Do you use antivirus software?

[Hugh Jass]

...your killing yourself in the foot.

Ummm...what?

 

[biostud]

I can't see any reason not to.

But as you say, being smart about what you're doing is the best defense. I don't think i've got an alert from MSE in over a year

 

[UberNeuman]

Why waste cpu cycles?

Why not?

 

[Paperlantern]

Why not?

I know, people have been doing it since Folding@Home came out!

Seriously though, I agree with what's been said about not using AV, I haven't run AV on my windows systems... ever. The one or two viruses I have gotten were zero day things anyway that an AV protection program wouldn't have stopped in the first place. Another was me being stupid and kicked off an exe i shouldn't have a LONG time ago. A reformat and reinstall fixes it and life goes on. I don't visit bad sites, i don't do a LOT of surfing in general really, most of the SURFING i do is on linux or mac machines. I just don't see the need for AV for my purposes.

 

[LokutusofBorg]

Those of you saying you don't use AV and you don't get viruses... how do you know? You aren't running any AV.

A good analogy is cops wearing bullet-proof vests. Their head, sides, and legs all still expose their bodies to potentially fatal attack vectors. So why bother putting on the damn vest? Because the vest clearly protects against the most common, direct frontal deadly attacks. AV is exactly the same.

Signatures work, heuristics work. Making any program that's able to stop *all* threats is statistically impossible, and is something that every CS major has to learn about (called NP-Complete). AV solutions focus on what they *can* solve/prevent, and for the most part they do it fairly well. With multiple choices on the market that are cheap/free and have a proven track record of high detection coupled with minimal performance impact, I cannot see how *not* using AV is smart in any way, shape, or form.

Again, if you're not running AV how do you know you are virus-free? You don't.

 

[Nothinman]

Those of you saying you don't use AV and you don't get viruses... how do you know? You aren't running any AV.

A good analogy is cops wearing bullet-proof vests. Their head, sides, and legs all still expose their bodies to potentially fatal attack vectors. So why bother putting on the damn vest? Because the vest clearly protects against the most common, direct frontal deadly attacks. AV is exactly the same.

Signatures work, heuristics work. Making any program that's able to stop *all* threats is statistically impossible, and is something that every CS major has to learn about (called NP-Complete). AV solutions focus on what they *can* solve/prevent, and for the most part they do it fairly well. With multiple choices on the market that are cheap/free and have a proven track record of high detection coupled with minimal performance impact, I cannot see how *not* using AV is smart in any way, shape, or form.

Again, if you're not running AV how do you know you are virus-free? You don't.

Even with A/V you can't be 100% sure you're clean because, as you've stated, you can't make software to catch all threats. And frankly in real-life, they don't work all that well and the performance impact is much more than minimal. Over the past few years, almost every instance of fake A/V being installed on a PC has been while they were running a real A/V too. And the worst part about the fake A/V trojans isn't the infection, it's the fact that too many people put their credit card info into them hoping to just make them go away. Software can't fix that.

 

[n7]

Nope. Haven't for many years now and haven't gotten any viruses.

Of course, considering how many virus removals i've performed on other people's PCs, i'd like to hope i know better.

Basically all infections these days are user-induced, so if the user aren't installing the wrong things, viruses really aren't an issue

 

[ThatsABigOne]

I run antivirus because it is free insurance.

 

[Matt1970]

I have 2 machines that I do not run Anti-Virus software of but one is my recording machine and it never goes on the net. The other only updates my website. My other 2 rigs I would be a fool to not run anything.

 

[Magic Carpet]

Thanks for your input, guys.

Why not?

For the same reason, I prefer to have ports closed and services shut unless I need something. I may run an anti-virus but that is pointless because... should I get seriously infected, I'd rather restore a backup. It's just quicker that way, somebody mentioned above that 0-day viruses can penetrate the majority of av software anyway. You take it as a calculated risk.

It makes far more sense to re-assess how you use your computer instead, rather than watching marketing bullshit how their new suite 100% takes care of your digital worlds. At the end of the day, is the user who makes the biggest difference. In my case, running AV is counterproductive, simple as.

However, if you run a multi-user environment, it's a different story. You generally, want less headache and don't care much about side-effects. Yet still, if you follow general security guidelines, you're relatively safe anyway.

Those of you saying you don't use AV and you don't get viruses... how do you know? You aren't running any AV.

You feel that but it comes with experience. Basically, if you just follow what mechBgon posted earlier, it's good for a start.

It's not obligatory to run AV and / or *nix/mac to be safe.

 

[thewhat]

I don't have an AV installed, if that's what you're asking. But I do recommend it for most people. For me, I rather choose to be careful, even if it takes some extra time and effort.

Those of you saying you don't use AV and you don't get viruses... how do you know? You aren't running any AV.

While I don't have an AV installed, I still actually use several AVs to scan my PC on demand from time to time. In the last ~6 years without an AV installed (mostly on XP, last couple of years on Win 7) I haven't had one piece of malware on my own PCs.
Besides, using a single AV would give me a false sense of security. So far every person whose PC I had to fix for malware had an AV installed.

My estimate is that 99% of malware infections require some obvious user naivety. I'd personally even put stuff like using Java and AutoPlay as naivety, but even if we exclude that, 90% of cases are still people running random .exe files.

So (excluding the obvious stuff) that leaves, let's say, the 1% of cases where the user can't do anything (some serious 0-day vulnerability) and in that case an AV could indeed help, although it's not guaranteed. How likely that scenario is to occur is up to one's own level of paranoia to decide. For now, for me, a desire for a tidy/minimalist system wins.

 

[Chiefcrowe]

Great points here. However, personally I always put a good password on admin accts. just in case there is something that can get around a weak or blank password in an admin acct.

Be aware that FF is missing some security tech these days. Chrome and IE9 both operate at a Low integrity level and feature their own flavors of sandboxing. FF has neither mitigation, which is rather odd since they've always claimed to provide security benefits. But if you like FF, you can use Sandboxie to sandbox it, and it's also possible to force it into Low-integrity operation (although this reportedly must be redone after every update).

If you like to control what sites can run scripts, NoScript works on FF, but IE has had that capability since IE5 back in 1999. They just don't have a catchy name for it Succintly: set the Trusted Sites to Medium-High security and add the desired sites to it, then set the Internet zone to HIGH or just cherry-pick what you don't want to run (Scripts, Java, ActiveX). Done.

Regarding the main topic, if you want a very powerful blanket defense that covers many popular angles of attack, then I suggest Software Restriction Policy if your Windows version supports it (Win7 Pro/Ultimate/Enterprise, Vista Business/Ultimate, WinXP Pro/MCE). Once you understand how it works, it's pretty easy to live with. Not much impact on performance, either.

If you can't use SRP, next best is the poorly-named Parental Controls on Vista or 7: enable program control, whitelist all the existing apps on the system, and then any new stuff will get blocked, including exploit payloads.

With either of these, make sure UAC is enabled and that your user account is a Standard User (create a separate Admin account just for Admin roles). If you're the only user, a password on the Admin account is not really necessary, making management easier.

 

[Lifted]

Nope. Haven't for many years now and haven't gotten any viruses.

Of course, considering how many virus removals i've performed on other people's PCs, i'd like to hope i know better.

Basically all infections these days are user-induced, so if the user aren't installing the wrong things, viruses really aren't an issue

An 0-day browser, java, pdf, etc., exploit could be installed by you visiting any website that has been hacked. Without AV software, there would be no way for you to know your computer has been infected. Even if it isn't detected for a few days, weeks, or months before a definition is released that identifies the infection, that is better than not knowing at all that your passwords or other personal information may have been compromised.

 

[Lifted]

With several free options of AV software available, there is really no reason to not have any unless the computer is isolated from all networks and all removable media.

 

[Rottie]

Windows desktop and netbook with Avria software.
OSX Lion no need for antivirus

 

[gmaster456]

Yeah, I don't really need one but have one anyway. I uses MSE2. Most AV's have gotten so light these days that there isn't really a reason not to have one.

 

[LiuKangBakinPie]

Malwarebytes license was given as a gift to me. Last time I paid for a AV I got hit by Virut and lost most of my data.

But it in the end its like this. When that nasty bit of malware comes pay or free version of a av is not going to help you. It will get past them and everything else.
In the end its all about common sense and responsibility from the one behind the keyboard. Windows user accounts is there to limit the damage malware can do but how many people set up limited accounts?

 

[HeXen]

You could always use Linux for internets. just keep windows for gaming and specific apps only.
Of course i don't need armed guards outside my house either, but another layer of defense certainly wouldnt hurt if i could

 

[Magic Carpet]

From personal perspective:

Depends on your mentality and how you approach things. You can learn so much more from the bad, viruses included. But when you intentionally put yourself behind the iron curtain, you could be missing out on new techniques and ideas. At the end of the day, it is your choice. I understand, that I am a minority here [as the poll suggests] but that's fine with me :awe:

Happy new year everybody and new viruses/trojans/exploits

 

[lxskllr]

From personal perspective:

Depends on your mentality and how you approach things. You can learn so much more from the bad, viruses included. But when you intentionally put yourself behind the iron curtain, you could be missing out on new techniques and ideas. At the end of the day, it is your choice. I understand, that I am a minority here [as the poll suggests] but that's fine with me :awe:

Happy new year everybody and new viruses/trojans/exploits

A decent A/V doesn't use much in the way of resources, so I find it useful to install on Windows. It doesn't replace careful computer use, or common sense, but it could save your ass one day, with minimal effort. It's like System Restore. I've had mixed success using it, but when it works, it doesn't get any easier. Definitely worth the ~20¢ of HD storage it takes for the opportunity to make things easy.

If all A/V cost $30 a year, I doubt I'd use it. It's worth it to me for free, but not for much money.

 

[mechBgon]

Great points here. However, personally I always put a good password on admin accts. just in case there is something that can get around a weak or blank password in an admin acct.

Starting with WinXP RTM, secondary authentication is not allowed with blank passwords, so for the purpose I described, a blank password is actually strong. Make it blank, or else make it strong, but don't stop in the middle with "Passw0rd" or something LOL, that reminds me of when I started my I.T. job. The domain administrator password was... Password

I may run an anti-virus but that is pointless because... should I get seriously infected, I'd rather restore a backup.

A shortcoming of that approach is that if your system does get compromised, the bad guys may do damage that you cannot undo by restoring from backup. MMORPG accounts and their associated virtual stuffs are a common target. Restoring from backup doesn't bring back your gold. And ask a victim of identity theft how much fun it is to try to clean up their credit rating after a compromise.

I'm not proposing A/V as a panacea, because it's not even close, but I can live with something light like MSE. It really isn't a problem.

Tangentially, those reading this far into the thread ought to check out the Microsoft EMET utility if you haven't already. EMET can apply additional mitigation techniques to programs you pick, and to configure some security features on Windows. Brief blurb here: http://www.mechbgon.com/build/security2.html#sehop

Microsoft's most recent Security Intelligence Report did touch on "ok, how is this crap happening?" and here's their finding:

Surprise, user interaction is a biggie. Software Restriction Policy or Parental Controls will handle that if you have untrustworthy users (and in that case, yeah, use a strong Admin password). AutoRun attacks are the next two, and can be arbitrarily prevented using Microsoft's Fix-It. Brute-forcing a password isn't a biggie, but still far bigger than zero-days. Updating Microsoft software is pretty straightforward now, but third-party stuff can be a problem... how many average home users are thinking about updating Java, for example? Over the next decade, hopefully all software makers wake up to the need here.

 

[mmntech]

I've been running Avast Free for years. See no reason to stop. Now that MS provides a free and decent AV program to all Windows users, there's really no excuse not to.

 

[Magic Carpet]

a shortcoming of that approach is that if your system does get compromised, the bad guys may do damage that you cannot undo by restoring from backup. Mmorpg accounts and their associated virtual stuffs are a common target. Restoring from backup doesn't bring back your gold. And ask a victim of identity theft how much fun it is to try to clean up their credit rating after a compromise.

There is no perfect strategy for all situations. Sometimes, an obvious shortcoming can become an advantage and vice-versa.

FACT: Even the most secured multi-layered systems get hacked / infected.

Damage limitation should be planned well ahead, no matter how secured/unsecured your computer is. Installing an AV suite and hoping for the best isn't seeing past your nose.

Off to fireworks now. HNY everybody.

 

[blankslate]

I use AV software and I also run my browsers and my media player receiving a stream from the internet in a sandbox. If I get a pop-up that I didn't expect alt+F4

 

[berryraceroldMatrixLeader]

I use Kaspersky Internet Security and it doesn't slow down my computer!