Why run antivirus software?

[greatfool66]

Is it really necessary to run antivirus software all the time? Or has the industry just convinced people that they have to buy these programs?

If you don't use P2P programs and use a little common sense about what you download and don't open email attachments, I don't really see where the threat is coming from for a sophisticated computer user.

I've never had antivirus software and have had maybe 1 actual virus ever in 10+ years.

Granted antivirus programs theoretically identify new viruses that exploit bugs that aren't patched yet, but all the most damaging viruses I've read about have exploited bugs that there were already patches for.

Is anyone else with me or am I totally wrong?

 

[Fullmetal Chocobo]

I once had to get online to download a driver so that I could install my AV program. With the computer being offline while I installed the OS, I just got online, got the drive, pulled the plug, and installed my AV software.

Within that short of time of being online, there were 3 virii detected on the ssytem.

So yes, I run it all the time.

 

[JimiP]

I don't find it necessary to run one. After using Norton's and McAfee I got tired of all the crapola that goes along with them. If you're reasonably careful at where you go to on the web and you don't open unknown attachments through your e-mail and don't download stuff (like movies/music/games illegally) just to be doing it then you'll be pretty safe.

 

[Fullmetal Chocobo]

Originally posted by: JimiP
I don't find it necessary to run one. After using Norton's and McAfee I got tired of all the crapola that goes along with them. If you're reasonably careful at where you go to on the web and you don't open unknown attachments through your e-mail and don't download stuff (like movies/music/games illegally) just to be doing it then you'll be pretty safe.

I guess it depends upon what you use your computer for as well. I normally have between 1 - 2 terabytes of hard drive space, and I can't imagine leaving that stuff up for something to happen to it. If I didn't have my storage arrays on this machine, I might be less worried about it though.

 

[JimiP]

Considering you have all those files to protect then sure, your best bet is to probably use it if you have no problem dealing with some of the most annoying softwares created. Since I'm a gamer I generally don't use all that much space and I don't use it to store important files so I have no need of an AV software.

 

[mechBgon]

If you don't use P2P programs and use a little common sense about what you download and don't open email attachments, I don't really see where the threat is coming from for a sophisticated computer user.

There are plenty of threat vectors you're not accounting for. Hacked websites, zero-day exploits, non-viral threats, malware that self-executes from burned CDs or USB drives upon insertion... I could be up half the night laying out details, but just to cite a real-world one I encountered the other day: Microstar's site hacked. And Asus's was. And the Dolphins Stadium site was. And once my own employer's site was. For the CD/USB ones, look up the Fujacks family just for starters. For zero-days, check up on the QuickSpace worm and just the whole QuickTime vuln situation in general. Or WinAmp and its exploits. Or Adobe Reader.

Not that I'm saying antivirus is the surefire cure. It isn't. It's mostly a reactive solution that leaves a potential window of vulnerability, for the obvious reason: the time lag between discovery, signature creation, and signature deployment. Heuristics are of some value as long as the new threats are somewhat like old ones... but if they're not, then what? Behavior analysis has some merit too, but again, it isn't necessarily a cure-all.

My recommendation starts by putting everything into a safety cage with a non-Admin user account. Then build on that foundation. If you can use a Software Restriction Policy on your version of Windows, then try that out. Keep ALL your software patched, including the third-party stuff like QuickTime, Adobe Reader, media players, browsers, etc. And the rest of the strategy does include an antivirus program and firewall protection, and certainly common sense too

I've never had antivirus software and have had maybe 1 actual virus ever in 10+ years.

How do you know your system doesn't have a nice modern rootkit-hidden malware on it right now? Rootkits will make your system scan "clean," you know. That's what they do. Best to have a security strategy that is not going to let one in the door in the first place, and an antivirus program is part of that strategy.

Granted antivirus programs theoretically identify new viruses that exploit bugs that aren't patched yet

That is not their primary role. Some of them can do a bit of that stuff.

but all the most damaging viruses I've read about have exploited bugs that there were already patches for.

Keep reading malware descriptions. Start by reading every one published by Symantec, every day, including the technical details section. One thing you'll notice is that most of them don't work on Windows Vista OOOPS did I say that? :evil: ...and that most of them fall flat when they're running in the context of a non-Admin user (see this pic for an example, the red NOs show the various ways a non-Admin account would inherently thwart this malware). You'll also notice lots of Trojans, which rely on the unpatchable vulnerability: the human being.

Anyway, that is my position: use a defense-in-depth approach and don't shun the antivirus software. good free antivirus software to look at. And when I say "good," I mean this good :camera:. Still not good enough alone, but about as good as it's going to get.

 

[mechBgon]

Since I'm a gamer I generally don't use all that much space and I don't use it to store important files so I have no need of an AV software.

Did you know that there's quite a lot of malware that's dedicated to stealing your game CD keys to sell, and/or your MMORPG logins so they can heist your gold and stuff and auction it? I believe there are some that steal your Steam log-in as well. The bad guys are looking to make money, any way they can. Welcome to the world of organized computer crime.

The kicker is this: once it happens one time, it's too late. You can't just run an online scanner once a week and snatch your stuff back from the bad guys. Put that dual-core rig of yours to good use, keep a resident antivirus scanner on it. And definitely supplement that with risk avoidance (keep away from warez, cracks, serials, and porn sites, the usual forms of "bait").

 

[kedlav]

safe than sorry?

 

[JimiP]

I can clearly see that you know your stuff but if I thought that my PC was at risk for any malicious baddies I would be right back to using one of the AV softwares.

I used to play one MMORPG, GuildWars. I understand that whole situation and that can be resolved by people not downloading third-party programs for gold/item/skill farming. As for all the other games I play, (COD2, UT2k4, Painkiller, Q3, for the most part) they don't require an outside source such as STEAM to play them. I stay clear from those as much as possible as I do know of friends accounts being hacked/stolen. As for the servers I play on... I stick to servers that I know. I mainly play LAN so it's safe to say that my game files for the most part are as safe as they can be.

I generally use my system to game and to listen to some music, I can honestly say that my collection of music is actually ripped from my own personal CD's as I don't use any download station to get the things I want as they are simply portals for all sorts of baddies.

 

[Captante]

I find it funny the way threads like this pop up here from time to time ... you'ed think on a tech-forum people would know better, but apparently not!

Reminds me of people who argue that they don't need seatbelts.

 

[Roguestar]

Originally posted by: JimiP
I can clearly see that you know your stuff but if I thought that my PC was at risk for any malicious baddies I would be right back to using one of the AV softwares.

I used to play one MMORPG, GuildWars. I understand that whole situation and that can be resolved by people not downloading third-party programs for gold/item/skill farming. As for all the other games I play, (COD2, UT2k4, Painkiller, Q3, for the most part) they don't require an outside source such as STEAM to play them. I stay clear from those as much as possible as I do know of friends accounts being hacked/stolen. As for the servers I play on... I stick to servers that I know. I mainly play LAN so it's safe to say that my game files for the most part are as safe as they can be.

I generally use my system to game and to listen to some music, I can honestly say that my collection of music is actually ripped from my own personal CD's as I don't use any download station to get the things I want as they are simply portals for all sorts of baddies.

But you use websites, right? Websites that can host zero-day exploits in java, javascript, flash/QT/adobe plugins or just new windows vulnerabilities (anyone remember the windows meta file exploit; load an affected image on screen and it can shut down your PC? Or the .ANI file exploit?), so you can't say that you're safe just because you're a bit careful. Do you use MSN/AOL/IRC? BitTorrent?

Don't forget that if you're playing on LAN it only takes one PC on the LAN to get infected, no matter how secure yours is, to be a threat to you and any shared files.

Originally posted by: Captante
Reminds me of people who argue that they don't need seatbelts.

At least they weed themselves out over time .

 

[Roguestar]

Originally posted by: mechBgon
And when I say "good," I mean this good :camera:. Still not good enough alone, but about as good as it's going to get.

Awesome. I got Kapersky on my motherboard CD and have been using it since. What's that other one, though, "VBA32"?

 

[Fullmetal Chocobo]

Originally posted by: Roguestar

Originally posted by: mechBgon
And when I say "good," I mean this good :camera:. Still not good enough alone, but about as good as it's going to get.

Awesome. I got Kapersky on my motherboard CD and have been using it since. What's that other one, though, "VBA32"?

I can't use Kaspersky unfortunately. They were good about getting me a refund though. And I'm keeping up on the issue to see if they get the bug in Vista fixed.

 

[bob4432]

anti-vir FTW - free, updated nearly daily and nice and small footprint.

 

[lamere]

one word:

WINDOWS

thats why you need a virus scanner, cause its highly flawed code

 

[bigsnyder]

I use AVG Free Virus Scanner. It usually gets passing scores at Virus Bulletin.
You do need to register to review the site, but its free (the subscription is not).

C Snyder

 

[Roguestar]

Originally posted by: lamere
one word:

WINDOWS

thats why you need a virus scanner, cause its highly flawed code

:roll:

It has absolutely nothing to do with the fact that most people use it and therefore most hacking/cracking/malware is going to be targeted against it.

 

[Lemon law]

The downside to using an AV is that it takes some memory and a slice of the the cpu to run. The upside is that it helps keeps you safe. And as someone who bought a used PC preinfested with 4000 pieces of malware, getting the harder stuff cleaned off takes almost forever.

And once you get a real baddie on your computer, it can just start erasing files past any hope of a system repair---which means you must nuke the hard drive and reinstall everything. But from a modern malware writers viewpoint, thats poor survival strategy, because the baddie dies with the system.

The real danger is the baddie that install itself, eludes detection, and then steals your identity. Ask any victim of identity theft, its a try it and and you definitely will not like it. And thats only one of the many many risks.

If you are going to be on the internet, an active AV program always makes sense. And only a foolish risk taker will run without one.

 

[Mem]

Originally posted by: lamere
one word:

WINDOWS

thats why you need a virus scanner, cause its highly flawed code

It's not Windows,its people that cause the problem,bit like blaming the gun when it's the person that pulls the trigger .


Nowadays no reason not to have an AV software installed,there are some good free ones and that extra protection which costs you nothing(like AVS) gives you that extra security and peace of mind,you can get viruses /trojans in so many ways nowdays even by just going to a website,only takes one click.

Remember there are some nasty /bad people out there and they want either to harm your PC or get info from it.

 

[JimiP]

Anti-Virus softwares are nothing but a PITA. If it makes you feel safe then go for it, use it. My system has been running great since day one and I havn't had any anti-virus softwares on it. And as I've said before, I don't keep any valuable personal information on my PC's. So if a hacker were to take a gander at my files there would be nothing of use to him.

"If it ain't broke, don't fix it."

 

[Mogadon]

Originally posted by: Fullmetal Chocobo

Originally posted by: Roguestar

Originally posted by: mechBgon
And when I say "good," I mean this good :camera:. Still not good enough alone, but about as good as it's going to get.

Awesome. I got Kapersky on my motherboard CD and have been using it since. What's that other one, though, "VBA32"?

I can't use Kaspersky unfortunately. They were good about getting me a refund though. And I'm keeping up on the issue to see if they get the bug in Vista fixed.

I believe you're thinking of NOD32. I've used Kaspersky for years now, both in a home and business environment, it's the best out there.

 

[Fullmetal Chocobo]

Originally posted by: Mogadon

Originally posted by: Fullmetal Chocobo

Originally posted by: Roguestar

Originally posted by: mechBgon
And when I say "good," I mean this good :camera:. Still not good enough alone, but about as good as it's going to get.

Awesome. I got Kapersky on my motherboard CD and have been using it since. What's that other one, though, "VBA32"?

I can't use Kaspersky unfortunately. They were good about getting me a refund though. And I'm keeping up on the issue to see if they get the bug in Vista fixed.

I believe you're thinking of NOD32. I've used Kaspersky for years now, both in a home and business environment, it's the best out there.

Huh? Um.. It was Kaspersky that I was using, and while I agree it was great, there is a bug when using Kaspersky in Vista that allows you to copy a maximum number of files before the computer has to be reset. Here's the thread on the Kaspersky forums.

 

[Roguestar]

I think he meant I thought NOD32 when I said VBA32?

 

[GZeus]

I've never had to change a tire on the side of the road, but I still carry a spare. On the other hand, I try not to run over $h!t on the road either.
I just can't see any reason for not using a low-overhead freeware solution like AVG. Where's the harm versus the possible benefit?

 

[mechBgon]

Originally posted by: lamere
one word:

WINDOWS

thats why you need a virus scanner, cause its highly flawed code

There are flaws in software, period. There are also plenty of flaws in humans and I think the latter are often the more dangerous ones at this point. But here's some interesting reading: Vista is more secure than OS X, according to a Mac security researcher. Oooo, them's fightin' words! :shocked:

My system has been running great since day one and I havn't had any anti-virus softwares on it. And as I've said before, I don't keep any valuable personal information on my PC's. So if a hacker were to take a gander at my files there would be nothing of use to him.

If your computer gets compromised, it can do considerable harm to other people, spreading worms, sending Spam covertly, hosting a phishing website, or (if you're into P2P) spreading malware to your peers. It can infect CDs you burn, infect your flash drive so it tries to infect the next PC it gets plugged into... and so forth. Responsibility much?

I use AVG Free Virus Scanner. It usually gets passing scores at Virus Bulletin.
You do need to register to review the site, but its free (the subscription is not).

It's better than nothing. But I'd still recommend the free version of Kaspersky if it works for you, because it updates 24 times a day to keep abreast of new threats better. The detection rate is better too. I think AVG updates daily, which is getting to be a bit risky considering how new threats can come out in batches (the Warezov email worms being an example of this strategy). You DON'T want to be 22 hours behind the curve these days, if you don't have to.