Aces High Bulletin Board
General Forums => The O' Club => Topic started by: DaveBB on September 17, 2017, 09:49:36 AM
-
I have Windows 7 on my gaming computer and Windows 10 on my other computer. What virus scanner and malware detector (preferably free) do you all recommend?
-
Eset Nod32 has been told to have the smallest footprint on games. However, it's not free.
The free ones tend to be more or less intrusive so at least put AH on their exclusions lists. For Win10 the built-in Defender might be enough according to some experts.
If you go the paid route, don't get Norton or McAfee since they're among the worst game stoppers in the market.
-
On Win 7 I ran AVG and Malwarebytes. Both paid and inexpensive. On Win 10 I run the on board Defender and Malwarebytes.
Seems to work fine.
-
Best anti virus, dont go on dodgy sites :)
-
Best anti virus, dont go on dodgy sites :)
^ rubbish.
The bad news is the best virus scanner is not going to be free.
There are currently two types of virus scanners on the market, traditional AV (primarily signature based) - and Next Generation AV (AI/Machine Learning based). Ideally you want a combo of the two.
Signature based is what all your traditional AV uses. And as far as effectiveness goes it's pretty meh these days. I work for a security company (we do not MAKE desktop AV), and as part of our solution we have what you could call NGAV running behind signature AV. In August we detected 26000 new malware strands that got past 62 of the top Antivirus engines (signature based). But at the end of the day you want both.
I would recommend looking at this: https://www.av-comparatives.org/wp-content/uploads/2016/11/avc_mrg_biz_2016_nextgen_en.pdf
Last year I ran a combo of MS AV (which is crap tbh) for signatures and Cylance (free from work). This year I almost brought Webroot, but got some 'sample' licenses for another product (I won't mention names as I not convinced enough to put it on my recommended list).
-
ESET and Malwarebytes for me.
-
ESET and Malwarebytes for me.
I have malwarebytes on a PC, it misses all the new stuff. Same goes for Eset.
Let me quantify this, we run 62 of the major AV clients - and they miss a minimum of 800 malware samples per day.
-
What about that PCMatic thing? That Star Trek spokesman is really convincing!
-
I have malwarebytes on a PC, it misses all the new stuff. Same goes for Eset.
Let me quantify this, we run 62 of the major AV clients - and they miss a minimum of 800 malware samples per day.
I use ESET Smart Security and Malwarebytes also, I use malwarebytes as secondary checking if I think something may have gotten through... along with using good habits in using the internet and precautions , plus personal settings for web Browsers etc..
Vulcan is spot on, that every AV out there will miss most new stuff, simply because there are people out there that makes it their mission to create havoc by introducing new viruses/root kits/trojans, etc..... and until they are found, acknowledged and a fix or definition is written and updated regularly for a person's AV, that a person runs on their own computer, ..... they are open to getting infected.....
most people just jump on the interwebs and don't think twice about what ad link, or picture, or whatever that they are clicking on.... they are nieve and uneducated about the pitfalls that are surrounding them
TC
-
Vulcan is spot on, that every AV out there will miss most new stuff, simply because there are people out there that makes it their mission to create havoc by introducing new viruses/root kits/trojans, etc..... and until they are found, acknowledged and a fix or definition is written and updated regularly for a person's AV, that a person runs on their own computer, ..... they are open to getting infected.....
The new Next Gen AV uses other methods to detect malware and does it very well. My recommendation is Next Gen AV + and old school signature based scanner (like the free MS one) is a good mix/balance. The only challenge is the consumer is limit in choice (most NGAV is not interested in the consumer market).
-
I used Karpersky years ago, at one point was better Norton, this week was banned in US, sends your files straight to mother Russia /KGB. :uhoh
"U.S. moves to ban Kaspersky software in federal agencies amid concerns of Russian espionage"
https://www.washingtonpost.com/world/national-security/us-to-ban-use-of-kaspersky-software-in-federal-agencies-amid-concerns-of-russian-espionage/2017/09/13/36b717d0-989e-11e7-82e4-f1076f6d6152_story.html?utm_term=.97851cfc5c47
-
Let me quantify this, we run 62 of the major AV clients - and they miss a minimum of 800 malware samples per day.
Numbers like that have always puzzled me. Not only your statistics, but also the marketing hype of AV companies: "Last week we stopped umpteen gazillion attacks". To me that sounds like most people myself included have our computers filled with malware missed by the AV clients. However, during these 13 years of business my fingers still can count the number of cases where the ISP has told to get rid of viruses or else they cut the wire. And that number includes a few infected modems.
So my question is, what is the total mass of data of which you find the 800 missed malware samples plus those that are caught (which I suppose is a bigger number)? And how does that correlate to an average home user? Not to mention those who only use the Internet for banking and reading the leading tabloid sites? If I told about such numbers to my customers they'd sell their computers for fear of losing all their savings to Harry the Hacker.
I'm not saying that the threat isn't real. The question is, how potential the risk is if you're cautious and have an up-to-date AV shield against known threats.
-
I run win 7 as well. I have CCleaner and SUPERantispyware. Both are free and both seem to be doing a pretty good job. No issues and this system has been running for almost 4 years now.
Of course as soon as I posted this. the very next site dropped this little bombshell. https://techcrunch.com/2017/09/18/avast-reckons-ccleaner-malware-infected-2-27m-users/ :O
I downloaded the newest version immediately but did not have the version that was hacked according to the article.
-
Maverick, you do know CCleaner is not an anti-malware product, don't you. Just for clarification, I've met people who believe it cleans all crap including viruses.
-
So my question is, what is the total mass of data of which you find the 800 missed malware samples plus those that are caught (which I suppose is a bigger number)? And how does that correlate to an average home user? Not to mention those who only use the Internet for banking and reading the leading tabloid sites? If I told about such numbers to my customers they'd sell their computers for fear of losing all their savings to Harry the Hacker.
Good question. So here is how it works...
The system is a cloud based malware protection platform, it operates on edge devices (firewalls and antispam systems). Files of interest are submitted (executables, documents etc). As a file is received a signature based pre-filter similar to VirusTotal runs over it (that's your 62 scanners). If malware is detected we stop there. Just a note these scanners are there to make the whole system more efficient, not as a way of measuring how good they are.
If the file comes out of that with no hits it is then submitted to 3 sandbox engines (in parallel). At the pre-filter stage we also check to see if we've seen this file before (ie had a sandbox hit earlier in the day). After the sandbox makes a decision we deliver a verdict back to the client. If a hit is found then the malware sample goes into processing to also generate a signature (to allow faster detection at the edge).
So the bit I am saying we see at least 800 new malware strands is when the sandbox engines pick something up. Those are 800 unique samples that just got past your major AV vendors. In August we hit 26000 total. Some AV vendors take days - weeks to get these signatures out, so 800 malware samples a day you are vulnerable might actually be 5 days worth (so 4000 or more you are currently vulnerable too).
End result is we had a signature in place for Wannacry 3 weeks before the big Wannacry hit. We had seen small (maybe test) samples of the malware the month before the big attack.
Things are bleak for the average home user. We're not interested in them, our product is priced a bit out of their range (but within small business) as are many leading security products.
-
"Files of interest are submitted (executables, documents etc)", you say. Do I understand you right in assuming those are files that are downloaded by the end user, either from a download location or via e-mail? If so, doing a risk analysis for a home user is relatively straightforward.
-
"Files of interest are submitted (executables, documents etc)", you say. Do I understand you right in assuming those are files that are downloaded by the end user, either from a download location or via e-mail? If so, doing a risk analysis for a home user is relatively straightforward.
Yes and no it's not.
-
Yes and no it's not.
I love it when people can express themselves with few words. :cheers:
-
Many companies assume they have security and they do not. Simply having software will not get it done. You have to spend the time educating your employees who have access to the outside or to links.
The one person I had trouble with here is now gone. She is now my brother's exwife. He used to brag about how much she knew about computers, she was a software developer at one time. She knew very little about computers, networks, and hardware. She did not know that much about software.
She had the only computer to get infected in this company. It was infected three times with ransomware.
I was able to fairly easily remove the offending files and clean the system each time. In the end her computer had no connection to any other computer in the company.
I can't imagine having a huge company full of idiots like that. Scary!!
-
Talk to any of the IT security experts (I'm one of them), AVOID using paid-for anti-virus products at all costs. They don't work well. Period. In fact, they don't work at all - and now most just track your computer use and then sell the data to marketers. Same goes for any 'tune-up' apps out there. All are garbage really. Cause more issues and most just track your activity.
And most common antivirus platforms just slow down your computers and give hackers another program to use to infiltrate your PC.
The built-in Windows antivirus engines are just as and more powerful than anything you can buy of the web or shelf. Kaspersky included.
Use a browser with anti-ad/anti-popup plugins - that will protect you against 99.9% of the zero-day exploits out there. And be careful when installing freeware software. I mean, look at CCLEANER - good quality free app - and it got compromised.
For my boys - I tell them "NO MODS" for their games. That is where most viruses will come from. Use platform websites that can control your mods you want for your games. And it's why I use STEAM and then let them mod their steam games via that platform. And there are dozens of platform types of websites that help manage modding of your favourite games. :aok
-
Hmmm... I just read about anti-ad plugins and how they could collect even more information about you and your surfing habits than the ads they prevent. So far it's just a possibility, AFAIK, but when you thing about them, they're on all of the time even on sites that don't include third party ads such as banks. Who keeps watch over the watchmen?
-
I have a general approach to most things today. If it is free and it is constantly being updated and there is no sign of how they derive revenue, then they are probably collecting data from you so they can make money from it.
I have noticed the term "spyware" is no longer being used much today. Seems all the rage now with almost every big player in the market doing it.
As far as anti-xxxx goes. I quit using any of it around 2004 and have never had a computer get anything I was not aware of before it happened.
-
Hmmm... I just read about anti-ad plugins and how they could collect even more information about you and your surfing habits than the ads they prevent. So far it's just a possibility, AFAIK, but when you thing about them, they're on all of the time even on sites that don't include third party ads such as banks. Who keeps watch over the watchmen?
Bizman - it would be helpful if you could be specific... are you must be referring to WOT? They got busted last year for collecting browsing info. Otherwise, it could be perceived as a 'grand wet-blanket comment' :)
I use AdBlock - the one where the dude takes donations. You're right that the other ones that call themselves 'adblockers' are not what they claim to be and my be related to your comment.
Best in the internet right now: https://help.getadblock.com/ (https://help.getadblock.com/) - adblock also publishes their source code.
-
I have a general approach to most things today. If it is free and it is constantly being updated and there is no sign of how they derive revenue, then they are probably collecting data from you so they can make money from it.
I have noticed the term "spyware" is no longer being used much today. Seems all the rage now with almost every big player in the market doing it.
As far as anti-xxxx goes. I quit using any of it around 2004 and have never had a computer get anything I was not aware of before it happened.
I agree. Every time I ran into an issue with malicious software - the antivirus software was just stomped on by the virus/malware. Including Kaspersky, MalwareBytes, Bitlocker, Norton, McAfee, and Microsoft. Then I go into a 'lock-down' of the OS, remove the drive, and clean it on an uninfected computer as an attached drive - then re-attach it. There are a plethora of 'post-infection' tools you can use too. All do a pretty good job of fixing your OS. But even with that - I still have residual damage effects of my OS acting a little wonky for a while.
All viruses do damage - and most then infect your system restore points and backups. Best advice - don't install mods/apps openly and make sure the location you install from is legit. There are web tools out there that can validate if a site is notorious or is known as clean. And when visiting websites - avoid the clickbaits. You're opening yourself to zero-day browser exploits as most of these garbage clickbait sites don't monitor the types of ads that appear.
-
I'd like to be more specific, but the article I read wasn't. Or rather it was an editor's comment, a short piece of information in an IT magazine. Most likely the comment was inspired by the WOT case.
Anyway, the point is to stay alert and double check any add-ons and other installs. There's too many fishy partners in the Internet, promising you the princess and half the kingdom. A published source code can be considered as a proof of reliability. Good reviews in several reputable sources being another.
Oh, and I use Adblock, too, and Disconnect. They do a marvelous work for disabling the misleading green "download" buttons on reputable help sites such as bleepingcomputer. As you hinted, the type of ads may not be monitored.
-
The new Next Gen AV uses other methods to detect malware and does it very well. My recommendation is Next Gen AV + and old school signature based scanner (like the free MS one) is a good mix/balance. The only challenge is the consumer is limit in choice (most NGAV is not interested in the consumer market).
Yes your a techy in English please
-
There's too many fishy partners in the Internet, promising you the princess and half the kingdom.
Isn't that the honest truth? :rofl
-
Yes your a techy in English please
Consumer grade antivirus sucks, the stuff he's talking about is too expensive for home use.
Wiley.
-
Many companies assume they have security and they do not. Simply having software will not get it done. You have to spend the time educating your employees who have access to the outside or to links.
No true. I have seen a corrupted image file deliver malware via email, it required no user interaction - it simply needed to hit their email client.
-
Talk to any of the IT security experts (I'm one of them), AVOID using paid-for anti-virus products at all costs. They don't work well. Period. In fact, they don't work at all - and now most just track your computer use and then sell the data to marketers. Same goes for any 'tune-up' apps out there. All are garbage really. Cause more issues and most just track your activity.
And most common antivirus platforms just slow down your computers and give hackers another program to use to infiltrate your PC.
The built-in Windows antivirus engines are just as and more powerful than anything you can buy of the web or shelf. Kaspersky included.
Use a browser with anti-ad/anti-popup plugins - that will protect you against 99.9% of the zero-day exploits out there. And be careful when installing freeware software. I mean, look at CCLEANER - good quality free app - and it got compromised.
For my boys - I tell them "NO MODS" for their games. That is where most viruses will come from. Use platform websites that can control your mods you want for your games. And it's why I use STEAM and then let them mod their steam games via that platform. And there are dozens of platform types of websites that help manage modding of your favourite games. :aok
I'm an IT security expert and I don't agree with you at all. The built in Windows AV is terrible, you talk about avoiding paid products then point out that free stuff like ccleaner got compromised. None of the major AV vendors I know track your data and sell it.
-
Yes your a techy in English please
Historically AV scanners used a signature to identify malware. To have a signature you always had to know about the malware. Which typically mean't some people getting infected first.
So there was a time period where people would be vulnerable to that malware - until their AV got a signature for it. Balancing this was how few truly aggressive damaging malware attacks occured. This was not too bad up until ransomware hit, then a $$$ value was attached to every potential infection.
Now we have a new piece of malware going out every second (may be lots variations on existing stuff). It's practically impossible to protect users from the thousands and thousands of malware samples coming out every day. On top of that we see at least 800 unique malware released every day (ie not variations on existing stuff). This all started going big last year.
So signature based AV has had its day (but is useful for keeping out the old riff raff).
The new AV (NGAV) uses other mechanisms to detect malware (machine learning, AI, reputation based systems) and is very effective. As part of my job I need to test malware detection rates on network gear - while doing this I get to observe how the desktop AV (3rd party) works. Microsofts AV is a dog, I saw it miss stuff for 3-4 weeks. I had one NGAV running (Cylance) and was somewhat gobsmacked and how good it was (especially compared to signature based AV).
-
Consumer grade antivirus sucks, the stuff he's talking about is too expensive for home use.
Wiley.
It will trickle down. I think Webroot and Trend Micro do some NGAV stuff.
-
Agree with Vulcan, I'm in charge of our Cylance instance at work, 2500 endpoints, it really is amazing what it can pick up pre-execution.
-
I have not had malware for years, if you your downloading crap and watching filth on the web it's your own fault if a Nigerian takes £1000 out of your bank account :old:
I look at Walmart everyday for offers on beans and fruit and never had a issue
I rest my case
-
I hear what you're saving Vulcan - we see most malware payloads just stomp on the latest AV products. And I mean, just manhandle the AV product like it wasn't there. And I've seen some do an ok job at managing in pre-execution phase. But most don't do a good job if you're already infected.
Like you, we're finding that cognitive AI monitoring of systems is a far better predictor of system health than any expensive single point solution to prevent malware on your computer. We've stopped our usual habit of finding a single point solution and are looking at a platform approach to the malware problem.
The reactive nature of signature-based antivirus solutions are a waste of money. Any specific home use product you recommend?
-
Currently I'm using Webroot SecureAnywhere AV for Gamers + MS Windows Defender on my Team Red box and so far all is well.
I switched to using Webroot for my box on Vulcan's recommendation in another thread on this type of subject some time ago (approx. 8 mos ago back in 2-17 to be more precise) from Kapersky Internet Security 2016 (found it to be a MAJOR resource hog on computer resources and from Skuzzy's reporting of Kapersky being problematic w\ AH....even though I hadn't noticed any of the issues from my usage of Kapersky w\ AH at the time).
I chose to get the gamer's version of Webroot (Webroot offers several versions of AV for specific usage cases) for my usage scenario and to date this has worked out excellent for me!
Thanks again, Vulcan!
:aok :cheers:
The rest does fall on educating yourself on this stuff to protect as best you can against attacks\infections..........
:salute
-
Home is difficult as all the good stuff is corporate focused.
As above my org change skin a bit, I lost access to cylance so started looking around. Webroot seemed closest. But check it out yourself first (see if they have a free demo).
-
On Win 7 I ran AVG and Malwarebytes. Both paid and inexpensive. On Win 10 I run the on board Defender and Malwarebytes.
Seems to work fine.
AVG is worthless. I have made a lot of money over the years cleaning viruses and malware off people who thought that AVG was protecting them.
-
It will trickle down. I think Webroot and Trend Micro do some NGAV stuff.
I use Webroot SecureAnywhere - actually we use the enterprise product that has a console that allows us to monitor and remediate in real time, but the consumer product is the same engine. Webroot is cloud based so threats are identified and kept updated in real time, and it isn't a resource hog. Been using it on my gaming rig for over 2 years now, and no problems with AH. The malware and phishing protection works well if you allow them to add the plugin to your browser (it will check sites and warn you if anything is dodgy), and it has some nice utilities for cleaning up bloat and looking over the processes on your PC.
We researched and went with Webroot after our last AV product failed to keep some people from getting cryptolockered. Two and half years running with it and nobody has been crypto'ed since we made the switch.
-
I use AVG, in 12 years I have had only 1 time I had to wipe the drive clean and start over. For 50 USD it does everything. Email, Firewall, rootkits, malware, cookies, etc etc. :ahand
-
If you clicked on any of the links in this thread...... :bhead :bhead :bhead
-
I use AVG, in 12 years I have had only 1 time I had to wipe the drive clean and start over. For 50 USD it does everything. Email, Firewall, rootkits, malware, cookies, etc etc. :ahand
That is funny because I've probably made $5,000 USD fixing people who got blasted running AVG. I tend towards Webroot, Trend Micro, then BitDefender as the most useful AV/AM programs at the moment.