Kitz Forum

Computer Software => Security => Topic started by: Bowdon on July 08, 2020, 12:49:11 PM

Title: What AV do people use?
Post by: Bowdon on July 08, 2020, 12:49:11 PM
I'm wondering what other people use or recommend?

I currently use Avast (and I use the free Malwarebytes program to find malware).

It is only once in a blue moon that Avast as actually stopped something.

So I'm wondering if its worth using Avast and instead just letting Windows Defender do the job?
Title: Re: What AV do people use?
Post by: Jasonkruys on July 08, 2020, 01:02:10 PM
I used Nod32 from Eset and have found it to be the best balance between minimal impact and effectiveness. Of course, you don't know what you don't know, so it is difficult to judge! I get a few detections per month, mainly websites or ads on websites or dodgy scripts.

Sent from my SM-G975F using Tapatalk

Title: Re: What AV do people use?
Post by: tubaman on July 08, 2020, 05:05:03 PM
I've been using Kaspersky for many years and always been happy with it. I know it gone out of favour now because of the Russia connection, but I'm still fine with it.
 :)
Title: Re: What AV do people use?
Post by: broadstairs on July 08, 2020, 05:13:39 PM
I use Avira on my Windows 7 PC but dont use anything on my Linux PCs

Stuart
Title: Re: What AV do people use?
Post by: licquorice on July 08, 2020, 05:49:44 PM
I've been using Kaspersky for many years and always been happy with it. I know it gone out of favour now because of the Russia connection, but I'm still fine with it.
 :)

Likewise, I started using it when Barclays Bank provided a free subscription with their online banking and continued with the paid for version when they got cold feet with the Russia connection. I also use the paid for version of Malwarebytes.
Title: Re: What AV do people use?
Post by: displaced on July 09, 2020, 12:27:51 AM
I just use Win 10’s built-in Defender/Advanced Threat Protection/Ransomware protection.  Seems to have done a good enough job for the past few years.

Likewise, I use macOS’s built-in Xprotect.

Third-Party AV seems to be a vestige from the days before OS vendors saw protecting their product as part of their responsibility.
Title: Re: What AV do people use?
Post by: Weaver on July 09, 2020, 03:32:37 AM
I have never ever used anything on my Windows boxes. Since Vista, I have left Windows Defender in there as it doesn’t seem to harm performance noticeably. I have gone to great lengths to harden WinNt-family o/s in the past with painstaking steps taken to establish a secure configuration. The result of these radical config changes has been that if malware is copied into the system (meaning any code at all that is not authorised by me, rather than code that is successfully recognised according to some AV’s opinion on whether the code ought to be allowed or not) and an attempt is made to start it, then it will always simply fail to run.
Title: Re: What AV do people use?
Post by: 4candles on July 10, 2020, 02:27:54 PM
I agree with Leo - https://askleo.com/what_security_software_do_you_recommend/
that nothing further than Defender is required running in real time - with something like Malwarebytes Free on hand to run if anything looks iffy or a second opinion required.
Title: Re: What AV do people use?
Post by: Alex Atkin UK on July 10, 2020, 08:55:54 PM
I just use Win 10’s built-in Defender/Advanced Threat Protection/Ransomware protection.  Seems to have done a good enough job for the past few years.

Third-Party AV seems to be a vestige from the days before OS vendors saw protecting their product as part of their responsibility.

Same here, but then I spend most time in Linux where I just have the NAS scan any files on there monthly.
Title: Re: What AV do people use?
Post by: kitz on July 11, 2020, 11:45:55 AM
Defender
+ MalwareBytes and Spybot S&D
Title: Re: What AV do people use?
Post by: niemand on July 30, 2020, 11:05:08 AM
Windows Defender alongside its various options is all that runs on my Windows stuff.

The age of traditional antivirus being able to keep up is long gone. All about behavioural analysis as a first course now, with signatures as and when they are available which can be a month or more behind.

Malware has a few behaviour patterns that are somewhat unusual and may be noted by software looking for them.

For more on this I recommend Mastering Malware Analysis published by Packt.
Title: Re: What AV do people use?
Post by: psychopomp1 on August 18, 2020, 04:08:04 PM
Been using NOD32 for 20+ years and its never let me down.

Tried Malwarebytes Premium last year but wasn't too impressed...damn thing was killing my laptop battery very quickly d/t RAM usage on my IBM Thinkpad.

Also used to be a huge fan of Outpost firewall but that software was discontinued a few years back.
Title: Re: What AV do people use?
Post by: Floydoid on September 26, 2020, 05:58:22 AM
I use Comodo Internet Security Premium (the free version) which has served me well for years, with Spywareblaster in the background, and Malwarebytes for emergencies.
Title: Re: What AV do people use?
Post by: Chrysalis on September 28, 2020, 12:11:53 AM
I have been reducing my 3rd party security software as time goes on, for a few reasons.

1 - The security industry are starting to get silly with pricing, the products that will still be genuinely an improvement over windows defender charge silly pricing for consumers.
2 - The issues with various of these software's especially the ones that are always on hooking into programs, have over time caused me compatibility issues, like unexplained memory leaks or crashes.

I still have nod32 but it wont be on my machine once windows 10 is on there in a couple of weeks, nod32 has always been my go to for the reason already stated in this thread, its one of the few a/v that has a very low overhead and you dont really notice it.

Now days its basically my own hardening configuration, combined with utilising built in memory exploit protections, that is one of the good things about windows 10, it has been significantly hardened.  Remember EMET? that's now part of windows defender.
Title: Re: What AV do people use?
Post by: Alex Atkin UK on September 28, 2020, 04:41:00 AM
Now days its basically my own hardening configuration, combined with utilising built in memory exploit protections, that is one of the good things about windows 10, it has been significantly hardened.  Remember EMET? that's now part of windows defender.

As I understand it, the 2004 update locked-down how drivers are able to access memory, closing a long-standing security issue that Microsoft were afraid to fix as they knew it would cause exactly the problems that update caused.  But going forward, it closes a TON of security holes in memory allocation.
Title: Re: What AV do people use?
Post by: niemand on September 28, 2020, 10:03:38 AM
Will see if I can find a digital copy of some information on this. There's documentation in hard copy in a couple of the books on my desk.
Title: Re: What AV do people use?
Post by: Weaver on September 28, 2020, 10:10:21 PM
I would have thought that device drivers can do absolutely anything, including any kind of evil ?

So if you are unfortunate enough to download an evil one, then it’s game over.

That’s why I would never log on to my own systems as administrator, and would would only download programs from reputable sources; anything new that needed to be evaluated would be downloaded into a test machine, which would usually be a virtual machine, for convenience, always thrown away afterwards, rather than a spare test system.
Title: Re: What AV do people use?
Post by: Floydoid on September 29, 2020, 09:11:40 AM
Yep if you really need to update drivers then go directly to the manufacturer's website - never trust them from elsewhere. I have never trusted applications such as driver scanners which supposedly tell you what needs updating. Generally speaking if everything is working OK then there's no need to worry.

Similarly codecs - on all my previous PC's I've always installed the K-Lite Megacodec pack. The current one, my first M/C running Windows 10 works perfectly well without a 3rd party codec pack that I simply haven't bothered.  Codecs for all common audio and video file types come pre-installed with Windows nowadays... on the rare occasion you find a really obscure media format that won't play, then you can do a web search for that specific coded and install it.
Title: Re: What AV do people use?
Post by: Alex Atkin UK on September 29, 2020, 11:00:17 AM
I would have thought that device drivers can do absolutely anything, including any kind of evil ?

I believe they've been trying move it towards a more abstracted system where the kernel sees what memory addresses the hardware is allocated and strictly limits where the driver can access based on what kind of device it is, allowing you to move the bulk of the driver to user mode where it can't do anything the kernel doesn't explicitly allow it to do.  This initially was focused particularly on GPUs so that they do not take the whole system down if the driver crashes and can simply re-initialise, but its my understanding they are trying to do this across the board.  (of course I may be completely misunderstanding something here)

Its definitely notable as I've had GPU crashes on Linux recently and while it doesn't crash the OS, the display never recovered and I couldn't safely shut down as it would wait indefinitely for the GPU driver to close, which it never did.  Windows in comparison that seems much more rare since the changes they've made.
Title: Re: What AV do people use?
Post by: Weaver on September 29, 2020, 02:48:23 PM
I never had a BSOD crash or any kind of badness ever in Windows NT family o/s in 12 years of running lots of PCs, my own plus customers’ boxes all Dell and Lenovo. I only used Microsoft-supplied drivers.
Title: Re: What AV do people use?
Post by: Alex Atkin UK on September 29, 2020, 09:22:56 PM
I never had a BSOD crash or any kind of badness ever in Windows NT family o/s in 12 years of running lots of PCs, my own plus customers’ boxes all Dell and Lenovo. I only used Microsoft-supplied drivers.

I've always been a PC gamer so that's never been an option.

That said, mums PC has gone into meltdown and THAT is Microsoft only drivers.  None of the Win10 apps work (including the start menu) any more.
Title: Re: What AV do people use?
Post by: Weaver on September 29, 2020, 10:03:54 PM
If I were a gamer and had to use drivers of dubious reliability then I would play games on one box and do my important work on another. Software that doesn’t place nice, for example essential apps that won’t work unless you are an admin, and which can’t be hacked and modified suitably, are run inside a VM. That would not be fast enough for games, I can’t imagine.

Sounds like mum’s machine needs a clean install with straight Microsoft (non-OEM) Win 10. I would usually put a new superb disk into a machine, install O/S onto that and then copy important user data selectively over from the old disk (no executables of course!). And then you still have the old disk has as a backup long-term, in case anything gets SNAFUed right then or later.
Title: Re: What AV do people use?
Post by: Alex Atkin UK on September 30, 2020, 07:10:38 AM
Gaming actually can work in a VM but in order to keep latency low enough you have to dedicate CPU cores to the VM only which means you're losing resources in your main OS all the time, even when the VM isn't in use.  Plus its never quite as optimal as native which is a waste.  But I do all my main stuff in Linux and only gaming in Windows, dual-boot is good enough most of the time and once I can get a new GPU I will have a backup PC for when I don't want to boot out of Linux.  I mean to be fair, I have a gaming laptop already but its so darn loud is not always ideal and I've been playing with AI upscaling photos and video, so I need more GPU power to speed that up.

As for mums PC, yeah I do think Windows Update has broken something pretty bad but she wont give it up long enough for me to do anything about it.  I'd just replace the whole machine but its an All-in-one, she has no space for anything bigger, shes used to using the touch screen when her arthritis is playing up and can't handle a bigger screen.  There is basically nothing that ticks all those boxes on the market today as the trend has moved to bigger screens and touchscreen models are a huge premium.
Title: Re: What AV do people use?
Post by: displaced on September 30, 2020, 09:16:14 AM
I think that as soon as Hyper-V is enabled - it’s a bare-metal hypervisor, so even the ‘host’ Windows 10 OS is just another guest.

The total performance hit is only a handful of frames-per-second on even the most demanding game.

So yes, gaming’s fine under a VM!
Title: Re: What AV do people use?
Post by: speedyrite on September 30, 2020, 10:33:03 AM
On MacOS, ClamXAV and Malwarebytes.

What are drivers?!  :D
Title: Re: What AV do people use?
Post by: parkdale on September 30, 2020, 11:02:37 AM
Download Windows 10 iso, mount/run and do a in-place upgrade ? mostly will fix things :fingers: if you can prize it off her :)
Title: Re: What AV do people use?
Post by: Weaver on September 30, 2020, 11:06:50 AM
Would mum get on well with an iPad?
Title: Re: What AV do people use?
Post by: Floydoid on September 30, 2020, 02:29:39 PM
What are drivers?!  :D

Drivers are the bits of software that bits of hardware (such as sound or graphics cards) need so they can communicate with the other software and hardware components of a PC, i.e. they make the hardware usable.
Title: Re: What AV do people use?
Post by: psychopomp1 on September 30, 2020, 03:23:36 PM
1 - The security industry are starting to get silly with pricing, the products that will still be genuinely an improvement over windows defender charge silly pricing for consumers.
I agree, you can end up paying obscene prices with the high end AV software such as NOD32, Kaspersky, Symantec Endpoint etc. However the trick is NOT to buy the software directly from the vendor but instead use a reputable seller such as Amazon (direct). Though I've given up buying licences on the Bay of Fleas as often the licence key is blocked x months later so stick with Amazon where i know there's 0% chance of the key ever getting blocked.

2 - The issues with various of these software's especially the ones that are always on hooking into programs, have over time caused me compatibility issues, like unexplained memory leaks or crashes.
Personally NOD32 has never given me any issues with other software. You should hardly ever get bothered by your AV software unless its detected a genuine virus/malware, ie it should just run quietly in the background.
Title: Re: What AV do people use?
Post by: Alex Atkin UK on September 30, 2020, 09:20:01 PM
Download Windows 10 iso, mount/run and do a in-place upgrade ? mostly will fix things :fingers: if you can prize it off her :)

That was definitely something I was considering, even if a clean install is a better idea there is obviously then the complexity of remembering what was installed.

Would mum get on well with an iPad?

Sadly not, she does a ton of copy/paste operations, cropping images, etc and I know from personal experience that mobile devices are a PITA for that sort of thing.  I will never understand how people can survive using mobiles/tablets only as on PC everything is so much easier (obviously assuming you don't have a disability that makes using a PC more problematic).

There's also the security aspect where its easier to see if links are going where they claim to be by simply hovering over them, vs mobile devices where I'm not aware of an easy way to do so.
Title: Re: What AV do people use?
Post by: Weaver on October 01, 2020, 01:32:33 PM
I hear you : it’s all very much the case that what is right for you is right for you. FYI: cut/copy/paste on an iPad is doable just the same as in Windows, and there are excellent apps for cropping images both built-in and in the app store. My wife is a long time Windows user who switched to iPad and iPhone.