Maybe I should just stop using antivirus software?

MDesigner

Platinum Member
Apr 3, 2001
2,016
0
0
Here's the deal.

A couple years ago I took several antivirus apps and put them to the test, having them scan a bunch of known viruses/trojans/etc. Bitdefender came out on top, recognizing all of them. I went with that. That was back at version 6 or 7, I forget.

Now, I feel like Nostradamus. Bitdefender is getting top ratings in a few magazines, and that one anti-virus review web site (they gave it "gold" rating, the highest). Cool. And it is very good at picking up malware. The thing is, it's starting to invade my system a little too much. One of its DLLs, sockspy.dll, causes Weather Watcher to crash once in a while. Recently, I discovered Sandboxie and Bitdefender don't get along.. if Sandboxie is running and Bitdefender does its auto-update thing, the Windows blue-screens (yes, I'm sure Bitdefender is the culprit).

The fact is, some of these anti-virus app integrate themselves too tightly into the OS, and start causing issues and conflicts. So maybe I should just ditch Bitdefender entirely? If you're tech savvy, and you're smart about where you surf, what you download, and what email attachments you open, I think you could most likely never have to face a virus.. am I right? I mean, my laptop doesn't have any anti-virus software on it, and I've not had a single problem with it. Besides, if I did come across a file I felt was suspect, I could always use any number of online virus scanners that check files for you via an ActiveX control.

What do you think? Are there others who have shunned anti-virus software? How's it working out for you? Can anyone suggest other alternatives, maybe? Maybe a lighter weight anti-virus software that doesn't drop all sorts of DLLs into your system32 dir and place OS hooks everywhere, causing system conflicts? I'm open to suggestions.
 

MrChad

Lifer
Aug 22, 2001
13,507
3
81
Running Windows without an up-to-date anti-virus application is stupid and irresponsible. You not only put yourself at risk, but others as well.
 

Gunslinger08

Lifer
Nov 18, 2001
13,234
2
81
Originally posted by: MrChad
Running Windows without an up-to-date anti-virus application is stupid and irresponsible. You not only put yourself at risk, but others as well.

It's very easy to avoid getting a virus. Don't open files from questionable sources. Ever.
 

MrChad

Lifer
Aug 22, 2001
13,507
3
81
Originally posted by: joshsquall
Originally posted by: MrChad
Running Windows without an up-to-date anti-virus application is stupid and irresponsible. You not only put yourself at risk, but others as well.

It's very easy to avoid getting a virus. Don't open files from questionable sources. Ever.

What if the file comes from a trusted source? What if a worm propagates to your machine without any action on your part?
 

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
If you're tech savvy, and you're smart about where you surf, what you download, and what email attachments you open, I think you could most likely never have to face a virus.. am I right? I
Not necessarily. Normally-safe websites can become compromised, so careful surfing habits are no guarantee. There was a virus-infected FireFox web browser download a while back, there were keylogger-infected iPods discovered on the market, the recent QuickSpace worm showed how your system can be quite secure and still need antivirus protection to stop an exploit. And fully-automatic worms don't involve you at all, so your habits are irrelevant.

If you want to set up some arbitrary protection that would increase your odds of success, set up a Limited account combined with a disallowed-by-default Software Restriction Policy (SRP not available on WinXP Home Edition). Only bust out the Administrator account when absolutely necessary. This is a lot safer than default Windows setup. Also, nevar let any other computers onto "your side" of your router's firewall.

I mean, my laptop doesn't have any anti-virus software on it, and I've not had a single problem with it.
How do you know? If you have a keystroke logger on there, what symptoms are you expecting to see, a big sign saying IM IN UR LAPPIE, LOGGIN UR KEYSTROKEZ? And after-the-fact online scans, or even on-system scans, may not find stuff that's being hidden by a rootkit. I prefer to get the first punch in BEFORE the infection, but I'm just crazy like that :D
 

MDesigner

Platinum Member
Apr 3, 2001
2,016
0
0
Originally posted by: MrChad
Originally posted by: joshsquall
Originally posted by: MrChad
Running Windows without an up-to-date anti-virus application is stupid and irresponsible. You not only put yourself at risk, but others as well.

It's very easy to avoid getting a virus. Don't open files from questionable sources. Ever.

What if the file comes from a trusted source? What if a worm propagates to your machine without any action on your part?

Name a worm that requires no involvement on my part for it to cause problems.

I'm just seriously debating whether anti-virus software is needed for someone like me who knows what the f* he's doing.
 

Pretty Cool

Senior member
Jan 20, 2000
872
0
0
In my opinion, the problem nowadays is not viruses as the AV programs can pretty much detect them all. Instead, people are having spyware issues or getting exploiting with their unpatched systems. Unfortunately, most of the AV programs do not handle these later issues very well. Anyway, if you do not run with an AV resident, just have one on-demand in case you suspect something wrong.
 

Gunslinger08

Lifer
Nov 18, 2001
13,234
2
81
Originally posted by: mechBgon
Action is always required for malware to cause problems.
You seriously believe this?

One well-known example: http://www.theregister.co.uk/2004/11/21/register_adserver_attack/

I could cough up more, but I have to get a shower and head for work.

Name a worm that requires no involvement on my part for it to cause problems.
QuickSpace.

Disable javascript and don't install Quicktime. Also, never, ever use MySpace.
 

Aikouka

Lifer
Nov 27, 2001
30,383
912
126
I have anti-virus installed, but it literally has almost every feature turned off or not installed and auto-checking disabled. I use it when I want to check files downloaded through torrents or whatever as I may not trust them too much.
 

MDesigner

Platinum Member
Apr 3, 2001
2,016
0
0
OK, re. your references:

Bofra/IFrame is a currently unpatched exploit which affects Internet Explorer 6.0 on all Windows platforms bar Windows XP SP2. If you may have visited The Register between 6am and 12.30pm GMT on Saturday, Nov 20 using any Windows platform bar XP SP2 we strongly advise you to check your machine with up to date anti-virus software, to install SP2 if you are running Windows XP, and to strongly consider running an alternative browser, at least until Microsoft deals with the issue.

I don't use IE. This would've done zilch to me.

More than a week ago, MySpace shut down hundreds of user profiles that had been infected by a worm that took victims to a phishing site. The worm, dubbed "Quickspace," exploited a bug in QuickTime JavaScript support.

Further:

The worm, dubbed JS/Quickspace.A by antivirus firm F-Secure and JS.QSpace by security firm Symantec, uses an cross-site scripting flaw in MySpace to execute a Javascript program embedded in a blank QuickTime movie file. The worm redirects the user to a phishing page made to look like MySpace's login page.

Oh please. First off, I have to question whether Firefox browsers were subject to this. Also... phishing?? Gee, how hard are those to spot??
 

MDesigner

Platinum Member
Apr 3, 2001
2,016
0
0
Originally posted by: joshsquall
Originally posted by: mechBgon
Action is always required for malware to cause problems.
You seriously believe this?

One well-known example: http://www.theregister.co.uk/2004/11/21/register_adserver_attack/

I could cough up more, but I have to get a shower and head for work.

Name a worm that requires no involvement on my part for it to cause problems.
QuickSpace.

Disable javascript and don't install Quicktime. Also, never, ever use MySpace.

Disabling javascript would render many, many web sites unusable. Quicktime I can uninstall, as VLC can play .mov files. Myspace, well.. I kinda rely on that to keep in touch with friends. But at least I'm not using IE.
 

mechBgon

Super Moderator<br>Elite Member
Oct 31, 1999
30,699
1
0
Originally posted by: MDesigner
OK, re. your references:

Bofra/IFrame is a currently unpatched exploit which affects Internet Explorer 6.0 on all Windows platforms bar Windows XP SP2. If you may have visited The Register between 6am and 12.30pm GMT on Saturday, Nov 20 using any Windows platform bar XP SP2 we strongly advise you to check your machine with up to date anti-virus software, to install SP2 if you are running Windows XP, and to strongly consider running an alternative browser, at least until Microsoft deals with the issue.

I don't use IE. This would've done zilch to me.

More than a week ago, MySpace shut down hundreds of user profiles that had been infected by a worm that took victims to a phishing site. The worm, dubbed "Quickspace," exploited a bug in QuickTime JavaScript support.

Further:

The worm, dubbed JS/Quickspace.A by antivirus firm F-Secure and JS.QSpace by security firm Symantec, uses an cross-site scripting flaw in MySpace to execute a Javascript program embedded in a blank QuickTime movie file. The worm redirects the user to a phishing page made to look like MySpace's login page.

Oh please. First off, I have to question whether Firefox browsers were subject to this. Also... phishing?? Gee, how hard are those to spot??
QuickSpace does affect FireFox users, yep, and the exploited feature is only one of two Quicktime "features" that would be easy to exploit, as F-Secure notes. The other one even works on Macs.

The QuickSpace work would've infected your profile, and the profile of any friends who visited your profile with a QuickTime-equipped PC. And then their friends. Automagically. And joshsquall is showing a case of 20/20 hindsight... yes, I know how to prevent QuickSpace too, but what about the next such xeno-worm? Orkut.A surfaced a couple days ago. XSS FTW.

Your objection to Bofra is that it doesn't affect your browser, but the point remains: normally-safe websites can be compromised. And that's just one sample from a very big Internet. My former employer's own website began trying to feed infections to our own PCs after the Interland web-hosting server got hacked. See my point? And then there's DNS poisoning... well, I have to get to work now, so good luck with whatever you decide to do.

Hopefully you can let go of the "I am teh invincable" attitude and start looking at this as "what is the increase in risk if I remove this particular layer of my defense? How can I add other defenses in its place?"

 

MDesigner

Platinum Member
Apr 3, 2001
2,016
0
0
Hmm.. point taken.

I just hate the fact that Bitdefender decides to clash with other software.. though it's not a huge issue, and the benefits outweigh the potential risks. I guess I'll leave Bitdefender installed.
 

networkman

Lifer
Apr 23, 2000
10,436
1
0
I just finished cleaning a neighbors PC last night of 22 different malware products - and, yes, she uses Firefox exclusively.
 

Lemon law

Lifer
Nov 6, 2005
20,984
3
0
For what its worth, there is another current thread on the spywarewarrior forum with exactly the same title. But here we are talking somewhat a forum peopled with very knowlegable security experts---and the general conclusion seems to be that if you are very expert, and have many other layers of defenses enabled that constantly monitor your computer for any changes, you just might be able to get away with not running an active anti-virus program---but in MHO, the bottom line is---most of us are not super expert and its JUST PLAIN STUPID not to run an active AV---and for what its worth---right now, Kaspersky seems to be the highest rated AV from what I can see.

The other way to look at it is to look at it is as a risk reward problem. The risk is catching a virus that an active AV would have prevented---and once a virus or trojan gets on your system---they can do much damage and can be black holes in time to remove. And sometimes the best way to remove is to nuke the whole system and start over---so the risks are very real. But no defense is idiot proof---and in the malware wars some very clever people are working overtime to infect our computers for fun and profit--and they are always a half step ahead of any defenses.

But where is the reward?---maybe a few extra seconds in boot time?---some disk space used--some processor time used---all very minimal in most non-bloatware AV programs. But one risk seldom mentioned but touched upon by this thread are AV programs that use too much hueristics---and then get a false positive and start removing legitimate program files. And I would do more research on bit defender to see how experts rate it--and consider trying something else with less hueristic's.

I somewhat keep up with security issues---and employ a multi-layered security strategy--and it must be working because neither my wife or I have had any real problems for years---and call me a chicken if you like--- I run an active AV at all times.
 

Cerpin Taxt

Lifer
Feb 23, 2005
11,940
542
126
Originally posted by: mechBgon
I mean, my laptop doesn't have any anti-virus software on it, and I've not had a single problem with it.
How do you know? If you have a keystroke logger on there, what symptoms are you expecting to see, a big sign saying IM IN UR LAPPIE, LOGGIN UR KEYSTROKEZ?
Ok, I laughed until I damn-near cried at that one. :thumbsup::thumbsup::thumbsup:

/still chuckling
//thank god I work from home

 

nweaver

Diamond Member
Jan 21, 2001
6,813
1
0
Originally posted by: Garth
Originally posted by: mechBgon
I mean, my laptop doesn't have any anti-virus software on it, and I've not had a single problem with it.
How do you know? If you have a keystroke logger on there, what symptoms are you expecting to see, a big sign saying IM IN UR LAPPIE, LOGGIN UR KEYSTROKEZ?
Ok, I laughed until I damn-near cried at that one. :thumbsup::thumbsup::thumbsup:

/still chuckling
//thank god I work from home

made me laugh too...

I can promise that my computer will never get hacked/malware without AV/Firwall/etc...

it's called turning it off, and it's the only way to know for sure that it's safe...
 

Mem

Lifer
Apr 23, 2000
21,476
13
81
MDesigner what version of Bitdefender you using? I have no problems with version 10


You could try Forecastfox weather program with BitDefender and Firefox ,this is what I use and I've yet to have any crashes with Bitdefender.

 

BadThad

Lifer
Feb 22, 2000
12,099
47
91
On my primary gaming rig I have AV installed, but not running in the background. I've been that way for years on several systems without a single virus or malware issue. As long as you're an intelligent, PC savy user, you periodically check your machine, keep all XP patches up to date, have a great program like Spyware Blaster installed/updated, only run minimal XP services and use firewalls, you shouldn't have a problem.

I find AV software too intrusive and resource hogging.....not to mention, it's NOT 100% effective anyway. Personally, I consider it mainly for novice/intermediate skill PC users. The only reason it's even installed on my gamer is to scan the occasional file, even from trusted sources like nVidia, before I execute them. Now, I'm the only user of my gaming PC, if ANYBODY else were using my PC, I'd let the protection run in the bkground. It's certainly installed/running on my wifes and kids PC's, lol.
 

clickynext

Platinum Member
Dec 24, 2004
2,583
0
0
If you have sensitive/important data on your computer, then I'd say antivirus is still a must. But if you don't and it's just a regular use computer for you, then it's kinda optional. If you're careful about what you open, then you won't get burned often. Depends on whether you mind running the risk of having to either spend a lot of time cleaning a virus out or reformatting your computer unexpectedly, if you do get a virus.
 

MDesigner

Platinum Member
Apr 3, 2001
2,016
0
0
OK, I ditched Bitdefender. Problems? Oh, how about the damn thing updating every 15 mins. Or when Sandboxie is running, and Bitdefender updates.. you get a BSOD. Any time I get a blue screen.. it's almost always because of Bitdefender. So it's out. I'm now running NOD32.