Free avast is not good you can uninstall it also antivirus programs are like condoms. If you go trusted websites and don't download the files from suspicious e-mails you'll be fine without antivirus.
Comment has been collapsed.
I think if something is free (in software industry), there is a high possibility of data collecting. Also I'm not saying paid versions don't collect data.
Comment has been collapsed.
Everything collects data to some degree, it's unavoidable. Avast if fine.
Comment has been collapsed.
As someone who works in the security industry, only going to trusted websites is not nearly enough to keep you secure. Just as an example from recent news, Asus is a trusted company. And yet, they unknowingly shipped malware to their users.
At the absolute least, you want to be running an Ad Blocker. Even trusted sites will occasionally end up serving up malware through advertisements. uBlock is the one I use. AdBlock Plus is also a solid choice.
If your concept of trusted websites expands to include anything served up by anything other than organizations with dedicated security teams, insufficient patching of Content Management Systems like WordPress increases your risk of infection. The prevalence of CMS websites makes them valuable to exploit. So anyone who isn't diligently keeping up with their patches on those products leaves themselves rather open to unknowingly serving up malware to you.
So while going to trusted sites is a good suggestion and being extremely cautious anytime you download something is wise, it is by no means enough. In additions to my suggestions here, I personally use my own software, Solidus, to secure my computer. I do offer it free to home-users at http://GetSolid.us (it's a consumer version of a for-profit enterprise security solution I develop). But as my Kevin Bacon number is probably greater than 2 for you, you should classify me under untrusted. So while I go into a little detail on who I am on the website and why I am giving my security service away for free to home-users, the advice I give on the website applies. Installing something from someone you don't know is something I advise against (even when it applies to me). But if people are going to make a decision I'd advise against, I'd rather it be one with positive consequences :).
But the best advice I can give is to do all of your internet browsing inside of a virtual machine that you revert to a snapshot after every session. Almost no malware is designed to break out of VMs. In fact, a significant percentage of malware is specifically designed NOT to run in a VM so that it is harder for security companies to detect them. That keeps your actual OS/data free of infections you would get via internet browsing. Then all you really need to do is just be a little careful about what files you remove from the VM to install on your actual computer. Common sense goes a long way there. The approach is by no means full-proof, but it's as close as most people who aren't security professionals will get.
Comment has been collapsed.
https://en.wikipedia.org/wiki/Virtual_machine_escape
I wouldn't ruin my browsing experience totally just to be 0.01% more safe when common sense has kept me malware free for decades. Sounds to me like carrying chlorine with you to disinfect public toilets to not catch a STD. Corporate environmenst are a totally different thing where there could be government level attackers wanting in on your secrets.
Just like malware makers like to avoid VMs to fool silly security software makes who can't just run them on dedicated PC, they are always testing against the latest versions to guarantee it will go through them before they get patched. So using one you're always one step behind, with common sense you're steps ahead.
Comment has been collapsed.
Like I said "Almost no malware is designed to break out of VMs". It's exceedingly rare, and orders of magnitude more common to find malicious software that won't even execute its payload in a VM to avoid detection in honeypots that use VMs.
How is one's browsing experience ruined by using a VM? You can use the exact same browser you normally use. There is negligible performance detriment with modern hypervisors (and certainly not any type of perceptible performance impact for low resource demand internet browsing). Instead of clicking on Chrome/Firefox/Edge, you click on your virtualization software.
You are correct that malware developers test their malware to ensure they don't get caught by signatured-based AV products the day that malware is released. But AV still has some value in detecting older threats that are not maintained to continue avoiding AV (which is most malware). Enough so that I recommend using one - the one built into Windows being sufficient for home-users.
Common sense goes a long way, but it is nowhere near enough. Perhaps you have indeed been lucky to survive decades without malware. But I use common sense, browse cautiously, have domain-specific knowledge from being in the endpoint security field for over 15 years, and run custom software specifically designed to detect unknown/zero-day persistent infections. And in the past decade, I have still seen those measures occasionally compromised. Seen being the key word. Most people just become unknowingly infected in those instances. For all I know there are still things I missed in that time. And that's just on the endpoint. There isn't enough common sense in the universe to secure most home-users weakest link in their security stack: routers with un-patched vulnerabilities.
It's not about getting perfect security. Just the best security you can get with minimal impact on user-experience. And where bang-for-the-buck in that respect is concerned, I'd say nothing beats browsing in a VM. In my experience, most people think they exercise common sense. It takes me a lot longer to teach people the level of common sense necessary to dramatically decrease their chances of infection than it does to teach them how to boot/snapshot a VM.
Comment has been collapsed.
But the best advice I can give is to do all of your internet browsing inside of a virtual machine that you revert to a snapshot after every session
It's ruined by not remembering anything you did during those sessions. I run VMs for other reasons like having multiple OS, so resource use isn't an issue but wiping everything clean daily is.
Researchers at Kaspersky Lab estimated that around a half a million laptops received the tainted update as an orchestrated attack running from, “June 2018 to November 2018 undetected until now,” according to Miriam Cihodariu of Heimdal Security. With the news of the virus being announced on March 20th, Asus and Kaspersky had already begun working on ways to deal with the virus since Kaspersky alerted Asus to its existence on January 31st, 2019.
Older malware also has the holes it goes through patched without the AV. By the time AV catches up, so do browser etc software makers. Like the Asus thing, it went on for months and wasn't detected until months later by anyone including the security experts. So not running silly OEM crap to slow down your PC was the solution here instead of AV. Would your software have caught it?
Do you check for infected firmware in hardware in your corporate security? That has also been a known attack method for NSA/GRU/MSS level attackers. Just like consumer routers most IoT crap has no security at all so can easily become an attack point.
I don't need to be lucky, every time I have seen people get infected it's been something easily avoidable like pirating crap from TPB or clicking stuff from spam mails. Not even once has it been some 0day exploit or hacked website, no matter how much those are in the news.
Reseting to a snapshot already ruins the browsing experience, running a Linux/BSD VM for browsing without reseting it daily would be a much better secure solution.
Comment has been collapsed.
Don't Chrome and Firefox already offer the ability to sync browsing across multiple devices? I don't use it personally, but that should solve that problem. Plus you can build any of your bookmarks/common browsing into your snapshot(s) if that's a concern. Your Linux/BSD VM idea is something I definitely agree with. I don't recommend it by default because it scares some people off.
Good questions. I think it is crucial to know what security software is and isn't designed to handle. You cannot make good decisions without that knowledge (gave a few security talks on that very topic in fact). My software is designed only to solve the issue of unauthorized persistence on an endpoint. So firmware infections aren't something the product is designed to handle (though it was certainly a factor in the security model at some organizations I have worked with).
None of the computers I monitor with the consumer version had ShadowHammer. Do you happen to have a link to a technical breakdown of what was actually installed on infected computers? I haven't seen one that actually details the payload and can't answer accurately without it. For instance if the malicious payload included some obvious polymorphic naming scheme, I'm confident I would have detected that even if I was half asleep when reviewing data. On the other hand if it delivered an infected version of some common Asus executable, no way I would have caught that. Not enough hours in the day to dedicate to that level of investigation on a free consumer offering.
For enterprises, it would come down to deployment details in that instance. An organization could flag Asus as a trusted installer and allow those to go through without raising any flags if nothing was suspicious about the payload itself. But if it wasn't marked as a trusted installer, unauthorized persistence would be detected even if it was otherwise not suspicious.
Common sense goes a long way. And most often when someone gets infected it involves something that could have been easily avoided. But I have personally seen enough over the years to say with confidence that people who exercise reasonable discretion still get infected. Usability vs Security is always the tradeoff. That's why I recommend the VM approach. Minimal negative impact for a significant improvement in security - regardless of how knowledgeable or cautious you are.
Comment has been collapsed.
Just noticed you attached the VirusTotal image. The most depressing part of that image is that only a single AV product flags anything about the tech. It's a custom security product I haven't submitted to a single vendor to get whitelisted. As I discuss on the website, it actively monitors the Windows registry and file system associated with persistence (the ability for software to execute automatically after a computer has been rebooted). Solidus collects that persistence data and transmits it so it can be reviewed for infections in a manner similar to what occurs in an enterprise security operations center.
Effectively the only thing that differentiates my technology from malicious "spyware" is that people are opting to share that data with me - a distinction that none of those AV products is capable of making. And yet only one AV product finds anything wrong with bits on a computer that gather and transmit that data. Which highlights the weaknesses in AV products and explains why I created the technology I did. Relying on signatures and unaggressive heuristics to identify malware is not nearly enough. That's why I developed a product that detects unauthorized persistence to identify unknown threats and helps to add context that allows security professionals to make a more accurate determination as to whether bits in their environment are malicious or benign. In some organizations I have been in, the presence of a TeamViewer executable on a computer just says the IT staff has been there. In other organizations, those exact same bits indicate a breach.
Comment has been collapsed.
Kind of proves my points, most AV only ever give you false positives about safe software you want to use to make their products appear more efficient. And that they can be easily gone around with some testing, you could be making malware on the side and using a legit product to get the signatures whitelisted.
Comment has been collapsed.
You're preaching to choir if you want to talk about the limitations of AV :). I wouldn't be doing what I did if they didn't have substantial weaknesses in their approach. Even something far more secure (to the point of being user-unfriendly) like application whitelisting is vulnerable to piggy-backing off of legitimate products to distribute malware.
And even as someone who makes his living off the failings of AV, I would be remiss not to mention while it is indeed significantly less important on the endpoint (but still important enough that I recommend having one), you benefit significantly from its existence in other parts of the process. Your endpoint AV doesn't catch much because AV earlier in the chain already caught and filtered it out before it even reached you. It's a bit redundant in that regard, but again not enough so that I recommend running without one.
Comment has been collapsed.
About VM, I agree with Starwhite it's more trouble than it's worth. As I said antivirus programs are like condoms, you should always wear one lol. But if you don't wear any that doesn't mean you'll have STD's for sure.
Comment has been collapsed.
People are free to do as they wish. I'm just speaking from my decade+ of work/study specifically in the endpoint security space.
In the time it takes to install a game, you can install free virtualization software, install your OS/browser of choice, and take a snapshot to revert to whenever you want to go back to a known clean baseline. For that effort, your odds of being infected by anything via browsing drop to almost nothing.
That leaves the security barrier of consciously choosing to transfer something from the VM to the actual OS. The bit of extra work that is necessary to copy something you downloaded from a website with the intent of installing it on your computer is a positive in my book. It forces people to slow down and take an extra second to evaluate whether they are making a good choice installing something on their computer. It doesn't matter how much common sense or domain experience I have. I have still made mistakes over the years. And virtually every time I have done something on the security front I would not recommend, it was a decision I made more quickly than I should have. Confidence plus some latency in the brain is a bad combo, haha.
Comment has been collapsed.
That is simply not true.
Any site or content delivered on that site from various sources can be be compromised.
Condoms work when you fuck somebody. AV software is a breathing mask because invariably there will be polluted areas while you wander through the www even if you can't see it.
Edit: changed description for clarification.
Comment has been collapsed.
I like the breathing mask analogy.
Comment has been collapsed.
I just built a new computer and had to reinstall Windows due to a virus. Where did I get the virus, I got it from a driver for the onboard Bluetooth on my motherboard right from the manufacturer. I know this as I scanned every driver and software through virus total website when I did the reinstall.
So trusted sites are not always good.
Just ask Sony about there music cd’s back in the 90’s - early 2000’s with there malware purposely put on each disc.
Comment has been collapsed.
Yup. I almost mentioned that very instance. The Sony malware was even worse in that it was an actual rootkit. I've run into a few otherwise legitimate applications over the years that install rootkits. Makes me furious pretty much every time.
Comment has been collapsed.
It is not necessary, in built w10 antivirus work fune. Also be cautious on the net, don't clic or visit any site /link that look suspicious and you should be fine.
Avast is not necessary either but whatever float ypur boat
Comment has been collapsed.
It isn't really necessary, you can just use the built in windows defender.
Also for added protection, I have Malwarebytes and also use this to scan files: https://www.virustotal.com/en/
Comment has been collapsed.
I do the same. Windows Defender + MWB (Pro). That's enough to deter most non-serious threats, sort of like putting your wallet in your front, pants pocket. Just don't make it a habit to walk down dark alleys.
Comment has been collapsed.
Doesn't Malwarebytes Pro use active protection? If so doesn't Windows Defenders active protection get disabled automatically since it will recognize Malwarebytes Pro as the primary?
I use Malwarebytes free and I've never tried to use the Pro even in a free trial as I use another trusted AV. Running two active protection programs can cause conflicts and instability in some cases.
Comment has been collapsed.
Yes and yes. Thats exactly what i do, and even if you decide to use the trial dont let malwarebytes run on the background if you have another AV active.
Comment has been collapsed.
and even if you decide to use the trial dont let malwarebytes run on the background if you have another AV active.
That's pretty much what I said in my comment.
Comment has been collapsed.
According to its designers, ...
- MWB is not an AV program. It is an anti-malware program. MWB is designed to find and block what AV programs do not.
- MWB is designed to supplement your AV program, not replace it.
- MWB is designed to operate alongside (i.e. at the same time) as your AV program.
As the people at MWB are constantly recommending everyone use a good AV program in addition to MWBAM, I have been doing exactly that for many years. I have been using Defender alongside MWB since Windows 7 and I cannot recall ever running into problems and/or conflicts between the two. (I have also been virus-free during that time, thank God.)
Comment has been collapsed.
That's great info, thanks! I actually may get Pro now.
Comment has been collapsed.
I forgot to address one aspect of the question(s) you asked. Yes, I use the RTP for both Windows Defender and MWB at the same time. Both appear to work just fine. I get real-time warning messages from one or the other, depending upon the threat, and on very rare occasions, from both (e.g. a multi-faceted attack).
Comment has been collapsed.
Windows 10 has decent built in AV called Defender. With common sense, you should be able to secure your own machine. I think I got rid all those expensive AV Subs for my company and internal network (70+ machines) is fine no issue.
Comment has been collapsed.
Like others have said. Defender on Win 10 actually turned out to be a fairly competent AV suite. If you can't afford the more premium AV solutions, you should definitely stick with defender over the free alternatives.
Comment has been collapsed.
There's actually some good free ones out there. Bitdefender Free is actually great at protecting, it's just lacking in features.. a lot of features lol. It's more of a "set it and forget it" type of program.
Comment has been collapsed.
Defender is a well known cause for lag and crashes in games,so Common Sense Full Suite 2019 still remains the best option. Why download malware when you can just not?
Comment has been collapsed.
Windows 10 won't prevent viruses.
But common sense will. I recommend using it.
Comment has been collapsed.
common sense is the killer app, most people need upgrades though.
Comment has been collapsed.
idk how much better or worse Win10 has gotten, I personally use Malwarebytes Pro on my Win7 works wonders but i'm not sure if it can protect you from Win10...
Comment has been collapsed.
I was very scared of Windows 10, until i got forced to use it with coffee lake, it isn't bad at all, you can use classic shell and winaero tweaker to get some of that old windows 7 feeling back, and i am running malwarebytes just fine on it.
Haven't even come across a (old) game yet on steam that i couldn't run.
Comment has been collapsed.
I don't trust Win10 because there was a day I entered my personal encrypted document typed my password and all fine until I closed it and re open it and It didn't ask for my password again like it should be doing I got freaked out disconnected my Internet cable as fast as I could rebooted and still same. Tried my personal encrypted document on my laptop and my other desktop PC that has Win7 all went normal, ask for my password every time I try to open it like it should be. Most likely I'll will use Linux in the near future if Microsoft doesn't remove or fix that.
Comment has been collapsed.
Windows Defender has improved a lot over the years.
Comment has been collapsed.
Funny, Avast just prevented me from opening that link because it saw it as problem.
Comment has been collapsed.
Personally I only use Windows Defender (or whatever the Windows antivirus is called in Win10) and I also use Malwarebytes. Personally, Avast wasn't the worst, but it definitely caused more issues than it prevented or fixed.
Comment has been collapsed.
Like what? I've had no issues since I atarted using it.
Comment has been collapsed.
Meh, minor inconvenience if it does happen, just add the game folder to the exceptions list. Heck if you install all your games in one place you can just add the whole main folder and forget about it.
Comment has been collapsed.
False positives, which actually deleted an important file once. Also, the popups were annoying for me.
Comment has been collapsed.
How long ago was this? It doesn't really annoy you with constant pop-ups these days, and it doesn't delete files it just quarantines them and you can choose whether to leave them there, delete them or restore them. It only happened to me with game trainers which mess with the code of a single player game so it makes sense for it to think something is wrong.
Comment has been collapsed.
8-12 months ago, I think.
The problem was that it quarantined the file and it automatically deleted it after a certain amount of time.
Comment has been collapsed.
Why didn't you remove it from quarantine and add it to the exceptions list? Did it not tell you it quarantined it?
Comment has been collapsed.
It's possible that it did. Maybe it doesn't show up when you play a game (major oversight), maybe I was afk. Point being that they shouldn't quarantine anything without your explicit permission and they should never delete any quarantined files.
Comment has been collapsed.
I use Avast and Malwarebytes in Windows 7 and I've had no virus issues in years.
Comment has been collapsed.
Avast is fine, though I would recommend the full version over the free one because of the extra services it comes with - firewall, web site filtering, file shredder, password manager and VPN software - I'm pretty sure none of those are included with the free version. My version of Avast also includes a virus sandbox, which is kind of a mini virtual machine you can use to open suspicious files without risk to your computer. Malwarebytes is also great for what it does - I typically run full Avast and free MBAM, along with an ad blocker and a healthy paranoia about any hyperlinks and email attachments.
Comment has been collapsed.
I'd take Windows Defender over Avast any day. Avast was also the subject of a controversy for adding ads to outgoing emails without asking or notifying the user.
Comment has been collapsed.
Antivirus? Sure, maybe.
Malware? No, use Malwarebytes.
Comment has been collapsed.
Windows 10 includes a built in antivirus and malware scanner. That's been sufficient for me, and I would use that over Avast. But the I also know not to click on links in forwarded emails, or download and run programs from un-trusted sources, or click on unexpected links in Steam chat messages.
Comment has been collapsed.
you don't need an antivirus. The built in windows security is good enough.
Comment has been collapsed.
While i dislike Microsoft in general, both net tests and penetration tester i trust claim Windows Defender is "good enough"
What do you base your opinion on?
Comment has been collapsed.
I base my opinion on my own experience. After Installing W10 I have to reactivate my AV subscribe. It took 1 day. In this 1 day I catch 3 viruses (1 trojan and 2 maleware). It was first viruses I got after 5 virus-free years.
Comment has been collapsed.
Lol, what do you do on your computer that you're just catching so many viruses in literally just one day (even worse, the first day after formatting) :D
Comment has been collapsed.
These Are Not the Droids You Are Looking For
Comment has been collapsed.
If you want to be safe from viruses, the only thing that 100% will work - disconnect PC from the Internet, don't use any network at all, don't use flash-drives, USB, disks or other external things/devices, don't connect your PC to any devices at all and don't let anyone else besides you use your PC. But what's the point of such PC then, right?
In any other case, you, basically, are bound to get them sooner or later. So just use whatever you feel like is working and scan your PC every now and then.
Comment has been collapsed.
Yes, antivirus is have-to-use. No, there are no any free antiviruses. All antiviruses are paid.
Comment has been collapsed.
I can recommend you a very efficient and free Antivirus Software called Brain.exe, highly recommended for everyone
Comment has been collapsed.
i always used nod32 and never got a virus.
maybe using windows defender is enough but since this doesn't slow down my pc, i'm ok with it. it doesn't hurt to have too much protection.
Comment has been collapsed.
I am not a security expert, here are my two cents:
Personally I would evaluate the risks before recommending anything. If you use your pc just for gaming/social media/emails there is no need for some advanced security. Web browsers have moved a long way from the past when JavaScript was considered very dangerous. Now you have separated memory blocks for each of your tabs. If you are doing some internet banking I would rather invest into proper password and two-three factor authentication, same goes for other important accounts. I would also invest time into learning what is phishing and how to recognize it. Open files only from trusted sources and be very cautious when software asks you for admin access. Never trust the sender of email unless you have some private encryption or signing between each other.
If you are in the position of having plenty of valuable data and there are chances of specialized targeted attacks on your computer. You should definitely consider some advanced security and plain antivirus (even some pro version) might not be enough.
I find antiviruses useful for people who open plenty of emails with attachments every day from different sources. Attachments like word or autocad documents can have macros inside, which might contain some malware (usually just leaking data). Those are quite easily detected by antivirus.
Final advice from me is if you really want to be secure. Open potentially dangerous files in Virtual Machine which does not contain any sensitive data. When you are done reading that file you can delete VM and create fresh new one.
TL;DR: I am not a security expert but you should ALWAYS consider value of your data.
Comment has been collapsed.
I've worked for many years as an antivirus expert for a company that deals with such things. I've helped literally thousands of people deal with viruses and other types of malware, and literally know more about viruses than most of the scum making them. This isn't a brag, I'm just letting people know my qualifications, and no, I'm not going to discuss or argue with people on this.
First of all, yes you need a decent protection for viruses and other malware.
Windows 10 does provide some protection, but it's mostly against old stuff you won't ever encounter, so it's not something you can trust.
No I won't recommend any particular antivirus program as I haven't kept up on them recently, but know that most of them will provide similar levels of protection within a few percentage points. Those few points really count when you've got a boss screaming at you, but for personal use, it all depends on how much you think it's worth it, the old risk vs resources conundrum.
If you want a computer that is totally 100% protected from malware and won't ever get infected, then you have to turn it off and destroy it. Other than that, there will always be a risk, even if it's a "secure machine without media inputs that's air-gapped (no physical or wireless connection to the network or internet) that only select people can access". You have no idea how often those supposedly secure machines are actually infected.
The rule of thumb is if you can't PROVE it's clean, then you have to assume that it is infected.
Don't forget, the major symptoms of a infection is that there are NO SYMPTOMS!
Remember, these things were made to sneak onto computers and hide themselves. If you actually see an indicator that you are infected without an antivirus telling you that you have an infector, it's because of one of two reasons. Not all viruses and malware are without flaws, and some of them will actually tell you after it's too bloody late to do anything. (Some examples are having encrypted and hidden your partition table, deleted your hard drive contents, infected every executable on you network, etc.)
If that happens, don't panic yet. There are many cases where you can still recover your computer, or at least your critical data, but anything important you have already backed up and have that backup stored in a different location, right?
Rules of Computing
Rule 1: Backup
Rule 2: BACKUP
Rule 3: See Rules One and Two.
Small joke, but accurate. So is this one: When did your data become important to you, before or after you lost it?
Please reference "Rules of Computing".
Now something you need to understand, most of what people call viruses these days are not viruses but rather other types of malware. Actual viruses have become rather uncommon because the other types of malware are so much easier to make, and to be honest, and fortunately for all of us, most of those writers of malware and viruses are incompetent twits that can't code to save their lives. After all, it's pretty easy to tweak something someone else wrote, or to use a construction kit. (Yes, those abominations exist for that.) The very few that know what they are doing are a right bloody pain to deal with.
Now as to all these types of malware, you will eventually get infected no matter what you do. But the thing is to try and keep such incidents as far apart as possible, and to mitigate the damage. Antivirus programs are the main tool for this. (Yes, they handle malware too, so I'll just stick with saying virus or antivirus from now on.) And getting one after you've been infected MIGHT be able to help, but some viruses can only be dealt with if the antivirus was functional before hand. (Especially if it's an encryptor)
Antivirus programs are best at finding known infectors, but they have an ability to try and find new ones that aren't identified yet by using Heuristics. Basically if it looks like a virus, or acts like a virus, I'm going to flag it as a virus. You do get false positives on this, and it's not perfect, but it is the ONLY way to detect unknown viruses. Some marketing weasels like to make claims otherwise, and call their heuristics by some other name, but it's heuristics, and by it's very nature it's not perfect. Anyone claiming otherwise is either ignorant, lying, or worse, a lying shill.
You can get infected from stuff your friend gave you, commercial software, the brand new hard drive straight from the factory, over the network, over the internet, from a rogue ad on a website, from a Tor gateway, etc. Basically anywhere, and all of those I mentioned have happened.
The rogue ads is why I have an ad blocker and will NOT disable it for ANYONE! The sites you trust tend to farm out their ads so they get revenue, and this makes a giant hole in everyones security that sometimes lets infectors get through. Sad but true. I've been dumb enough to do that twice with places with very high trust and security ratings, and got nailed with drive by malware in the ads twice. There will NOT be a third time.
Whatever antivirus you choose to use, you want one with a realtime component, otherwise the only time you are protected is when you run a scan. Free versions often don't have the realtime component. As to multiple antivirus programs, that's possible, but there's some rules to it. Don't have their scans overlap. Exclude each other from the scanning or they'll probably go wild with false positives. And NEVER run more than one of the realtime components! Those realtime components hook into the same low ring access to the operating system and WILL conflict with each other as they fight to be there.
Ok, I know there's a lot there to take in all at once, but it's only a fraction of the first days training for and antivirus tech. But it does work as an ok intro to the risks of modern computing. I know it seems kind of bleak and dismal, but it's from the view of someone that fights viruses all day for a job. WIth luck, even without protection, you might go years without encountering one. Then again, my brother had his machine nuked twice in a week when he turned the antivirus I'd installed off. It's a crap shoot, and the house always wins eventually, but you can have a heck of a long run if luck is with you and you're careful.
So once you've got a decent antivirus, keep it's definitions up to date and have fun doing whatever. It's not as dark and dangerous as it seems from my descriptions, but again, please remember, I'm the computer equivalent of the people working in the ER on a hospital show about the ER.
Comment has been collapsed.
That's a good point with avoiding conflicts with multiple real-time components. More is not always better. But I would add that some products are meant to run in parallel with others even in a real-time capacity. The biggest conflicts arise from using multiple driver-based security technologies. Not every security product does its dirty work with drivers though, and those tend to get along better with other security technologies.
Only other comment I would make is you are using a remarkably broad definition of heuristic (to the extent of being practically meaningless) for your statement that it is the ONLY way to detect unknown threats to be accurate. Something like Sysmon can indiscriminately log modifications to your registry/file system. Give someone with expertise access to that data and a directive to review it carefully, and often they will be able to identify previously undiscovered threats if one reaches the endpoint. I don't think that qualifies as a heuristic (unless we make the term so broad as to be practically meaningless). Similarly application whitelisting products can detect anything that isn't explicitly approved in your environment, effectively allowing it to identify previously undiscovered threats. Again, I wouldn't file that under heuristic.
You are absolutely right there is a ton of snake oil in the industry, but I think you are swinging the pendulum too far in the other direction to say only a heuristic allows you to detect an unknown threat. And if you broaden that statement to include mitigation/remediation of an unknown threat (more valuable than mere detection), I'd say it certainly becomes flat out wrong even with an especially rigid definition of heuristic. For instance, I can remove a significant, well-defined subset of rootkits - even unknown ones - without employing a heuristic approach.
Comment has been collapsed.
In addition to backup backup backup it is important to test that your backups are actually usable, from time to time. If you're unable to restore your backup it's not going to be of much use. For example some encrypted backup software that takes a full disk image might requires that you would have created a boot CD or prepared USB drive which contained your encryption keys and metadata for your specific partition scheme. And if you didn't make that restore disc (or can't find it), the backup itself might be useless.
And if you keep archival backups (like "I'll burn these old family photos and movies to a DVD-R and then delete them from my HDD") be sure to make at least 2 copies ideally on different mediums or at least different brands of disc. And every couple years transfer those files to a fresh disc. I have a lot of old CD-R and DVD+/-R that have started to become unreadable after 5-10-15 years now. I use the same rule for cloud backups, try to use at least 2 different providers (within reason, obviously I'm not trying to pay $200 a month for storage either) just in case one disappears, you lost access to your account, or whatever.
Comment has been collapsed.
For me the Windows security/antivirus is enough. Never had any problems related to virus.
Comment has been collapsed.
So I just upgraded my OS from Windows 7 to 10. Is having an anti virus necessary? Or will Windows 10 help prevent viruses?
I have avast free installed right now.
Comment has been collapsed.