pc and i do some shopping from time to time. That's why i though an anti-virus is a good idea. But they are expensive and i've heard that they are not worth the money. Maybe a fun topic for logan to talk about ? 

 

What is your opinion? Buy it for 50 bucks or install a free one ?

If you have to spend money on an anti virus I recommend Malwarebytes Pro. I've heard from my friends that bit-defender is pretty good but it picks up a lot of false positives to the point its annoying and if you do online gaming with friends it can also get in the way. I however just use a bunch of free programs and they tend to do the trick. Avast, Super Anti-Spyware, Malwarebytes Free on my desktop. And in addition to the 3 previously mentioned, my laptop has Comodo firewall as well. I don't really think spending money on an antivirus is worth it unless you run a business or take the laptop when you travel. But there are plenty of free alternatives that do the trick.

It would be better to get a RAID 5 setup, backup every week then back that up every month. Also every month hire a person to come in and do a cleanup. Anti-Virus programs are dead.

Short answer ... YES they are worth it.

I use Avast Internet Security Suite ... and I don't recommend online shopping with a card hooked to your bank account. Instead buy a prepaid card and load to do online purchasing  ... that way if they get hacked they only have access to a card with little or no money on it at any given time.

When you've found a candidate, look around for deals on it. The regular price straight from the official website is usually quite high. Right now I'm running on a Kaspersky license which I got cheap(like $15) by ordering from a place that was clearing their shelves of last years packages, whose license doesn't make a difference for the knowledgeable user but can be more difficult to sell to the uninformed average consumer. Another time I got a license at 50% off the regular price through an offer that at the time was presented to anyone uninstalling the trial version. Look around and the "price/performance" can improve drastically.

To keep track on what software is currently giving the best protection I look at serious test sites like av-test.org and av-comparatives.org .

I'm pretty that Logan did talked about it and he said that free antivirus is just as good payed antivirus. Correct if I'm wrong. 

as far as free ones go Avast is decent  ... I use for my charity case clients.

I use Kaspersky and I really like it. I think it all comes down to whether or not you mind spending the money. If you don't mind then it's nice to be able to cherry pick what you like best. If you don't want to pay then beggars can't be choosers, but generally speaking you will get by just fine.

Don't waste money on commercial anti-virus applications!

The maximum detection rate of any program out there in Windows is about 20%.

Even scanning a Windows system through clamav doesn't have a 100% detection rate. It's almost 100%, but not quite.

The only thing that you can do to protect yourself online, is to change your habits. Just don't use insecure closed source programs for things like online banking, going on the internet, and communicating. Keep the closed source software for free entertainment purposes, or when necessary for paid entertainment, but make sure not to make payments through the closed source software infected system.

By the definition of malware, almost - if not all - closed source software nowadays is malware. That's just how it is.

For some degree of real-time protection, the windows defender will do just fine when you're not going on the web with Windows, because it has basic firewall functionality that suffices for most users on a PC that's behind a router with a standard linux-based firewall built-in, which all routers have. You can check online for routers that are known to contain malware or NSA induced security bugs, there are lists out there, and never use a router provided by an ISP.

If you really are unwilling to migrate from a commercial software console to a real open source operating system, and don't want to compromise on instant access and ease of use, the least you can do is to install Virtualbox on your PC (which is free), and run a lean linux distro in it to surf the web, access your bank, and send and receive emails. You can drag/drop between windows and the linux in virtualbox, you can run the linux in a window like any windows application. Even if that won't protect your data from Microsoft and the likes, it will at least give you a pretty good buffer against browser-based or mail-client-based attacks. If you however get infected MS-Office files (which are the main source of infection besides flash- and javascripts), receive them in linux, but then use them in windows, you'll bring the source of the infection to your host system anyways.

To regularily check for malware, there is only one way, and that's basically the way cloud service providers use, like Microsoft or Google or Amazon: with clamav. I've posted a howto for that on the forum. You can have the anti-malware power of Google on your PC for absolutely free, and it's really easy to do. You just use a live distro on a CD or DVD (not on a USB stick because those are writable and are also known malware vectors) once a week or so, and let it do a scan while you sleep.

If you really don't want to deal with malware, there is only one thing to do: dump that software console, and move to an open source real operating system. Not everyone is willing to do that because of the choice overload, they like to be told what to use instead of having to choose what they like best, so they just rather pay for someone else choosing for them, but for the people that really want to improve their lives, I can only recommend it. That doesn't mean that there isn't a reasonably safe way to use Windows applications anymore, for those musicians and gamers out there that don't want to miss out on windows-only games or want to continue to use budget-friendly music recording and production software with budget-friendly consumer hardware, because the gamers are held hostage the most, and musicians can use OSX, but that's another software console, which is safer and cheaper than windows, but it's still a 25 USD investment after having paid over a 100 USD for Windows already, and it's still a closed source software console with a closed ecosystem that can be classified as malware by definition... BUT, there is a HUGE difference between using a malware software console just for making music and getting entertained, whilst doing everything else on your computer in a more user friendly, more user centric, more secure, and overall more responsible way with open source software, OR allowing everyone and their dog to control your life, mind and possessions by using a closed source software console for everything.

It's very logical how it all fits together in the end: some people assemble their own PC's, and research the parts prior to buying them, so that they know what parts have known issues, what parts have compatibility problems, etc..., and they accept that they don't have a guarantee on the entire system, because they take their fate in their own hands. Other people pay a system integrator to build a system for them and make hardware choices for them, because they want the guarantee of the vendor on the complete system. If you transpose that idea to the software world, this basically sound consumer rights principle starts to make no sense at all, because in the software world, if you download an open source operating system, which is available for free, and which can be customized and selected after research, pretty much just like one would do research for hardware parts, you accept that you have no written guarantees, but you see that there is a huge followup of any possible problems by the huge and talented open source community, and since you can change at any time and you're not bound to a system, and everything is compatible with everything, there is no real potential for damage, WHEREAS, if you pay a company for a license to use a closed source software product, you don't get any guarantees at all, in fact, you have to agree with a EULA that says that you have no right of recourse against the licensor or manufacturer at all. From a logical standpoint, that makes no sense at all. If you would see sales conditions like that on a hardware product, you would never want to buy that product, you would probably refuse to even use it for free.

It's just a matter of taking a step back, and looking at the larger picture. Computer safety is a matter of common sense, and it's just not common sense that you pay for a product, and then have to pay extra for other closed source products to protect you against the dangers of that product you've bought. This is a risk and a burden that should not be on the shoulders of the paying customer. It's just wrong, however you look at it.

1 Like

Yeah seriously what he said. I've been taking a few forensic classes in college and it is pretty scary.

https://www.youtube.com/watch?v=Wuy_Pm3KaV8 Great video worth the entire watch. System internals great flipping software go download it, seriously best task manager ever. http://technet.microsoft.com/en-us/sysinternals/bb842062.aspx

I have removed a replicating virus just like one of the viruses he covered in the video just with system internals. The virus actually made Windows Defender corrupted and any thing that need admin privileges would not work.

I have struggled to find a anti-virus, anti-malware, anti-adblock software, not plugin, for years that doesn't limit the user and has the ability to find REAL, not false positives, malware.

From what I know, it doesn't exist.

Anti-Virus programs are dead.

1 Like

In terms of layered security, why wouldn't you run an antivirus? The main question is which/whos service to use? One factor many people don't seem to care about is transparency, or maybe rather the "promises" of security vendors. An open letter called "Bits of Freedom" was sent to all bigger security & antivirus companies asking how they respond to federal requests and wheter they whitelist any governmental malware. About 50% of these major companies has published an open answer, the rest 50% hasn't given a statement at all...

I've worked in the Corp IT security space for around eight years or so and while traditional av, relying on definitions for detection, is basically dead due to the amount of zero days coming out in quick succession, advanced detection (behavioral) based av is actually pretty effective.

That being said nothing is perfect but I personally use Bitdefender TS 2k15 as it scans web links, behavioral scanning, better firewall and has a lot of little utilities packed in that make it worth ~$85 for three pcs for a year (it covers the wife, myself and kid).

Vendors that can use collected intelligence from around the web to tell you whether that legitimate site, (looking at you Yahoo) has a trusted ad server that is compromised serving malicious ad files, is no longer a trusted web link to click on is a life saver for drive-by attacks as a majority of attacks funnel in through the web or email.

Taking all of the above into consideration, there is no replacement for a good lesson in do's and do not's when surfing the web or checking email - just about everything on the internet is a greasy dark alley waiting to give you internet herpes.

Saying AV programs are dead is just plain silly in my opinion but total reliance on them is also silly.

The real question is what is the plural of virus. Is it viruses or... viri?

I can vouch for Malwarebites, saved my arse a few times, i happy to pay for it

i just use microsoft security essentials 

I use Malwarebytes and my customers prefer Kaspersky, period!

I just go with avira and malwarebytes scans, it worked so far. The last paid solution I used (Sophos) induced massive rage with tons of false positives.

I recommend free Avira. Some other just had too many false positives even on my own programs, including simple 10-line-code tests that do not even touch filesystem (one of my older posts has example).

Kaspersky just turns dual-xeons into celerons, in my experience, and I gave it a fair number of shots over the years.

Company has sophos and it made even some fresh installations freeze on boot (did not find out reason, system restore and it works fine again)

Comodo is shit, and they censor criticism.

I made a post on their forum chastising them over this issue, and they deleted the post. Fuck Comodo.