sepik

Level 8
Struppiegel,
Yes, thats tryue, and ppl will buy a product they trust. They do no buy GDATA, because of they basically do no care about consumer products. There's no consumer GDATA forums etc...Their focus on their business side, which i dropped instantly, when i knew that The Lady of Kaspersky bought a big share of GDATA.
 

Andy Ful

Level 62
Verified
Trusted
Content Creator
There are some methods to find out that one has an infected computer without installing the AV in the system:
  1. Inspecting the Windows system remotely (AV live CD or other tools from the remote system on the CD or pen drive). So, one can use the computer without AV until the night, then start the system from the AV live CD to perform the scanning and go to bed (can be as costly as paid AV).:)
  2. Inspecting the system via WD Application Control (WD disabled) set to audit. It is possible on any Windows edition.
  3. Using other advanced tools to inspect the system periodically.
But, this would require much maintenance and skills from the user. Furthermore, in point 1 the malware can be found several hours (or a few days) after the infection. For points 2 and 3, the user can easily overestimate his/her skills.

Some users can probably use a highly restricted system or simply use Chromebook. These exotic methods can be effective for some users just like using the AV.
But still, the simplest and recommended method is just using real-time AV protection.
 
Last edited:

Kermit80

Level 1
Struppiegel,
Yes, thats tryue, and ppl will buy a product they trust. They do no buy GDATA, because of they basically do no care about consumer products. There's no consumer GDATA forums etc...Their focus on their business side, which i dropped instantly, when i knew that The Lady of Kaspersky bought a big share of GDATA.
Quite nasty to say to someone devoted to malware research and so helpful to share his knowledge here. If this is the type of people who work in GDATA i'm sure they make a great product.
 

roger_m

Level 30
Verified
Content Creator
I do wonder about people saying they are smart enough to never get infected. How do you know that you never get infected if you don't have an AV to tell you about the infection? Infections are not always noticable. You might go on for years with an infection on a system. If an AV is installed, it will eventually find it, even if it slipped through initially.
In my case, I said that I use antivirus software, but would quite probably not get infected if I didn't use it.

My antivirus never detects any malware on my system. The only things it detects are harmless PUPs which I have intentionally downloaded as well as occasional false positives. It never finds any malware. Of course no antivirus will detect all threats, but multiple second opinion scanners such as EEK, Kasperksy Virus Removal Tool, HitmanPro, etc, also never find any malware.

I don't get infected, not because my antivirus is protecting me, but because I never encounter malware. That's not to say I will never get infected, but it's quite some time since I was last infected.
 

struppigel

Moderator
Verified
Staff member
to my surprise it found something like 10,000 detections (not cookies, not traces, infections). i hit clean, and it took out the operating system, lol.
This sounds like a virus infection and I mean "virus" as in file infector. These are usually very old threats and well-detected. These systems are literally the only reason old viruses like Ramnit, Sality, etc still survive. That computer was obviously too old to have an AV that still supports it.

In my case, I said that I use antivirus software, but would quite probably not get infected if I didn't use it.
Yes, I believe you. I didn't mean you in particular but your post reminded me of people who are far away from being able to check their system manually if they had to and insist they never get infected without AV because they think they can outsmart everything.
Your system might probably never get infected, but you are actually doing the smart thing and still using seat belts just in case.

As long as I am not able to see the Matrix while double-clicking a program, I will consider myself as vulnerable.
When I started working in my job it was one of my greatest fears that I will do a mistake and infect the company's intranet. I still have this possibility in my mind to remind me to be careful.
 

fabiobr

Level 9
Verified
honestly, many people misunderstand modern malware, you shouldn't know you're infected until your bank account empties, your bitcoin vanishes, or your credit card spontaneously buys things online. or from a corporate level ... your competition has your tech. the no AV crowd unwittingly use the gopher defence technique and think they're safe. the hawk only has time to pick off one gopher at a time, so most of the crowd lives on. a friend of mine phoned me because his computer was slowing down. i came over, it was an old beast, a decade old. he didn't have antivirus software on it or even know what an AV was. windows built-in was gone too. i couldn't run anything on it to scan it (it wouldn't let me), finally, i managed to get a portable superantispyware to run (a program that is weak, and i had abandoned may years ago because it never found anything), but it was the only thing i could get to run, lol. anyway ... to my surprise it found something like 10,000 detections (not cookies, not traces, infections). i hit clean, and it took out the operating system, lol. and i always thought this program did nothing! it definately did something this time :) but he never knew he was infected until it was so ridiculous his system became a snail. good thing he had me come over and put a superantispyware bullet in his system's head, lol. thank the Lord for system restore points!!
Yes! Average people think malware says to them "Hey, I'm infecting your PC, ok? Bye bye!", it's not like that.
 

Cortex

Level 22
Verified
As far as I'm ware I've not really had any malware of note on any PC in 25 year or so, however because I've always used the best AV I can & taking some care many threats have been blocked - For me a decent AV is a must, but no solution is perfect which is why frequent backups for me are critical, in my case usually on external drives & not done in the same week, as far as I'm concerned that is part of my AV solution.
 

TairikuOkami

Level 28
Verified
Content Creator
There are some methods to find out that one has an infected computer without installing the AV in the system:
...
But, this would require much maintenance and skills from the user.
I have disabled AV on my friend's computer, per his request, and to my surprise, after a year, he was not infected at all. So Windows 10 is fairly secure.

I am not a geek either, I just know, that malware does not magically infect computers, like some news make it look.
~99% malware gets into the PC via email/browser. Email is easily secured, so protecting the browser is essential.
Unless the user runs exe himself, malware needs some script to run "by itself", so there goes the local protection.
 

Cortex

Level 22
Verified
I have disabled AV on my friend's computer, per his request, and to my surprise, after a year, he was not infected at all. So Windows 10 is fairly secure.
With due respect if your friend can't disable his/her AV there self is he/she the right sort of person to be running protection free? And how would he/she ever know if there was a host of malware living happily on the system(s)?
 

Andy Ful

Level 62
Verified
Trusted
Content Creator
I have disabled AV on my friend's computer, per his request, and to my surprise, after a year, he was not infected at all. So Windows 10 is fairly secure.
Let's think. I have installed the top AV on my friend's computer, per his request, and to my surprise, after a year, he was infected several times. So Windows 10 even with top AV is not secure.:unsure:
Both our conclusions (based on facts) are in contradiction. So, probably both are not correct.

I am not a geek either, I just know, that malware does not magically infect computers, like some news make it look.
~99% malware gets into the PC via email/browser. Email is easily secured, so protecting the browser is essential.
Unless the user runs exe himself, malware needs some script to run "by itself", so there goes the local protection.
There are some people in the world that will never be infected. From the fact that 80% of computer users will be infected without AV, it follows that 20% will be not. The problem is that we cannot know what group of users we belong to.
I think that one of the main infection vectors is social engineering and most people can be easily infected in this way without the AV.:)(y)

Anyway, the AVs are not perfect, they only can make the chances of infection much smaller in a convenient way for most people. It is true that some people can be trained to use a computer without real-time AV protection and can be still pretty much safe on Windows 10. But, this would not be possible for most people (in practice), like it is not possible (in practice) to learn most people walking on the tightrope.
 
Last edited:

Spawn

Administrator
Verified
Staff member
I have disabled AV on my friend's computer, per his request, and to my surprise, after a year, he was not infected at all. So Windows 10 is fairly secure.
Microsoft designed Windows 10 to run with a background AV, but a third party remains optional. It was a solution to problem they and manufacturers created when the trialware expired.

Chrome OS and iOS on the otherhand are built differently and do not need an AV. Neither are immune to viruses or threats.
 

Moonhorse

Level 28
Verified
Content Creator
I guess phishing and scams are most common these days, AV web filter is good to have but adblocking is probably more important

When i read news i really dont see news about malware targetting single people, its always something like some goverment place has been hit by ransomware

But on windows i think its good to have some kind of protection, on android / ios not really . If the CPU/RAM usage is the issue why you dont use any kind of antivirus i would take a look on other bloatware that has been installed on your computer

My RBG lightning on my desktop takes more cpu than Windows defender, maybe WD will pass that when running full scan... but why would you do that when you have real-time protection on already
 

Andy Ful

Level 62
Verified
Trusted
Content Creator
...
When i read news i really dont see news about malware targetting single people, its always something like some goverment place has been hit by ransomware
...
That is normal. As you noticed, the news is not the best source to analyze personal computer infections. Also, there are not good statistics related only to home users.:(
 
Last edited:

MegenM

Level 2
In my opinion, an advanced antivirus is necessary nowadays. Internet aware users who are very careful while browsing the internet or consume only from trustworthy sources can also depend on just the Free Windows Defender. Most of the issues like Phishing, AD injection can be eliminated via experience and awareness alone. Also, to work with a basic antivirus, the way we interact with our Device and it's ecosystem has to be limited. For instance, a PC not on a Local Network.

However, there can be instances where trusted sources are compromised. In such cases again an advanced Antivirus will be of greater help than Windows Defender. The striking feature for me is the additional Firewall which is actively monitored and blocks unauthorized port scans. Ransomware protection is already included in Windows Defender, so that is a worthy safety feature that is already covered.

So, I feel that the discussion should be between Windows Defender, Free 3rd Party, and Premium 3rd Party Antivirus software. Select a lightweight antivirus and then you can be a bit relaxed while browsing unknown sources.
 

show-Zi

Level 25
Verified
In the first place, I think we should reconsider what "AV software" is.
I think it's better to call them user assist software, not security software. Security is based on individual thought, and software is an agent that supports thought. Even if you wear a seat belt, if you drive recklessly, you will cause an accident and feel painful. If you drive carefully, seat belts may become unnecessary. However, the possibility of making mistakes in driving never disappears. An accident or infection will be established if there is a mistake in seconds. I think it is important to prepare for such a situation by taking some measures.
I have never been infected. The web is also centered on patrols like fixed-point observation, and I think the probability of encountering viruses will probably not be high in the future. But it does not guarantee absolute security.
Most car accidents occur on roads where you are used to driving. The most dangerous condition for humans is when they are not alert or nervous.
 

Andy Ful

Level 62
Verified
Trusted
Content Creator
...
So, I feel that the discussion should be between Windows Defender, Free 3rd Party, and Premium 3rd Party Antivirus software.
...
There were many such discussions (like you postulate) on MT over the last 5 years. We also talked a little about flat Earth and that thread was for some users more interesting as talking about round Earth. It is usually interesting when the topic is controversial, especially when people try to prove the truth by using wrong arguments (the last sentence is not related to your post).:)(y)
 
Last edited:

brigantes

Level 1
There are too many mis-conceptions and mis-understandings about IT security for the consumer. For example, 70+ % of consumers still think that their top priority is to protect their local PC because they think the leading cause of infections (and therefore financial loss) are hacking (their network) or malware.

I challenge anyone to provide 5 publicly published reports of individual consumers who incurred permanent financial losses due to a anything beyond a PUP. Now the conditions that do not apply are if the user paid a ransomware demand willingly, willfully kept on paying bogus subscriptions and so on. I am only talking about such hidden, undetectable malware that wipes out a consumer. There is a member here making completely false claims about malware on this thread.

One developer here is all upset about enterprise "grade" attacks. Most of the attacks targeting enterprises are not sophisticated. What distinguishes these campaigns is the surveillance and subsequent targeting.

All security software are merely insurance policies. All of us are susceptible to attacks - and missing them. Even the industry's leading experts. It can happen to anyone. The difference is how people fret and wring their hands over the possibilities of getting infected or incurring a financial loss. Places like Malwaretips have a much higher incidence of paranoids and those that want to fear monger. Whereas the real world statistics do not support that one should be paranoid. Oh, in an ideal world, sure, you want to be safer than sorry. But at the end of the day you make sound protection decisions and then move on. You don't obsess about getting breached. If one spends more than a few hours on worrying about IT safety then one has a problem. More security software and trying different security software is not the answer. The answer is couseling.
 
I challenge anyone to provide 5 publicly published reports of individual consumers who incurred permanent financial losses due to a anything beyond a PUP.
google "my bitcoin disappeared from my wallet". now read the forums. there are literally thousands.

All security software are merely insurance policies
your quote actually undermines your position. if someone drives a 200 dollar rust bucket, then they don't have to lock their door when they park it. such a person will consider auto insurance a scam. heck, they can leave their bloody keys in the ignition and no one will steal it. now if you drive a Ferrari, your car would be gone in 10 minutes. people with skin in the game will have insurance. so if all you do online is watch youtube, you have nothing to steal and will have trouble understanding this conversation.
 
Last edited:

Andy Ful

Level 62
Verified
Trusted
Content Creator
I think that the general picture of home user malware infections can be very different as compared to enterprises. Most articles and news about malware attacks are related to enterprises and the enterprise environment is totally different from the environment of home users. Also, the attack surface is much bigger in enterprises due to not patched systems & software, local network vulnerabilities, server vulnerabilities, device vulnerabilities, etc. Many attacks on enterprises are targetted and based on lateral movement.
Most malwares that were used in the attacks on enterprises can be reused in the widespread attacks. So, sophisticated malware is not related only to enterprises. But, it is probable that most of the new methods can happen first in the attacks on enterprises.
 
Last edited:
Top