Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?

CryoKeen writes: I got a new laptop recently after trading in my old laptop for store credit. While I was waiting to check out, the sales guy just handed me some random antivirus software (Trend Micro) that was included with the purchase. I don't think he or I realized at the time that the CD/DVD he gave me would not work because my new laptop does not have a CD/DVD player.

Anyway, it got me wondering whether I should use it or not. Would I be better off downloading something like Avast or Malwarebytes? Is there one piece of antivirus software that's significantly better than the others? Are any of the paid options worthwhile, or should I just stick to the free versions? What security software would you recommend in addition to anti-virus?

In after somebody says don't run Windows.

Because I'm assuming that will be an answer.

You can fill in any particular OS as an alternative.

Re: In after somebody says don't run Windows.

Wipe the disk and run linux

Re:In after somebody says don't run Windows.

[cbiltcliffe]

That would be "in before somebody says 'don't run Windows'".

Having said that, I've run Windows (among other things) for years, and haven't run anti-virus in over a decade for two reasons:
- it's more trouble than it's worth when you know what you're doing,
- it's hard to do any kind of virus research at all when you've got antivirus trying to delete every infected file you're examining.

In the time I've not run a/v, I've never had an infection. (I never had an infection before that, either, but that's beside the point.)
I use Comodo Endpoint Security on the kids' computer, and the HTPC, but my main Windows desktop hasn't had it for years, and won't have it for the foreseeable future, either.

All my Linux machines, of course, don't run anything, except for my mail server, which has ClamAV on it, just to scan attachments.

Re:In after somebody says don't run Windows.

"it's hard to do any kind of virus research at all when you've got antivirus trying to delete every infected file you're examining."

You do virus research on your work computer? I don't get /.

It's like -- professionals from the field saying any of the dumbest most nonsensical and non-sequitor garbage that pops into their heads. Where is the insight?

Re: In after somebody says don't run Windows.

I agree. That's exactly what virtual machines excel at.

Re: In after somebody says don't run Windows.

Any active AV software worth 5 seconds of attention watches the resident virtual memory ranges of all processes on the computer, they pick up virus signatures in both local processes and things running inside VMs unless you're running some kind of cheap AV software from the 90s that simply scans your non-volatile memory systems.

Re:In after somebody says don't run Windows.

tl;dr "I've kept my eyes closed for over a decade and haven't seen anything bad happen."

How do you know you've never had a virus?

Re:In after somebody says don't run Windows.

[Guy+From+V]

This is the best answer. I haven't used A/V software in a long time, and an A/V program running without good supervision does more harm than good. Any malware bad enough to worry about will be from an unknown vector as would an active network intrusion. Those things are more straightforward to defend against rather than weirdo, resource-heavy a/v background executables..

Re: In after somebody says don't run Windows.

I assumed they'd get the jump on me, what with me running Norton.

Re:In after somebody says don't run Windows.

All my Linux machines, of course, don't run anything

I thought this wasn't really a problem anymore.

Re:In after somebody says don't run Windows.

[Matheus]

Repeat: Best software = None.

There are people out there (many of my friends included) who need protection from such a thing because they can't put the tiniest amount of thought into what they are doing when on their computer. I do not practice safe browsing by any means, torrents and pr0n are just too much fun to leave alone ;-), but somehow manage to never get infected without any A/V software protecting me BUT I keep getting calls from friends who's machines have turned into rotting cesspools and want them cleaned. Honestly my answer lately is "Call Geek squad" because it's not worth my time or energy to scrub their waste pond just to have it rot again shortly there after and Geek Squad is cheaper than my time if I were to bill them. So for these people A/V software may be useful but honestly again most of them already have it and it didn't keep them safe anyway.

A/V DOES otoh slow down your machine, interfere with properly running processes and generally behave like the worst of viruses on its own so why willingly go down that path.

Re: In after somebody says don't run Windows.

[deviated_prevert]

I assumed they'd get the jump on me, what with me running Norton.

In Soviet Commieputer nation computers Norton runs you!

Re: In after somebody says don't run Windows.

[arglebargle_xiv]

I agree. That's exactly what virtual machines excel at.

Any malware worth its salt will detect a VM (and the presence of debuggers and other things) and refuse to run. You need to be running on a physical machine to do malware analysis.

Re:In after somebody says don't run Windows.

or maybe he does the research for a living..

Re:In after somebody says don't run Windows.

[arglebargle_xiv]

All my Linux machines, of course, don't run anything.

Don't worry, I have it on good authority that next year will be the Year of Desktop Linux, and then all those apps will appear and you'll have things to run on your Linux machine.

Re:In after somebody says don't run Windows.

[Dynedain]

In the time I've not run a/v, I've never had an infection. (I never had an infection before that, either, but that's beside the point.)

That you know of. There have been many documented cases of drive-by installs, worms that infect from external media, infected installers from legitimate installers. Hell, even legitimate open source projects having their servers unknowingly hijacked and malware injected into source or binaries during download.

While some malware is geared at spamming your desktop with ads, the good stuff tries to be as unnoticeable as possible, especially for botnets or if the goal is keylogging. Today's sophisticated viruses aren't trying to wipe your machine - they're all about creating networks of vulnerability to sell later to the highest bidder.

Re:In after somebody says don't run Windows.

[LetterJ]

To the average Windows user, their computer is a means to an end. To the average Linux user, the computer IS the end.

Re: In after somebody says don't run Windows.

Or buy you a Mac.

Re: In after somebody says don't run Windows.

Preventive security is far more effective than reactionary stems like av .sandboxie is one of the best tools out there for protection and at a reasonable cost.free for basic usage and a lifetime license available.it creates a layer on top of your os where all browsing activity happens.You delete the contents routinely and all changes are gone.it also has a very granular and powerful permission system.

Re: In after somebody says don't run Windows.

[Squiddie]

You should run Linux on that too.

Re:In after somebody says don't run Windows.

[Guy+From+V]

I use visual and audible cues like an oddly running HDD: going by the activity light mostly using SSDs. Also, fan operation, CPU temp, resource monitoring stuff. Just checking out what .exes are running and/or in startup once in a while is a good habit.

Re: In after somebody says don't run Windows.

Oh good. Didn't realize my virtualized servers are all virus proof.

Re:In after somebody says don't run Windows.

his non-existent scanning tools never found anything.

Re:In after somebody says don't run Windows.

[vux984]

I use visual and audible cues like an oddly running HDD: going by the activity light mostly using SSDs.

Because a botnet is going to need a lot of hard drive on your computer with GB of extra RAM?

Also, fan operation, CPU temp, resource monitoring stuff.

Unless you've been coopted to mine bitcoins or something, your CPU temperature isn't going to be noticeable if your part of a botnet either.

Just checking out what .exes are running and/or in startup once in a while is a good habit.

Sure it is; for the low hanging fruit. The really good stuff doesn't show up in taskmanager because its told windows not to report it. It doesn't show up in the registry editor either. And windows explorer can't see the files on disk. Or maybe it's hiding in plain sight... some common service replaced by a malware version; that still performs all the original functions, but also does something... extra.

The idea that anyone could detect anything sophisticated with "visual cues" and "checking stuff" is laughable; on any OS.

An offline scan is usually required, that flags everything not known specifically to come from a trusted vendor... and the resulting list is probably going to be overwhelming anyway for the average person / average system. Only the most secure managed environments would be able have any real confidence.

Re: In after somebody says don't run Windows.

I assumed they'd get the jump on me, what with me running Norton.

In Soviet Commieputer nation computers Kaspersky runs you!

FTFY

Re:In after somebody says don't run Windows.

[vux984]

- it's hard to do any kind of virus research at all when you've got antivirus trying to delete every infected file you're examining.

What kind of special flower does "virus research" on their "main" computer that they use for ANY thing else? I don't even look at them on a NETWORK that has access to anything else.

I agree that a/v products value is dubious at best. But good god man... your basically telling us the equivalent of "I don't bother with brakes in my daily commuter car because I like to study car wrecks... and... well those darn things prevent them from happening."

Re:In after somebody says don't run Windows.

[Yaztromo]

To the average Windows user, their computer is a means to an end.

As an outside observer, that end appears to be to run as much anti-virus/anti-malware as possible.

Yaz

Re:In after somebody says don't run Windows.

[Guy+From+V]

If this botnet is that good then unless you can monitor all your traffic to and from the suspected infected system with a separate, knowingly uncompromised system. I think a good botnet would be dormant offline and invisible to the kernel, making an offline scan using the suspected system to inspect itself useless as well. If this awesome botnet gets me, hey...oh well.

Re: In after somebody says don't run Windows.

[Billly+Gates]

Wow just, wow.

Guess you never heard of a flash exploit before? You probably think a user only has to click on something to be 0wned?

Go to any major website and you will get 0wned if an ad network is hit.

That is beyond ignorant and very dangerous advice.

Re:In after somebody says don't run Windows.

[vux984]

If this botnet is that good then unless you can monitor all your traffic to and from the suspected infected system with a separate, knowingly uncompromised system.

Pretty much. Yes. Unless its designed to overload your centrifuges and not communicate with the internet.

I think a good botnet would be dormant offline and invisible to the kernel, making an offline scan using the suspected system to inspect itself useless as well.

Which is I said it needed to be an offline scan.

If this awesome botnet gets me, hey...oh well.

Agreed. That level of security is out of most our reach.

However, the point remains that you could be part of a pretty run of the mill botnet, have your passwords harvested, and a variety of other nasty stuff and you'd have little to no chance of catching it in time. Even if it wasn't hyper-adept at hiding from the kernel itself.

Just not being particularly "obtrusive" will let run for months... perhaps years before you catch it. And most botnets these days qualify for "unobtrustive" because if they start throwing up piles of ads, redirecting your searches, and puking all over the place you'll wipe and rebuild and take them out. And they're in it for the longer game... while the puke on your system shit is just looking for some quick ad revenue before you find someone to "fix it" again.

Re:In after somebody says don't run Windows.

[cbiltcliffe]

AC: "I'm a fucking idiot, and have no idea how to tell if a computer's infected without big scary warnings from my antivirus software, therefore everybody else is exactly the same."

Never mind the fact that if nobody could detect an infection without a/v software, then it would be impossible to ever add new viruses to the definitions of any antivirus software; meaning, of course, that all antivirus software would have a precisely zero detection rate, and therefore would be completely useless. So, even if you're right, then you're still wrong.

Re: In after somebody says don't run Windows.

Hahaha, thanks for the laugh. If you're going to use a *nix system you might as well use one with proper support.

Re:In after somebody says don't run Windows.

[cbiltcliffe]

I don't execute virus files on my work computer. That would be stupid. I decompile/reverse engineer/etc them.

I have a separate computer that I use if I need to actively infect one. It's not a VM (for the exact reason that some posters have already given) but I do have a Clonezilla image of it, so I can quickly wipe/reinstall after analyzing the infection.

Re: In after somebody says don't run Windows.

[cbiltcliffe]

Well, once I sorted out your bizarre punctuation and capitalization, I realized I agree with you.

Every one of my computers has Sandboxie installed. It's one of the tools I used when analyzing malware, when I want to see exactly what it does to the machine.

Re: In after somebody says don't run Windows.

[Muros]

Agreed. I turned off AV on one of my machines about 2 years ago while troubleshooting problems I was having. I forgot to re-enable it and picked up some random crap via drive-by install from web browsing within a few days.

Re:In after somebody says don't run Windows.

[cbiltcliffe]

Hardy har har. I'm pretty sure you were trying to be funny.

But, just in case you, or any of the other similar comments were actually being serious:
  Maybe that actually meant "don't run anything resembling antivirus software," since, you know, that's what the thread and the article are all about.....

Re:In after somebody says don't run Windows.

[cbiltcliffe]

Don't forget checking the state tables on your router every once in a while.

Oh...that's right; most routers don't actually let you see that information. You have to be running something actually, you know, useful. Like pfSense.

Re:In after somebody says don't run Windows.

[cbiltcliffe]

You don't need no brakes on your car to study what happens to some other guy when they crash their car.

Similarly, I don't need antivirus on my computer to reverse engineer the infected files I pulled from a client machine; which, incidentally, their antivirus said was clean, and I found them manually. (But wait! How did you find them without the antivirus telling you that they were infected?! That's unpossible!!! <head explodes>)

Re:In after somebody says don't run Windows.

It is not very nice to find a infected .jar file from Firefox cache directory, which has been completely undetected for months by a top of the line anti-virus product having a 97-100% detection rate in those independent anti-virus tests.

Re:In after somebody says don't run Windows.

Let me look you up in my bot list

Re: In after somebody says don't run Windows.

[plover]

That's why NoScript, Ghostery, and FlashBlock are critical pieces of security software.

Re: In after somebody says don't run Windows.

If you pay for it you are being ripped off. It's that simple.

Re: In after somebody says don't run Windows.

Oh, and html+javascript really sucks donkey balls as a user interface. When I posted that comment, i had to wait 15 seconds for any kind of feedback. What the fuck?

Re: In after somebody says don't run Windows.

Is it fair to call the current sourceforge a malware distribution center ?

The installer scares me enough to never go there again.

Re:In after somebody says don't run Windows.

Just checking out what .exes are running and/or in startup once in a while is a good habit.

Sure it is; for the low hanging fruit.

doesn't "low hanging fruit" describe most malware?

Re:In after somebody says don't run Windows.

cool. I'm like you. I just straddle my computer and use it as a sitting stool. I check my sperm count every once in awhile, and when it is dropping I know that my CPU is running hotter on average than usual and that maybe I have a virus. Best system ever.

Re: In after somebody says don't run Windows.

[Luckyo]

I guess you never heard about ghostery, adblock, noscript et al?

Essentially all flash exploits come from very specific kinds of flash elements, and those are blocked by aforementioned software. For me, it's the primary reason to run adblocker. Safety.

Re:In after somebody says don't run Windows.

[ArcadeMan]

Where is the insight?

It's parked in the garage.

Re: In after somebody says don't run Windows.

[hawguy]

Any active AV software worth 5 seconds of attention watches the resident virtual memory ranges of all processes on the computer, they pick up virus signatures in both local processes and things running inside VMs unless you're running some kind of cheap AV software from the 90s that simply scans your non-volatile memory systems.

I've never heard of AV software scanning all memory pages of all processes. It seems like that would be hugely expensive in terms of CPU resources because a VM can easily touch many gigabytes of RAM in a very short term, and somehow the AV software has to compare this entire dirty page set against a database containing hundreds of thousands, if not millions of potential virus signatures. Without help from the hypervisor, it seems like this would be even harder since when it sees a dirty page, it has no idea where it came from, how it got there, or what it's doing, so it has to scan every block of data just in case it happened to be executable data.

When I was testing AV software, I played with a number of real and test viruses in my disposable VM, yet the host system never alerted on any of them.

Re:In after somebody says don't run Windows.

[ArcadeMan]

I have a separate computer that I use if I need to actively infect one.

Oh, so you're this guy.

Re: In after somebody says don't run Windows.

[ArcadeMan]

Guess you never heard of a flash exploit before?

I don't know about Matheus, but I do hear about Flash exploits but I still don't use anti-virus software. It's just safer and easier to remove Flash from your computer. Same goes for Java. And since I use OS X I don't need Adobe Reader on my system either, so that's three of the biggest security holes completely removed from my system.

Re: In after somebody says don't run Windows.

I think you are confusing Malware with rootkits. Most malware is terribly written, your lucky if it does any basic error handling let alone perform smarts to make it harder to analyze. Running the malware is just one of the easier ways to see what it does, but it is by no means the only way. We nearly always do our analysis on virtual machines, it is a rare piece of software that is smart enough to require us to run on a physical.

Re: In after somebody says don't run Windows.

So running a browser in a VM is doubly good if someone does not want malware?

Re:In after somebody says don't run Windows.

[Nemyst]

What's next, are you going to start talking about how there's a worm hidden in everyone's ring 0? Look, as much fun as it is to fantasize about a super smartly designed virus which "tells windows not to report it" and "doesn't show up in the registry editor" (why a virus would have to write in the registry in the first place is beyond me), they're unlikely to be on your computer. All those botnets you keep hearing about? They're far, far more likely to be built off CatPicturesScreensaver.exe than from some crazily smart drive-by which is completely undetectable and doesn't do anything... until the doomsday comes.

This isn't to say that "visual cues" and "checking stuff" aren't ridiculous, but you're also not a character in a Bond movie.

Re: In after somebody says don't run Windows.

Sandboxie don't hurt...

Re: In after somebody says don't run Windows.

1) Setup a VM for web browsing
2) Setup a second VM for banking/financial web browsing
3) Setup a third VM for other apps
4) Follow proper advice and don't login as fucking admin on every VM/machine
5) Don't save VM changes and revert to clean... only re-save for software updates
6) Don't be an idiot, use good passwords, don't duplicate, and change them occasionally

Re: In after somebody says don't run Windows.

[Zontar+The+Mindless]

Haha, if you're going to use a *nix system, you might as well go with one that you actually control.

Re:In after somebody says don't run Windows.

[Zontar+The+Mindless]

Thanks for the possible solution to my pet dilemma, but who would I get to take care of them when I'm overseas? No different from having a cat, in that regard.

Re:In after somebody says don't run Windows.

[Zontar+The+Mindless]

Time to wake up, Rip--2005 was the year of the Linux Desktop.

I've been ten years without Windows and lovin' every minute of it, baby.

Re: In after somebody says don't run Windows.

[Billly+Gates]

No posters said no software is best for security. This implies you don't need these things as you are safe via browsing means just don't open attachments. They got moded insightful too. Every AV article slashdot is loaded with comments +5 mods with AV doesn't work. Tired of it as slashdotters should know better.

So no adblock, ghostery, with Java and an outdated flash with IE 6 on XP in local admin and it is the users fault for being infected. Yeah each site has +25 ad networks per tab blindly executing whatever. It is pure madness to think otherwise.

Yes I use adblock but no AV is just as insane as 10 tabs means 250 executions from Lord knows who.

Re: In after somebody says don't run Windows.

So the best A/V software will be some kind of VM emulator that tricks running processes that it is running in a VM and thus stop the malware from doing damage? ha

Re:In after somebody says don't run Windows.

That is a viable solution for those who find the degraded usability of the system (worse hardware compatibility, less and worse quality software available, higher chance of issues that are difficult to debug and solve for an average user, etc.) an acceptable cost for the reduced risk of malware issues. For many, that is not the case.

Also, if a lot of the casual Windows users switched to Linux, it would eventually be targeted by a lot more malware, because many of the security issues on WIndows are more cultural in nature than an inherent technical limitation of the OS.

Re:In after somebody says don't run Windows.

"it's more trouble than it's worth when you know what you're doing" tells me that you DON'T know what you're doing. I make a fair amount of money fixing problems "experts" like you create. If you haven't run anti-virus for over a decade then you have a massively infected machine and don't even know it. Your's is undoubtedly one of the millions under somebody else's control.

Re: In after somebody says don't run Windows.

[AmiMoJo]

They help but don't make your browser completely immune to exploits. It still has to parse HTML, interact with the network, decode and render images etc.

Re:In after somebody says don't run Windows.

[AmiMoJo]

Try Microsoft Security Essentials. It's very light weight and doesn't slow the machine down. It isn't the perfect AV software either, but it does detect a fair bit of crap and costs nothing.

Also download Clamwin and run a scan now and again. It can run portable, no need to install it.

Re: In after somebody says don't run Windows.

[allcoolnameswheretak]

Yeah, I also run AdBlock for safety first, and to remove ads I will never click on anyway second. AdBlock is the most important security software for surfing the internet.

I'm sorry about the websites that depend on ad revenue. But if the advertising companies can't get their shit together and instead abstract their business model in such a way that it's impossible to know where an ad is coming from, it's their fault not mine.

Re: In after somebody says don't run Windows.

[allcoolnameswheretak]

It only works if you suck monkey balls, preferably in space. Sucking on donkey balls actually doesn't do anything.

Sorry to break it to ya.

Re: In after somebody says don't run Windows.

But Windows 8 runs in a VM.

Re: In after somebody says don't run Windows.

AdBlock's junk compared to hosts files http://ask.slashdot.org/commen...

Re: In after somebody says don't run Windows.

I guess you never heard of Not installing flash, I don't need it and don't use it, same with Java (not java script) and any Adobe software.

Here is the best single way to mitigate nasties in Windows
http://www.zdnet.com/article/report-92-of-critical-microsoft-vulnerabilities-mitigated-by-least-privilege-accounts/

Re: In after somebody says don't run Windows.

[Capt.Albatross]

When I was testing AV software, I played with a number of real and test viruses in my disposable VM, yet the host system never alerted on any of them.

Did you verify that they were actual viruses, in that the allegedly infected programs you had were actually capable of spreading the virus to another program, and that the newly-infected program was also capable of passing this test?

I ask because it was (and maybe is) not unusual for published tests to have been performed by someone who did not do this preparation, rendering the results meaningless.

Re: In after somebody says don't run Windows.

[dotancohen]

So how do I configure my graphics designer's Windows box to look like a VM so that the malware won't run?

Re: In after somebody says don't run Windows.

[ihtoit]

easy.

Run everything in a VM, such as Windows XP Mode (for Windows 7) or VirtualBox (cross platform). The difference between the two being, that in Virtualbox you need to have the applications installed on the virtual machine image, whereas in Windows XP Mode all you need is the XP VM installed and that is invoked from the program shortcut via a shell extension.

Re: In after somebody says don't run Windows.

[Zorpheus]

Were there any security holes in these areas in the last years? I thought these simple things are safe nowadays.

Re:In after somebody says don't run Windows.

There have been many documented cases of drive-by installs

Trivially fixed by making plugins and/or Javascript "click-to-play" - something which took 15+ years to even be close to a core feature in browsers.

Also, you forgot to mention the many documented cases of viruses in MS Word documents, exploiting the macro system at the time, until Microsoft realized that there was a major problem and found a simple way to prevent macros from executing.

worms that infect from external media

Ah, boot sector viruses from floppies. Good old times, where the AV software at the time didn't detect the boot sector virus in memory, or even on-disk, simply because it was in the sneakernet era.

Re: In after somebody says don't run Windows.

[Luckyo]

APK has fanboys now?

Oh fuck me...

Re: In after somebody says don't run Windows.

[Luckyo]

Yes, we all heard that insanity. "Please cripple functionality of your PC in the name of security".

The answer is still no, just as it was in the beginning of computing and just as it will be tens of years from now. Now go back under the rock you crawled from.

Re: In after somebody says don't run Windows.

[StarKruzr]

What do you like for a dedicated pfSense box that runs 24/7 without chewing up too much juice?

Re:In after somebody says don't run Windows.

To the average Windows user, their computer is a means to an end. To the average Linux user, the computer IS the end.

Maybe the first months of using Linux or if you are a Linux developer obviously

Re: In after somebody says don't run Windows.

Then run your browser in a VM. Have your downloads folder as a network shared folder (and scan the downloads with virustotal using a different machine).

Revert the VM after each use if you want, and before browser updates (then snapshot again).

One bonus side effect is it stops your browser from bloating to gigabytes or whatever. Some browsers have a nasty habit of assuming they can and should use all of your machine's memory. Yes there are ways of limiting that, but its already done if you run the browser in a VM.

Re: In after somebody says don't run Windows.

Don't assume others are as ignorant as you. YOU might get pwned because you don't run your browser sandboxed or as a different more limited user or in a VM ( I hear lots of fancier malware conveniently stop running if they detect they're in a VM ;) ). And just a simple thing like adblock would save you from the ad network problem you mention.

If you're IT savvy there are better ways of dealing with malware than using "always on" AV. Relying on Antivirus is stupid and ineffective as stuxnet and similar have proven.

The virus detection problem is similar to solving the halting problem, with the added difficulty of you not having the full source code or full inputs. The sandbox solution is like working around the halting problem by forcing all programs to halt by a certain time. You might be able to solve the halting problem in specific cases, but not in a general case. It shouldn't be too hard to create programs that automatically generate malware that pass all the AVs. So if the resulting drive-by malware is out there but lies low till a certain event, those crappy AVs out there won't save you or the thousands infected.

AV is not merely a resource hog. AV software regularly cause serious problems (like thinking important system files are viruses). Some have even had exploitable bugs (and guess what privilege level they run at typically?). If you know what you're doing always-on AV software is more likely to cause you problems than malware.

Re: In after somebody says don't run Windows.

For example (based on the Redpill IDT technique): Detecting the Presence of Virtual Machines Using the Local Data Table

It's actually pretty clever, though I doubt it works anymore.

Re:In after somebody says don't run Windows.

Are there hardware solutions out there that help you quickly rollback to a known point?

e.g. write redirection.

Re:In after somebody says don't run Windows.

I have been using Avast since last 5 years. I have not had any problems.Using Google Chrome with WOT activated and with addition of Malwarebytes, one can have a fairly safe net experience.

Re:In after somebody says don't run Windows.

[vux984]

What's next, are you going to start talking about how there's a worm hidden in everyone's ring 0?

Reboot. Solved.

which "tells windows not to report it" and "doesn't show up in the registry editor"

So I kept it in laymen's terms? is there really any need to be technical with respect to how that's accomplished?

(why a virus would have to write in the registry in the first place is beyond me)

Usually to hide a gazillion triggers to restart / heal itself after at reboot.

They're far, far more likely to be built off CatPicturesScreensaver.exe than from some crazily smart drive-by which is completely undetectable and doesn't do anything... until the doomsday comes.

That's harder to say really.

There is going to be a clear confirmation bias. Like the idea that all criminals are stupid... just watch cops. Yes, LOTS of criminals are stupid. But the ones that are smarter? The ones that don't get caught? Where its not even obvious a crime was ever committed? Can we really say there's more dumb criminals than smart ones based on the fact that we don't see them as much?

I agree with you, but I'm not so sure what the ratio of good unobtrusive stuff to in your face nonsense really is. I concede we're not likely facing 'james bond' grade viruses ... and I think the majority out there is the fast and dirty social engineering to get a toolbar added to your browser... but I think we underestimate the just how prevalent unobtrusive malware might be; simply because by virtue of being unobtrusive we don't even know when were infected.

And for the less technical... they simply would just never know. They'd never complain, because nothing was 'wrong'. Eventually it would get old, replaced, or they'd pay some kid to wipe and refresh it because they were giving it to someone else and they'd be none the wiser that it was ever infected.

I found my parents computer once had been very discretely turned into someone elses "cloud storage". I only stumbled over it by complete fluke. I was troubleshooting something else; and just stumbled over it as there was a lock preventing a folder move or rename or something like that and that and it got me to look deeper.

I can only speculate that I've missed an unknown number of others over the years.

Re: In after somebody says don't run Windows.

Some malware is obvious and some of it is less obvious. It all depends on how hard you're looking.

Re: In after somebody says don't run Windows.

[dotancohen]

The problem with that solution is that now I've got _two_ instances of Windows to secure and maintain. Twice the RAM, two licences for Kasperski, twice the updates, twice the exposure to threats.

Re: In after somebody says don't run Windows.

[LinuxLuver]

Chromebooks are the Linux system many of us have been waiting for. Plug a 3TB USB 3.0 external drive into it... And you're away laughing. Fast, secure and cheap.

Re: In after somebody says don't run Windows.

Yes there has been. Just look at https://www.mozilla.org/en-US/security/known-vulnerabilities/firefox/

And yes, other browsers have similar problems.

Re: In after somebody says don't run Windows.

[LinuxLuver]

If you don't run any AV software how do you know you haven't been infected? The 'best' botnets don't degrade you're system performance much and don't get in your way because they don't want to subjectively detected by the user. They just did in the background quietly pumping out moderate traffic that doesn't alert or alarm the use of the infected machine. By not being greedy.... They don't get caught... And millions of PCs infected this way amount to a huge resource made up of small resource consumption each. Point is.... How would you know if you haven't used AV software at all?

Re: In after somebody says don't run Windows.

Your host doesn't have to be Windows.

Re: In after somebody says don't run Windows.

[cthulhu11]

Funny, I've never had a problem with my Macs sneaking out and doing hookers and blow. I use them to accomplish tasks, vs projecting personality flaws onto them.

Re: In after somebody says don't run Windows.

What is a proper? Some kind of new peripheral? Is it plugged on usb?

Re:In after somebody says don't run Windows.

[bearded_yak]

Don't run Windows, run OS/2.

Re:In after somebody says don't run Windows.

Disconnect your hard drive and run a live disk.

Re:In after somebody says don't run Windows.

[cryogenix]

It's also in the bottom of ratings on nearly every test performed. It probably is in all tests performed but I won't claim to have seen every single one.

Re:In after somebody says don't run Windows.

I could not keep malware off my winders computer until I showed the old lady how to use Ubuntu. I still use windows for games. She does not like the games I installed and finds ones she likes to play online.

  I had to wipe windows off my computer and put linux on it when I had a roommate. She liked to visit porn sites. The gal went out and bought her own laptop and insisted I clean it. I put McAnot free on it. Then she complained about it blocking her favorites. I could not figure out what she was doing. That was because she was only doing this when I was at work. I probably should have looked at her history 1st. But really a woman visiting porn, who knew ?

Re: In after somebody says don't run Windows.

[ihtoit]

XP Mode uses a framework that's already there in Windows 7, basically all that's missing is the 5.1.2600 kernel. Virtualbox adds another framework. So if you use XP Mode, you don't need to throw in another AV - it's already there in the host. XP Mode is to Windows 7 what 386 Protected Mode was to Windows 95 - a shared memory sandbox.

Re: In after somebody says don't run Windows.

mrproper

Re:In after somebody says don't run Windows.

windows 8 needs NO ANTIVIRUS between windows defender and security essentials being built in now only a idiot would install a 3rd party antivirus
having run hundreds of computers (corporate environments/private clients) Vista/Win7 running security essentials and then Win8/Win8.1 having it built in i have never seen a virus on any of them until a 3rd party antivirus has been installed.

you may want to keep malware-bytes handy so as not to infect older machines running XP that you may transfer files to from being infected

other than hat run a flavor of *nix ie Unix/Linux/BSD/Solaris

Re: In after somebody says don't run Windows.

[Zontar+The+Mindless]

That's a cute but transparent attempt to sidestep the issue.

Apple says if I buy a computer from them, they'll place arbitrary restrictions on what I can do with it. This means that it might not do things that I tell it to do. This also means that it might do other arbitrary things that I don't tell it to do, or even that I tell it not to do.

You might consider these acceptable terms for the use of your general-purpose computer. I do not consider them such for mine.

Re:In after somebody says don't run Windows.

[hughankers]

But really a woman visiting porn, who knew ?

I've read about this sometimes happening, but I thought it was just a myth. You actually found a real example in the wild? What an amazing discovery lmao

Re:In after somebody says don't run Windows.

Search for "gizmos best freeware", look at their antivirus information, follow the links to anti-virus product comparisons.

Re: In after somebody says don't run Windows.

Second this. Us OS X users already have to do a little dance to install and run software that doesn't come through the Mac App Store. Apple would only have to remove that option in an OS X update and suddenly they own your whole system again.

Re:In after somebody says don't run Windows.

[Wolfrider]

> In the time I've not run a/v, I've never had an infection.

--If you haven't scanned your PC *at all* in that whole amount of time, you actually have NO IDEA whether you have an infection or not!! Your PC could be part of a botnet or doing something insidious deep in the background, for all you know.

--Do us all a favor and at least try scanning it once with a couple of different free utilities - you may be surprised at what you might find.

Kaspersky used to be good.

Then they decided to do the stupefying thing that's the habit of all software companies, removing all the useful options "cuz only 5% of our usebase uses this". Well yeah, numbnuts, maybe only 5% will use any SINGLE feature, but each feature is used by a different 5%, so if you only keep the features used by most people, you can still end up pissing off most people.

I miss when the East was driven by first principles and the West by statistics - you'd get organisations combining the best of both worlds. Now it's all statistics, wildly misinterpreted.

Re:Kaspersky used to be good.

I use BitDefender, and while it's a great AV, the firewall portion of it is pretty lacking, considering what I was used to with the free Comodo personal firewall.

How's Kaspersky's firewall?

If nothing else

[TheRealMindChild]

AVG is a Freemium minefield. May as well be WeatherBug. Serves a purpose, but ultimately adware

Re:If nothing else

[TheDarkener]

Agreed. I'm actually an AVG reseller for many years. I always loved them when they just stuck to what they were good at, which was solid, lightweight antivirus protection (they held out longer than most). I guess it's inevitable that they will get dollar signs in their eyes and try to produce and sell everything else under the sun (PC Tune-up, Web Tune-up, Internet Security, Anti-Spam, Firewall, blah blah blah).. Ever since they did that, their core Antivirus offering got pushed aside and now they sell adware (constant pop-ups on the desktop to purchase add-ons, for instance). I still think they're one of the best out there, but that's really not saying much IMHO. Would love to see them get back to their roots as I'd feel better recommending it to my clients.

Re:If nothing else

[dszd0g]

Even the paid version of AVG now spams pop-up advertisements. Definitely do not go with that.

I tend to use AV comparatives as one place to compare how anti-virus products are stacking up:
http://www.av-comparatives.org...

Re:If nothing else

[Virtucon]

One of the main reasons i got rid of BitDefender. They started popping shit up on your screen even though I had a paid version. Fuck that.

Re:If nothing else

One of the best out there? HAH!

AVG is the craphole of AV and has been for years.

Re:If nothing else

I've got the paid version of BD and it's never done anything like that. Mind you, I have the "Internet Security" version, so there's less drive for the upsell on that one.

Re: If nothing else

This happened to me as well. I gave them tons of shit about it, and they flagged my account so that the ads would not reappear.

Re:If nothing else

[BlackHawk-666]

After using AVG for ages, I installed Avast a few years back instead. Then Avast started to nag the shit out of me, so I swapped back to AVG. Now AVG is nagging the shit out of me and I'm almost ready to switch again. Tiresome.

trendy

Trend Micro is top tier these days:

http://www.av-test.org/en/antivirus/home-windows/

DL Trend Micro trial and use the key on the disk.

Re:trendy

We dumped Trend for CA. Trend was horrible. CA was ok until they started their cloud move and viruses became plentiful. Researched and ended up with ESET Enterprise at work. Best av i've ever seen. Been running it for 6 months on about 400 machines and it even caught crypto locker and notifies you. Use it on my personal and phones. Security essentials is ok and doesn't spam you, but it's just ok.

HTH,

Re:trendy

[arglebargle_xiv]

Trend Micro is top tier these days:

... and will probably remain so until tomorrow, when it'll be Kaspersky's turn, and then they get trumped by AVG, who in turn get knocked out by Avast, and then...

Asking "what's the best AV" is a loaded question, you need to qualify it in terms of best detection (as of right this minute, but not necessarily tomorrow), least naggy, least overhead, etc. Given that all AV will be defeated by 0day (in other words the determined malware will always get through no matter whose AV you have) and that I want a machine that isn't bogged down or even bricked by my AV, I'd recommend Windows Defender. It'll catch all the generic malware (if not the latest 0day), but most importantly its major design goal is to be as low-impact and unintrusive as possible. It's not perfect at that, but it's vastly better than the Symantec/Norton crap which is often worse than the malware it's supposed to be defending against.

Re:trendy

[arglebargle_xiv]

"Defender" should have been "Security Essentials", forgot the changed branding.

Re:trendy

Security Essentials is low-impact and unobtrusive as it has always done nothing:

http://www.av-test.org/en/antivirus/home-windows/windows-7/december-2014/microsoft-security-essentials-4.6-144986/

The recommendation I gave the OP was because he already owns Trend Micro.

Re:trendy

And then the change back...

Re:trendy

[cbiltcliffe]

Security essentials is ok and doesn't spam you, but it's just ok.

HTH,

Security Essentials used to be just ok. Over the past year or so, it's turned into the most useless piece of crap I've ever seen. I used to recommend it as a free option for some people, but lately I've been ripping it out of every machine I see it on, in the same way I used to do with Norton a few years back.

Re:trendy

[Luckyo]

I never caught a virus since floppy days (except for one case where I was reinstalling XP from vanilla disk on open university network and forgot to unplug the machine before installing firewall - it got owned in seconds). I've observed MSE heuristics, which is the part that most of the crappy "tests" typically slam MSE for - catch things like encrypted executables and crack engines just fine.

The test you link basically measures heuristics engine for latest custom tailored threats. To catch those, you will need to tweak your heuristics engine to produce a huge amount of false positives. This is what commercial AV really likes to do because it makes their AV software look super-important when in reality, it's massive amount of false alarms that user should have never seen for the cost of potentially catching that new custom tailored virus only seen targeted at very specific machines that is never an actual significant threat to home user.
MSE does the exact opposite - its heuristics engine only reacts to something that actually looks like a real threat or a generator of real threats and tries to minimize false positives. This is because MS doesn't look to actively market or sell MSE upgrades, and as a result, it's a piece of software aimed at actually satisfying the needs of a home user rather than maximum monetization of home user through fear, uncertainty and doubt.

Now I'm having a bit of a problem with MSE and browser download interaction (for some reason MSE doesn't finish the automatic scan of downloaded item and browser cannot save the item on the first attempt - will work on retry), but MSE is still a top notch unintrusive piece of AV that catches threats that normal home user should watch for.

It probably won't catch government-made or other custom-tailored malware - but as a home user that's not what you're looking out of anyway.

Re:trendy

[xystren]

I have to agree with you on ESET. It acts the way that the old AV's used to act - easy on the resources, fast to update, and effective. I've gone through the whole works, McAfee, Norton, Symantec, AVG, Comodo, Trend, Avira, and Kaspersky. I just hope they don't go the ways of the others of becoming ineffective, resource hogging pigs.

No need

Windows? Use Security Essentials and practice safe surfing. No need for anything else.

Re:No need

Make sure Flash settings have minimal permissions (if installed), and Java is not on your machine unless you need it. Don't open dodgy attachments from Prince Boko of Nigeria.

Re:No need

Safe surfing includes porn, just make sure you don't get into a click/wank frenzy on every link you see. Remember all roads lead to LiveJasmin and all is well.

Re:No need

[mythosaz]

Windows? Use Security Essentials and practice safe surfing. No need for anything else.

This.

Re:No need

[sexconker]

EMET (also from MS) is free and effective at preventing many 0-day vulnerabilities.

Re:No need

[bogie]

Security Essentials is worthless. It used to be decent years ago but is one of the poorer performing Antivirus products now. For Free Panda is supposed to perform well. Really anything but MSSE is a good idea, regardless of how safe you surf. Just because you only visit "safe" sites doesn't mean malware isn't being handed out via some drive by advert.

Re: No need

I found ms se missed an enormous about or malware.

Re:No need

[rwa2]

For personal use?
You don't need an anti-virus program. It's a racket. Use the built-in protections for your OS, and learn some common sense. If you do something that gets you infected, wipe and reload your OS, and DON'T DO THAT AGAIN. Once you have a trimmed group of common, trusted applications and games and settings, you'll be cruising fine. You'll more likely be wiping and reloading your OS due to hardware failures every few years than from virus attacks. Notice that you will need to make backups and treat your computers as disposable. You'll be happier this way.

For work? CYA!
Find out what the company security policy is. Use/Buy one (and only one) that will take the liability WHEN (not if) a virus manages to sneak through. Make sure updates are turned on and up-to-date so they can't weasel out of liability coverage. That is all.

Re:No need

[Luckyo]

That is why you use MSE. It's about the only AV that isn't attempting to spread fear uncertainty and doubt in the mind of the user about the state of his machine to sell him various subscription packages and upgrades. It just does what it does quietly and unobtrusively.

And let's face it, a lot of home users do not know enough to be safe even from basic threats like viruses through email attachments and drive-by-downloads. That is what MSE helps with.

Re:No need

You gotta be kidding me. Security Essentials? I put that on my daughter's laptop before she went away to college and within a month she had a virus from an email. Her roommate also got the same email and did not become infected. She was running Norton. Norton of all things!

Security Essentials is a joke.

Re:No need

[WolfWithoutAClause]

I think the studies show that MSE is by far the least effective... but none of the others are anything like 100% either.

Re:No need

[Luckyo]

I recommend taking a look at said "studies" and studying what they actually base score on.

Then you'll understand that for end user, AV suite that scores lowest is the best one.

Re:No need

I also run a Malwarebytes scan every so often.

Re:No need

[cryogenix]

MSE is consistently at the bottom of detection rates in every modern test. Just about any other free av product would be better.

AV is for wimps

These days, if you get hacked you need to reimage, preferably with a new drive, maybe even a new motherboard. If you don't get a virus, you're fine.

AV has no point anymore.

Use Flashblock, Adblock and Noscript.

Re:AV is for wimps

[LostMyBeaver]

Out of curiosity, what exactly would the point of the hardware replacements be?

Re:AV is for wimps

Never heard about malware that flash's bios and firmware of the hardware (like say DVD roms, webcam...)? So no matter how many times the person formats it's hard drive the computer is always re-infected.
Some mainboard manufacturers did make some time ago (not sure if it still exists) for example mainboards with two bios, one of them would never be possible to write, and could be used to wipe the second bios that could be update (including by malware) in case the user thinks something is wrong or the bios may be compromise and needs a re-flash of the firmware.

Re:AV is for wimps

AV does prevent many attacks (trough know vulnerabilities in programs like Flash Player, Adobe reader, Java, Office, IE, Firefox, Chrome...). Much of the cases I do solve I use several antivirus that in most cases would prevent some, or even all the infections!

Don't forget many Internet Security solution include white list solution, if the program is not white-listed it won't run, or will run in a special sandbox for example.

Users can, and should use limited accounts, and use administrative accounts privileges just in special cases!
The few computers that I see using limited accounts usually don't have malware, or malware is easy to wipe from the system! And yes, from times to times, their are vulnerabilities that allow escalation of privileges, but are exceptions and once patch in the system no longer a problem again.
Many vulnerabilities don't work simply because the account doesn't have enough privileges in the system!

And yes, some malware try to bypass this protection too... but if the normal user can't allow the operation and the person that can, is smart enough, most malware doesn't have a chance to fully infect the machine!

Re:AV is for wimps

To get rid of BIOS-based malware.
Because switching to new hardware is guaranteed to solve the problem, because factories never pre-install malware.
Never. Not a single recorded case in all of human histor--...

Oh.

Well, since BadBIOS has not been confirmed, and since stuff gets pre-infected... I guess the biggest thing that it does for you is to drive up your credit card balances.

VirtualBox.

I'm not kidding.

A Mix

I use a mix. I have webroot, the paid version, and I occasionally (i.e. weekly) run additional scans with SuperAntiSpyware and malwarebytes. On my work system, I have Avast (free, because the company i work for won't buy us anything) with extra scans with SuperAntiSpyware. As far as I know, I've never been hit by a virus.

Re:A Mix

I just got done testing webroot, and I would say you are better off running nothing,so you don't have a false sense of security.

Re:A Mix

If it's in a company maybe Comodo Internet Security, that it's free, would be a more legal (and better) solution for the company computers... and maybe they like it so much that buy the premium (that add's the insurance and help in virus cases).

Nag, nag, nag, nag

[Iamthecheese]

I've found only one free antivirus where the nag screens can be turned off and stay off. Panda has treated me right so far and if things keep going this way I'm going to buy the premium version just to support the company. It's efficient, effective, and -- most importantly -- silent.

Re:Nag, nag, nag, nag

I agree 100%. Panda is the way to go. No nag, no BS, no slowdown.

Re:Nag, nag, nag, nag

Never heard "Comodo Antivirus" or the even better "Comodo Internet Security"? Both free for home and business. The person can disable the nag screens in the advanced options. They do have paid versions that essentially add remote support, insurance and help in case of malware attack... ideal for home users that have no clue on computers and company's that need support.

Re:Nag, nag, nag, nag

[nukenerd]

I've found only one free antivirus where the nag screens can be turned off and stay off. ... Panda

I have just followed your link, and it looks like it is free only for a 30 day trial.

Re:Nag, nag, nag, nag

I think he meant http://www.cloudantivirus.com/

for windows read below

The Best AV for Windows is Microsoft Security essentials which is available for Free from Microsoft for private use. Make sure your OS and apps are not left without security updates. Use Secunia PSI or alternatively Qualys browser check both free for private use. One last thing, don't use an account with admin privileges but one that has limited rights, so if your box gets pwned the attackerhas to escalate privileges before he or she can run as admin/root.

Re: for windows read below

Is that even maintained these days? Sure it's light on resources, but mostly because it doesn't detect most viruses. There are too many good free av products out there to use MSE.

Re: for windows read below

Yes it is fully maintained and supported.

"Sure it's light on resources, but mostly because it doesn't detect most viruses. "

No.

Anyway, if you are capable of practicing safe browsing, MSSE will be more than sufficient for you.

Re: for windows read below

[sexconker]

Microsoft Security Essentials is Windows Defender is System Center Endpoint Protection.
Definition updates come out every few hours.
They all catch the vast majority of shit.

EMET (also free and from MS) will prevent many of the 0-day vulnerabilities that MSE/WD/SCEP could miss until the next definition update rolls out.

Re:for windows read below

According to AV-Comparatives and AV-Test tests, Microsoft Security Essentials is a "joke"... almost everyone else does a better job on protecting a computer!

With so much security problems found in software and malware/ spyware getting in all the times, anyone needs a better software than Microsoft Security Essentials.

My choice of anti-virus software

[Clived]

I use Avast on our two Win7 computers. Seems fine after about 5 years use, IMHO

Re:My choice of anti-virus software

Agreed. I have been using avast! for 12 years now and have found nothing else that can compare. It's free for personal use (paid for commercial use), it's transparent, it doesn't have any annoying nags, it has a low false positive rate and is rated as one of the top AVs for virus detection.

Plus, it's Czech made :)

Re:My choice of anti-virus software

[Todd+Palin]

I put Avast on my Windows PC and it seems to work fine. Avast prompted me to put it on my android phone as well, which I did. Since I am using Republic Wireless which is kind of persnickety about roaming data, I was not thrilled to see Avast use one Mb of roaming data the first time I left the house. I can't spare the data if it is going to do this regularly. I deleted the app.

I'm pretty good at managing my roaming data, but I can't have Avast using roaming data any damn time it wants to. This is especially odd since I was solidly within a Sprint area, which should not have been roaming at all.

Re:My choice of anti-virus software

[Howitzer86]

It DOES have annoying nags. That's why I stopped using it. It used to never nag, and I've used it almost as long as you have... but these days it'll show a popup asking you to upgrade every few hours or so. I just use Windows Defender now, and reserve Avast for occasional boot time disk scans when I get suspicious (comes clean every time).

Re:My choice of anti-virus software

No it doesn't. Either you're thinking of something else or you're a liar.

Windows Defender + Malwarebytes

[LuniticusTheSane]

If you are on Windows 8.1, Windows Defender. If on Windows 7, MS Security Essentials. And supplement both with Malwarebytes. All free, and very non-intrusive.

Re:Windows Defender + Malwarebytes

[bfwebster]

Yep, this is the combo I used. Never had a problem with it. (Actually, had one malware problem before I added Malwarebytes, but used that to remove it and have had it installed ever since.) ..bruce..

Re:Windows Defender + Malwarebytes

All free

Specifically, the only thing you're really missing with a free copy of Malwarebytes is automagic scanning of shit you're downloading and whatnot.

I guess that's cool, but I lived without it forever until I realize NewEgg had sent me a Malwarebytes license several ages ago with something I bought.

Re:Windows Defender + Malwarebytes

[sexconker]

MBAM's realtime shit isn't free.
So it doesn't help until you know you've been hit.

Re:Windows Defender + Malwarebytes

Stop being hit at all using this since you can't get burnt if you don't touch fires http://ask.slashdot.org/comments.pl?sid=6809411&cid=48890257

Re:Windows Defender + Malwarebytes

agreed, but i'd skip the malware bytes, but if you do pick-up something I'd suggest the trial of NOD 32 to clean it, and then simply uninstall it, or leave it and pay the subscription, great product.

Re:Windows Defender + Malwarebytes

Damn, are we just geniuses? Never having a problem seems like a good problem to have.

Re:Windows Defender + Malwarebytes

I agree. Using YAC in stead of malearebytes atm. Any thoughts on YAC?

trade-in

[jsepeta]

who the hell takes trade-in laptops?

Re:trade-in

The Microsoft stores sometimes do that.

Security Essentials

AV is pretty much useless anyway, and at least Microsoft's offering doesn't do much harm.

Re:Security Essentials

Not much harm because it doesn't do much either. It does so little that it ranks at the bottom of every single independent AV test, below even AV software that haven't received updates for years.

Re:Security Essentials

It does so little that it ranks at the bottom of every single independent AV test, below even AV software that haven't received updates for years.

[citation needed]

Microsoft also has the advantage of getting weekly updates from VAST numbers of machines running their tools. If anyone's in a position to know whats infecting computers, it's MS.

Re:Security Essentials

[arglebargle_xiv]

Not much harm because it doesn't do much either. It does so little that it ranks at the bottom of every single independent AV test, below even AV software that haven't received updates for years.

[Citation needed]

Re:Security Essentials

Source:

http://www.av-comparatives.org/wp-content/uploads/2014/12/avc_prot_2014b_en.pdf

New Laptop? Windows?

[idontgno]

I thought the included (pre-installed) Microsoft Windows Defender (or Windows Security Essentials) was already good enough.

That, plus not installing every stupid piece of malware-studded "freeware" I come across and being a bit conservative in my browsing, has always been enough since Windows 7.

Windows after 7 also has a built-in software firewall, so wouldn't seem like you'd need one of those either.

I just can't picture needing anything beyond that.

Re:New Laptop? Windows?

You are a cow! A cow! Cows go moooooo! MOOOOOOOOOO! A cow you are!

Re:New Laptop? Windows?

[Jane+Q.+Public]

I thought the included (pre-installed) Microsoft Windows Defender (or Windows Security Essentials) was already good enough.

Microsoft is rather notorious for not releasing information about known bugs or malware until they damned well please. That means until then, it doesn't get added to Security Essential or Windows Defender until such time, even if the security community knew about it for 2 years.

While 3rd-party solutions can be problematic, as others have mentioned, at the same time they are likely to update their lists of malware considerably faster than Microsoft in many cases.

Re:New Laptop? Windows?

[nuckfuts]

I just can't picture needing anything beyond that.

While technically not an "antivirus" product in the conventional sense, Microsoft's Enhanced Mitigation Experience Toolkit adds a significant layer of defense on top of Windows.

Re: New Laptop? Windows?

The firewall has been there since XP (SP2 I think?), it didn't come after 7.

Re:New Laptop? Windows?

[nine-times]

I thought the included (pre-installed) Microsoft Windows Defender (or Windows Security Essentials) was already good enough.

Yeah, it pretty much is. The reason to go with something else, or in addition, is largely if you're in a business setting and you want to be able to push updates and monitor results. Also, I'm not sure about the current situation, but last I checked, MSE was free for personal use but not licensed for business use...?

But for home use, MSE is probably good enough. It also doesn't have popups, it doesn't break any apps or anything in the OS, and it doesn't take up tons of system resources. Ultimately, with AV software, you're choosing the lesser evil: having the AV take up system resources and break things is less evil than the viruses themselves, but if you can find an AV that doesn't do those things, go with that.

Re:New Laptop? Windows?

Windows Security Essentials catches much fewer than the others:

http://dottech.org/14151/windows-best-free-antivirus-antimalware-program-microsoft-security-essentials-vs-avira-vs-avast-vs-avg/#detection

Re:New Laptop? Windows?

Do you answer yes to any of these:
1. click on every random link in your adobe flash enabled browser?
2. share your ISP connection with other computers that are also behind your hardware firewall?
3. Does your hardware firewall/router have the default admin user/password?

If any of those are true then external folk may be able to take advantage of a security exploit and manage to install/run software on your system.

It doesn't really matter if you have an anti-virus program or not, you're not safe, no body is. But, you can try and keep the odds on your side by keeping your system up to date with security patches - that alone removes you from the low hanging fruit.

Re:New Laptop? Windows?

[Waccoon]

Wow. Just the fact the name contains "Mitigation Experience" is enough to make me run for the hills.

Clamav

Clamav is free and isn't trying to sell you anything.

Re:Clamav

ClamAV isn't that very good.

Comodo Antivirus/ Internet Security is much better, it's free for both home and business... and yes they are trying to sell something, an upgrade that some users and many company's may like it in the form of additional services (remote help, insurance, expert removal of virus). Seems like a good deal.

Kaspersky IS

Kaspersky IS has signature whitelisting. If the executable isn't in the whitelist it doesn't run, period. You can configure it to completely prevent the execution of non-whitelisted exes. The database is updated daily, unlike a managed solution through Windows. It plays well with MalwareBytes, too.

As a person that actively ran viruses and rootkits on my own machine for years I'd say heuristics are worthless today. There's simply too many coders permutating and encrypting their code to trust a blacklist database anymore. The days of "a new virus came out today" were over in the 1990s.

A lot of IT guys swear by freeware antiviruses (you'll see them come out in droves in these comments), because they're "smart enough" to use them. But I have to say that no freeware solution will protect mom and dad who execute anything thrown at them. "Learning security basics" is never going to happen, so just lock down the threat at its source and use a whitelisting solution like KIS 2015.

Re:Kaspersky IS

[sexconker]

Kaspersky IS has signature whitelisting. If the executable isn't in the whitelist it doesn't run, period. You can configure it to completely prevent the execution of non-whitelisted exes.

You can do this for free with Group Policy shit.
I believe you can even whitelist executables based on publisher certificate, so when a new version of whatever rolls out you don't have to update the whitelist.

Re:Kaspersky IS

[dwywit]

Yep - and you can automate it (partially) with Cryptoprevent from http://www.foolishit.com/

Not connected with them other than as a satisfied user.

I go free

I am using ClamXav. So far, so good.

I use OSX, but I still engage in safe surfing.

If only there were a way...

If only there were a way to access CD/DVD data from a computer without a CD/DVD drive. Wouldn't that make the world a wondrous place?

MSE + Adblock + NoScript

Microsoft Security Essentials has been solid, and I try to surf as safely as possible. I'm honestly more afraid of a Windows update bricking the system, so I have auto-install updates turned off too, and install them a week after availability.

Bitdefender

If you use Windows, then you are already vulnerable. Bitdefender is one of the better antivirus out there. You get a 30 day free trial so you can see if it is for you. You can also find promo discounts to get it cheaper. Bitdefender has different levels like internet security and total security. I have tried others like PC Mechanic and McAfee antivirus and they are horrid. Bitdefender is considered the best, but it can still be knocked out if you are careless.

Re:Bitdefender

[LostMyBeaver]

If you use Windows, then you are already vulnerable?

Did you mean "If you put a computer of any type online, it will become a target and someone may eventually hit the jackpot."?

Re:BitDefender

[wmansir]

No mod points, but +1 to parent comment.

I recently moved off Avast Free because it's becoming nagware and it's popularity is making it a target. Bit Defender is what MSE initially was before it became a standard part of Windows and it's detection rate went to shit. Solid protection with minimal user interaction.

Re:BitDefender

Its because most of these people look at what an antivirus does "after the fact" not before. What makes bittdefender so good and why it ranks so high with av-comparatives is because its very good at being proactive and preventing the attempt to install.

Re:BitDefender

Three problems I have with BitDefender: 1. The protection in the free version is last-years version. 2. I found it naggy as crap. 3. Its updates caused my gateway AV to freak out, as they apparently send actual malware samples in the updates and all of them had the EICAR test file, so they would have tripped the AV anyway.

Re:BitDefender

[Zibodiz]

The fact that it's last year's version is a drawback as compared with the paid version, but even last year's version of Bit Defender is better at what it does than a current copy of Norton or McAfee, so why whine about it? If you want the better version, pay for it. Seems pretty fair to me.
You found it naggy? That really confuses me. As long as you activate and confirm your email address, it will never pop up on your computer unless it finds something. I literally have never seen it appear unannounced on my primary computer. If I do open the interface, I don't even see a "CLICK HERE FOR MORE FEATURES!" banner.
As far as it tripping your other AV, I'm not terribly surprised. There's a reason you're only supposed to use one AV. Most AVs won't even allow you to install if they detect another AV present (not without a lot of kicking & screaming, at least).

Re:BitDefender

Ok, you missed my points.

1. Since the free version uses $current-1 version, you can't really use $current results to compare it with. Plus, with malware constantly evolving, purposely running behind the latest seems dumb, especially when you can't really be sure what itess removed or not; especially when other free AV suites do give you their latest-and-greatest, which could be better given the year to catch up.

2. By nagging I mean the popups for the paid versions. Granted that was a year or so since I last used it and they may have changed it. FWIW, https://www.google.com/search?q=bitdefender+pop+ups

3. Uhh, my gateway and my computer(s) are two different things. If you don't know the difference, it solves the problem of how much weight to give your opinion. But to explain it, My computer (which runs AN antivirus program) connects wireless to a gateway, which has its own AV program. The gateway, in turn, is connected to my firewall, which (if I wanted to) could run a third antivirus program. And there you go, three AV programs and not one knows about the presence of the others and they definitely shouldn't step on each other's toes.

Trend Micro isn't bad really...

[slasher999]

However it depends on how recent it is and how complete a solution it provides. I've used it in the Enterprise IT arena in the past (I've been in enterprise IT for a couple of decades now) and it worked well, both on servers and desktops. Last year though when I purchased a new laptop (my first Windows laptop in years) I looked around for a while and settled on Norton 360. I thought it provided the most complete solution, had decent reviews and I got it at a steal of a price - something like $20 on Amazon as a "deal of the day". I had looked at McAfee (which I still do not care for), was close to purchasing Kaspersky before the sale on Norton 360, and I had dismissed the free tools as simply "better than northing". Now, probably six months later, I don't regret the purchase at all but I do hope I can find a deal on Norton 360 again come renewal time.

Eset

Eset is one, if not the best out there.

But still, block ads, don't install java, etc, etc.

none at all.

[sumdumass]

You are not going to find anyyhing that does it all the best. You also cannot run more than one antivirus at a time. Well, you can but i will make hou wish you never thought of the idea. And no- malware bytes is not an antivirus.

You would be better served learning safe habbits and monitoring tech sites dealing with infections while not expecting a best product. Do this anyways if someone convinces you thay there is a best.

Microsoft Security Essentials

[enter+to+exit]

Nowadays i use Microsoft's free AV, a decent browser and discretion. Unless you're particularly haphazard (like downloading random files with full Admin privileges and visiting dodgy sites with unpatched IE) that should be enough. You don't really need a full arsenal of anti-malware software anymore. Ms has tightened things up a fair bit over the last years.

A while back i tried NOD32 and was very impressed. I don't know if it's still good.

Re:Microsoft Security Essentials

Security Essentials used to be a good product but in nearly every recent test it gets absolutely owned by new malware (ie, doesn't detect it, let alone remove it).

Re:Microsoft Security Essentials

"gets absolutely owned by new malware"

MSSE is anti-virus not anti-malware...

Cryptowall prevention

Make sure you get a cryptowall, and other ransomware, prevention. Bitdefender has one, free. Called Bitdefender Anti-ransomware prevents the virus from installing, and running...

Re:Cryptowall prevention

[LostMyBeaver]

until someone writes a something which specifically circumvents it. Nice concept, seems of little value. A home NAS with automatic historical backups is much more sensible... or you could use cloud storage and just put it all out there for anyone.

Re: Cryptowall prevention

[Billly+Gates]

Crypto wall encrypts your NAS and cloud drives as well. Very nasty ****** to get. Scary too as you are truly hosed

Re: Cryptowall prevention

[LostMyBeaver]

My NAS has history and revisions... I can't really see how it could harm that :/

Re: Cryptowall prevention

[StarKruzr]

This is why you make cold backups.

My Experience

[MightyDrunken]

I have tried a few paid options and a number of free antivirus. Nothing as yet has convinced me to use a paid option.
For Windows 8 there is no need as Microsoft Security Essentials, renamed Windows Defender, is good enough. Otherwise I use Avast, which seems to work well and comes with a few handy options like a software updater and the option to run a scan at boot time. Though it can be annoying recently as it reminds you of other paid features like VPN tunnels.

Steer clear of Norton for God's sake, it seems as bad as the disease itself. I dislike Symentec and had problems in the past with AVG. A few years back an update prevented browsers from accessing the internet.

If you think you may be infected try running a scan of the free version of Malwarebytes, it gives a good second opinion and is great at cleaning up some infections.

Re:My Experience

Any of them will catch the most common threats.

If you look at the tests results from AV Comparatives, then Microsoft Security Essentials / Windows Defender are the worst.
AVG and Avast free versions do much better, but bombard you with ads for paid upgrades.
The latest version of Avast scans every .exe before you run it the first time, which be a bit annoying, and it also blocks a small number of clean files.

Trend Micro, Kaspersky Lab, Avira, Qihoo score the best.

bretty gut

Malwarebytes Anti-Malware.

Avast

[justinhopper]

Avast for Window or Mac though the latter is somewhat useless. Best feature is boot-time scanner which can catch issues before they load and prevent anti-virus from loading.

Avast is OK

[dwywit]

I used to use AVG until it became bloatware, then I tried Avira and it seemed to suffer stability problems, switched to Avast which was OK and didn't seem to slow things down, and then removed that when I realised how much FUD the antivirus industry uses to sell its products, and how piss-poor their products are at doing their job.

I've seen malware infections - from trivial all the way up to cryptolocker - manage to get past the "big 3" (norton/symantec, McAfee, and Trend Micro), and AVG. The only products who seem to be stable and maintain a small-ish footprint are Eset and Kaspersky.

I leave Windows defender switched on, scan once every few months with free malwarebytes, keep Cryptoprevent updated, and anything else I can remove with Combofix - not that I've had anything in over 2 years, but Combofix is what I use to repair customers' machines, then I leave them with a copy of free malwarebytes, and Cryptoprevent.

Simple.

Bitdefender free. Register it every year (no activation required) and it won't ever pop up for annoying ads or extra addins. Industry leading protection and grandma-proof usability. There isn't anything better I've found.

My 2 cents: avast, MWB, ABP, noscript, sandboxie

[monkeyzoo]

I'm on Windows 7. Here are my tips:

1) I have run avast real-time for years. I'm a pretty wary, sophisticated user. But it has occasionally blocked malicious elements on webpages. And it once blocked a zip attachment that I got sucked in on with a phishing email before any harm was done. I have also had it give me a few false positives over the years, which are a bit disconcerting to see and annoying until you can get things sorted out.

2) Second, I run malwarebytes scans from time to time.

3) Other prevention: adblock plus and noscript plugins.

4) For seemingly dangerous websites that I still want to be able to access, I use a Sandboxie sandbox for the browser.

Avirea (www.free-av.com) Is Great

[machineghost]

I've used Avira (free-av.com) for years (since Windows XP at least), both on my computers and my friends' and family's, and I've never gotten a virus despite visiting Bit Torrent and other questionable sites.

It's 100% free and it doesn't install malware (though it might optionally install some crapware, I forget). The only downside is that they pop an alert maybe once a day or so with different messages (the point of which is clearly to prod you to purchase the paid version). I strongly recommend getting the paid version to make those alerts go away ... but I'm embarrassed to admit that I haven't actually done as much myself (sorry Avira!).

Re:Avirea (www.free-av.com) Is Great

[machineghost]

Crap, typo in my subject line: should be "Avira".

Thoughts on Windows Virtual PC?

[monkeyzoo]

What do people think of the security of using Windows 7's Virtual PC feature with "undo hard disks"?
Is this an effective VM? It sure is simpler to get running than a separate VirtualBox or similar.

Re:Thoughts on Windows Virtual PC?

[drinkypoo]

What do people think of the security of using Windows 7's Virtual PC feature with "undo hard disks"?
Is this an effective VM? It sure is simpler to get running than a separate VirtualBox or similar.

Virtual PC is basically the worst mainstream virtual machine software that there is. Its video driver is unstable, unreliable crap compared even to virtualbox, which in turn is unstable, unreliable crap compared to vmware. If you want a virtual machine that you can count on, you need vmware. Of course, if you want snapshots, you need workstation. Otherwise, you have to make ordinary backups of your VM files.

Re:Thoughts on Windows Virtual PC?

[monkeyzoo]

What about from a security perspective though? It works well enough for me for the rare times I need it, but I wonder if it is effective at isolation?

Re:Thoughts on Windows Virtual PC?

[higuita]

If you neeed a virtual machine, use qemu+kvm !! is free, it works, it is fast

Of course, you also need linux!! :D

Switch

[pubwvj]

Stop doing Windows.

Avira Antivir

I have been a fan of Avira Antivir for several years now. Avira, spybot s&d inoculated host file, and roughly 6 month mbam scans. Regularly catch crap (by the hundreds) missed by ALL previously mentioned products on computers brought over by friends. It is actually a decent drinking game to bet them when they are sure their crap is clean and never hacked.

Install an ad blocker

[complete+loony]

These days the most effective measure you can take is to install an ad blocker. That will prevent the vast majority of drive by installs. Second, I'd say you need to be very sceptical of freeware software installers. Using a service like Chocolatey to find and install popular utilities will help here. Third, I'd recommend installing Process Explorer as a replacement for the windows Task Manager. Get a feel for what programs are running in the background, and investigate anything you don't yet recognise particularly after installing something new.

Re:Install an ad blocker

[sexconker]

Wouldn't using the HOSTS file be more efficient?
There used to be a user who would discuss such things...

Mod parent up

...this is the correct answer.

trendy

trend micro keeps turning itself off on my computer. I could have a virus but if tm cant protect itself i wouldnt consider a good av.

I don't trust antivirus to do much.

After seeing so many customer computers with a wide variety of anti-virus software, still succumb to malware and virus infection, there really is NO good anti-virus.

They all suck, and offer very little real protection against threats users usually encounter.

I still use defender/MSE on my windows computers, but with the recognition that it is usually the human behavior behind the keyboard that will get you infected/keep you clean 99.9% of the time. At least defender/MSE doesn't try to sell me crap, or needlessly interrupts what I am doing.

Keep windows patched, use an ad-blocker, don't visit every random website, be careful in what you install, be critical of all your emails, and that will offer you better protection than any anti-virus I've seen.

Dennis Technology Labs quarterly tests

Dennis Technology Labs tests the major antivirus programs quarterly.
http://dennistechnologylabs.com/

NONE

Who runs anti-virus?

malwarebytes

The pro version has a lot going for it with real time malicious website blocking. All these guys saying they don't need any av are like fish who eat whatever they see - hook line and sinker. All the latest 0-day flash hacks etc get stopped by malwarebytes super fast. Plus if it removes something you wanted ( keygen.32.riskware) you can put it back easily. Avast is decent but go ahead and connect to a network share, have it flag and delete stuff instantly. Not really that desireable. Nice that it will also update other apps like flash, java etc. I like the free trend micro system cleaner for cleaning infected systems. Sysclean.com and the latest definition file in safe mode is a worthwhile cleanup step. Been using it for at least 10 years with great success.

I use Kaspersky

[Virtucon]

When it comes to Women's tennis I always bet against the heterosexual

-- Top Secret

When it comes to AV products I usually trust the Romanians or the Russians. KIS is lightweight and just works.

Re: I use Kaspersky

[DigiShaman]

Kaspersky is good, but I'm not sure that I would trust them to be state sponsored free these days; if you know what mean.

Vipre Antivirus has been real good these last few years (will be using for personal use once my Kaspersky subscription runs out). Norton has also improved vastly too (lighter engine). Can't go wrong with either.

http://www.vipreantivirus.com/

Re: I use Kaspersky

Kaspersky is good, but I'm not sure that I would trust them to be state sponsored free these days; if you know what mean.

True enough, but I figure they're the least likely to agree to not report any NSA malware or keyloggers that might get on my machine. At least it's a different state than the one I suffer in.

Not that I think I'm a particular NSA target, but I think they've taken the government stance against discrimination to a new interpretation.

Re: I use Kaspersky

The point is that even if it is state sponsored, it is a state that will not interfere with my freedoms. They've been attacking and exposing the state sponsored malwares we know of for a while.

Re: I use Kaspersky

[Loki_1929]

Got stuck with Vipre at work for a few years. It was nothing short of a complete disaster, to the point where on some systems, it just had to be shut down completely so the systems would function. Combined with the latest ratings from AV Comparatives (lol @ 88% detection rate and huge false positives) and I'd say nobody should ever run that garbage. It's truly terrible.

ESET's NOD32 is good and Kaspersky is very good. Nothing else has been consistently good for quite a while.

Any Linux distro

The best AV software is changing the OS. Leave Windows now! You've warned!

Re:Not in my experience

[BenJeremy]

Non-intrusive... and ineffective. I just cleaned up my brother-in-law's machine and that was what he was using.

My preferred approach is to use Avira Free (installed with ninite.com), MalwareBytes, HiJackThis, and the no-ads hosts file from mvps.

Secondary, install Google Chrome with adblock and a good no-script type program (though I personally just use Ghostery with AdBlock)

If treating for malware, bleepingcomputer is the site to go to. Run RKill, followed by ComboFix, ADWCleaner, and TDSSKiller.

This takes care of 99% of the issues, assuming you don't HAVE to continually visit some obscure Russian porn sites.

Windows 8 includes AV

[ianbnet]

OP didn't mention whether it's Windows 7 or 8, but Windows 8 includes A/V out of the box. Lots of other good security best practices listed here, as well.

Emsisoft

[pigsycyberbully]

An external USB DVD with read and write capabilities cost less than a packet of cigarettes in English speaking countries. They are almost as thin as the DVDs themselves they are used on laptops and small office servers. Virus spyware malware scanners work from so-called cloud-based because of the storage capability that is needed to detect all the known viruses and Trojans and spyware that are created every day. That means you have somebody who has the capability to monitor everything you do regardless of VPNs that you may use. The U.S. has a law that can demand any U.S. software or hardware company must give the U.S. spy agency the capabilities to spy on you and they are intoxicated with that power. A U.S. antivirus product would not be a good idea. Emsisoft, does a all in one product I think they are Austrian, and also have a base in New Zealand. http://www.emsisoft.com/ one of us has an account with these people. These days you cannot trust any software company, and as they say with software paranoia is a sense of awareness. it is not that I have something worth spying on it is just that I would like to have something that belongs to me.

Seriously???

MS Security Essentials ranks at the BOTTOM of the list of every independent AV test and you think it is safe? The thing is just as useless as the built-in MS Firewall (does nothing).

The only people who suggest MSSE are people who are completely clueless about basic security.

Re:Seriously???

Uh, no. The people who recommend MSSE recommend it because they are capable of safe-browsing. MSSE will be more than effective if you don't click every link you see.

Re:Seriously???

Security Essentials is recommended because it is lightweight and doesn't harass the user. That is key in help desk. Harass the user, and the user harasses the help desk.

Re: Seriously???

[Billly+Gates]

Really? You do not run Javascript or flash at all? Wow ... here is a hint. 2001 is when you clicked on an attachment to get infected. Today open IE and an infected ad server will 0wn your machine.

Re: Seriously???

You're thinking of Firefox. IE's security isn't that bad anymore.

Re:Seriously???

[Luckyo]

Yes. Because these tests are pure FUD generation. These "tests" are designed specifically to give high marks to AV kit that has its heuristics engine to produce as many false positives as possible and low marks to AV kit that has a reasonable heuristics engine that looks for realistic threats and doesn't spam user with "this is a potential threat, upgrade for 9.99 now to fix" advertisements.

Reminder - home users aren't threatened by latest custom tailored malware. They are threatened by well known mass-produced threats like bitlocker. And MSE catches those just fine.

Re:Seriously???

[bloodhawk]

I am yet to see a decent review that ranks essentials last, basically they are nearly always sponsored by the AV community and essentials loses out on heuristics for unknown virus's and malware, but realistically when it comes to that they are all miserable failures, just some of the commercial ones will try and convince you of how important that feature is.

Re: Seriously???

you are more likely to get infected using firefox, IE is now one of the more secure alternatives, sad though that is. Shame the browser sucks otherwise IE would be the best option.

Re:Seriously???

Bitlocker? You lost me here..

Re:Seriously???

[Luckyo]

That common malware that used encryption to encrypt your entire hard drive and then ask you for a few hundred EUR/USD to decrypt. Messed up the names.

Re:Seriously???

[tlhIngan]

Yes. Because these tests are pure FUD generation. These "tests" are designed specifically to give high marks to AV kit that has its heuristics engine to produce as many false positives as possible and low marks to AV kit that has a reasonable heuristics engine that looks for realistic threats and doesn't spam user with "this is a potential threat, upgrade for 9.99 now to fix" advertisements.

Nevermind that most heuristics engines will at one point or another detect a standard (Microsoft-signed) required Windows file as a virus and promptly "quarantine" it for you. Which just means Windows will either bluescreen or render your system unusable.

And that's a problem - because now AV is interfering with your computer - and if it isn't a Windows binary that gets hosed, it's a file one of your programs you use.

No, MSE will not catch a 0 day. No antivirus can. So they use heuristics to bridge the time between it's in the wild and when they push an update that will detect it. But there's a tradeoff - too aggressive and there will be a TON of false positives. More conservative (Like MSE) and you'll be more likely to miss a threat, but less likely that you'll clobber a file you really need. And for most people, that's more than acceptable tradeoff.

Especially when you combine it with safe surfing that blocks questionable URLs - available on every browser now (either powered by Google or Microsoft) that prevent you from grabbing questionable files.

Re:Seriously???

[buckfeta2014]

Cryptolocker, and subsequently, cryptowall.

Re:Seriously???

[Luckyo]

That's the one. Name is similar enough for me to mix the two.

It's a great example of malware targeted at average users rather than tailored zero day exploit. And it's easily caught by MSE.

Re:Seriously???

[cryogenix]

You're right. They all rank it second or third to last. You know what else MSE sucks at? Removing infections. I've cleaned up enough machines with MSE to know. I used to like and recommend MSE but it has fallen too far behind. I'd be interested in seeing any tests that rank it in the top 75% in the last year.

Re:Seriously???

[Waccoon]

Aside from performance issues, this is the biggest reason I don't like using antivirus. Most programs are designed for idiots and helpfully take action for you, regardless of the circumstances or your experience. I'm shocked how many anti-virus programs will outright delete files without asking, let alone quarantine, and will not even give you the option to change the default behavior.

I use Comodo Internet Security

It was free and doens't give me popunders like Avira and Avast and doesn't hog my CPU much.
Hate its sudden bandwidth hogging updates every time I connect to the internet though. Terrible for laptops

Good AV suggestion ... bad browser suggestion

Avira is pretty good (but sometimes annoying with the nagging popups). But suggesting Google (spyware) Chrome for security is just plain stupid.

ClamWin

[PAjamian]

ClamWin, the windows port of ClamAV which is relied on for mail scanning on just about every Linux/UNIX mail server you run across.

I think there may be a better front end that uses the ClamAV database as well, but I tend to just install ClamWin and call it a day.

Re:ClamWin

Clamwin is not an active scanner and relies on it manually being ran and then removing any unwanted stuff manually.

http://sourceforge.net/projects/clamsentinel/ can be used to turn clamwin into an active scanner but in my experience impacts performance and will block many legit install files.

Re:ClamWin

[Marginal+Coward]

Clamwin is not an active scanner and relies on it manually being ran and then removing any unwanted stuff manually.

I actually consider that a major selling point (along with being free.) Since ClamWin is non-intrusive, it happily coexists with other AV products, though some of them complain about it when your install them. So, I use ClamWin in conjunction with whatever commercial anti-virus product I happen to be running at the moment as a secondary check when I download things. It can also be used to do a second independent quick system scan.

I don't know if adding on ClamWin actually makes me any safer, but at least I feel safer. And isn't that mostly what AV products are all about?

Adblock Plus

[penguinoid]

Not only does it stop a bunch of viruses before they can get to your computer, it also blocks ads and makes pages load faster.

A combination

[aduxorth]

G'Day,
I've been looking after PC's for clients for 20 odd years, I've seen lots of different AV's and malware software, and for the last 4 or 5 years using a combination has worked fine.
Avast for the antivirus (free is fine) and malwarebytes for the malware protection. Running both has reduced the amount of call backs for fixing up machines due to nasties dramatically.
Keep in mind they are different products covering a different scope of nasties.

Re:Not in my experience

" I just cleaned up my brother-in-law's machine and that was what he was using."

He's probably someone who clicks links or goes to websites he has no clue about. MSSE will do just fine if you're capable of safe browsing habits.

It should be super expensive

It should be super expensive so people do not use insecure operating systems.

EMET

[networkzombie]

EMET http://support.microsoft.com/k... along with whatever antivirus you choose.

I like ESET, especially the business version with console. I get it for my large customers.
Kaspersky is good. I use it for email gateways and small offices. The firewall breaks some shit, though.
I'm always removing viruses from computers that are running avast!, McAfee, Symantec, and AVG, so I won't be using those anytime soon
Trend Micro seems to be great, but I only have a couple of users running it so I have never used it in a large environment.
Vipre is a bad joke (I tested it).
MalwareBytes is great at removing crap and I use it often, but I have yet to use the paid version.
TDSSKiller http://support.kaspersky.com/v... for rootkits.

I'm thinking purchasing MalewareBytes for a small office soon (8 users), but I may go with Trend Micro. I'm on the fence.

Re:EMET

[networkzombie]

After reviewing this link: http://chart.av-comparatives.o... I will use either ESET or Kaspersky instead of Trend Micro. I may still use MalwareBytes with MS Defender.

Re:EMET

[netsys]

I have been using ESET for over 10 years. Currently I have it on 2,000 client computers and it does a great job. I have seen too many viruses from people who run Avast, Avira, Symantec, Trend, and others. Install ESET and there is 10 times less issues. That being said no AV is perfect and the criminals are always finding ways around AV software. Use software restriction policies, updated java and flash, network AV and a third party malware scanner like MalwareBytes or Hitman pro to round things off. CryptoDefense is free for home use and will lock down most folders that malware will launch from and works like software restriction polices.

Re:EMET

[wmansir]

Searching for CryptoDefense mostly brings up references to a randsomware program.

Re:EMET

[netsys]

Sorry, I meant cryptoprevent http://www.foolishit.com/vb6-p...

Re:Your mistake: You bought into Microsoft Windows

"I fail to comprehend why so many people put up with Microsoft Windows, Apple, and products thereof."

Because they're good products that work.

"These companies put out the most asinine software and make life difficult for everyone."

Yeah okay buddy. Recall every Windows machine and replace it with a Linux machine and see just how smoothly the world (people) will run.

"The last time I tried to use MS Windows I couldn't even figure out how to shut the stupid system down and had to use CTRL+P to print."

Can't tell if troll at this point or just ridiculously stupid.

"I actually had to go through what must have been 25 screens"

That's not Microsoft's fault. That is Lexmark's doing.

"(and I only succeeded after two other seasoned MS Windows techs failed)"

Well I think you need to find some new techs because there's no reason you shouldn't have a printer driver installed in under 5 minutes.

Skip them

Using antivirus/antimalware software to protect your computer from harmful software is like taking a pregnancy test every day and calling it birth control: Its only function will be to inform you that it has failed.

I haven't used antivirus software since midway through XP's lifecycle, and I've never had problems. Don't mindlessly click things on the internet and you'll be fine.

Best antivirus

Best Antivirus I've used is Norton Internet Security and Symantec endpoint at work.

AdBlock = Inferior + 'Souled-Out'... apk

A FREE hosts program adds speed, security, & reliability, doing more, more efficiently vs. addons + fixes DNS' redirect security issues:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

---

A.) Hosts do more than:

1.) AdBlock ("souled-out" 2 Google/Crippled by default http://techcrunch.com/2013/07/... )
2.) Ghostery (Advertiser owned) - "Fox guards henhouse" http://en.wikipedia.org/wiki/G...
3.) Request Policy -> http://yro.slashdot.org/commen...

B.) Hosts add reliability vs. downed/redirected dns (& overcome site redirects e.g. /. beta).

C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity

D.) Hosts files yield more:

1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed or Kaminsky redirect vulnerable dns, 99% = unpatched vs. it & worst @ isp level + weak vs DGA, & Fastflux + dynDNS botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).

---

* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).
* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.
* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth...)

Instead, work w/ a more capable native kernelmode part you already have - hosts (An integrated part of the ip stack)

APK

P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"

...apk

I love Windows Defender and MSSE

[VABEast]

I love end users that choose to go with free AV. They get infected and I make money. I am a self employed network engineer / admin. I do not support home users. I have over 30 businesses I support in my area and have had a few try and go the free route. It is like the old Fram oil filter ads; "Pay me now or pay me later". I recommend Vipre Business Premium to all of the clients I support. For the companies without a server I recommend Vipre Internet Security. The pricing is very reasonable and it doesn't take over your PC like Norton / Symantec and others. They have great English speaking customer service, free version updates as long as your license is up to date, and have reduced my documented virus removal time by over 90%. Yes, this reduces my billable time for the clients, but the confidence they find in the service I provide far out weighs the loss of revenue. I get to keep them as a client, make a small % off the sale of the AV and have maintained a 99% customer retention rate. You get what you pay for. Vipre consistently tests at he top of all AV solutions for response time to zero day infections and over all effectiveness. I am not an employee of Vipre or ThreatTrack, just love their product and the management console for server based networks.

Ask yourselves these questions... apk

Can adblock do 16 things hosts files do for more speed, security, & reliability:

1.) Protect you vs. known malicious sites/servers (beyond malicious adbanners: See 2-7 next)
2.) Protect you vs. fastflux using botnets + stop their communication back to C&C servers
3.) Protect you vs. dynamic dns using botnets + stop their communication back to C&C servers
4.) Protect you vs. DGA/domain generation algorithm botnets + stop their communication back to C&C servers
5.) Protect you vs. downed DNS servers (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns servers
7.) Protect users vs. DNS Amplification attacks
8.) Protect users vs. trackers
9.) Protect users vs. spam mails sources
10.) Protect users vs. phishing mails sources
11.) Get you past a dnsbl you may not agree with
12.) Keep you off dns request logs
13.) Speed you up for websurfing not only by adblocking but also hardcoding favorite sites
14.) Work on ANY webbound application (think stand-alone email programs, for example).
15.) Give you direct, easily notepad/texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently in cpu cycles + memory usage

* "?"

APK

P.S.=> The ANSWER ="NO" to each enumerated item above as far as AdBlock's concerned: It's also "souled-out" -> http://techcrunch.com/2013/07/...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it.

AdBlock does far less by way of comparison, & hosts do MORE w/ less.

AdBlock also adds more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried too)

... apk

BitDefender

[Zibodiz]

I'm really surprised more people aren't recommending Bit Defender. I use the free version on my own machines and install it on customer PCs, and have had very good results from it. Never pops up asking to upgrade to a premium version, doesn't audibly announce it's updating/scanning/etc (in fact you'll only know it's there if something goes wrong). It also doesn't impact performance very much at all -- way better than Avast or AVG. According to http://www.av-comparatives.org..., they're always at the top of their game.

Common sence

I've stopped using AV software 5 years ago. Until then I was using Commodo, which was great.
Common sence will have you protected. I do yearly scans with Malwarebytes, Spybot and Kaspersky Rescue CD which is free, with the latest database, and cleans shit up because it's a boot cd. Windows isn't even started when you're scanning. Most infected I got was only 2 viruses, 2 years ago. I run dual boot with Arch and Windows 8.1 with disabled MSE / Defender and Firewall for daily use. I even download porn and shits, and I'm still safe...
Common sence people!!!!

Ask yourself these questions

Can adblock do 16 things hosts files do for more speed, security, & reliability:

1.) Protect you vs. known malicious sites/servers (beyond malicious adbanners: See 2-7 next)
2.) Protect you vs. fastflux using botnets + stop their communication back to C&C servers
3.) Protect you vs. dynamic dns using botnets + stop their communication back to C&C servers
4.) Protect you vs. DGA/domain generation algorithm botnets + stop their communication back to C&C servers
5.) Protect you vs. downed DNS servers (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns servers
7.) Protect users vs. DNS Amplification attacks
8.) Protect users vs. trackers
9.) Protect users vs. spam mails sources
10.) Protect users vs. phishing mails sources
11.) Get you past a dnsbl you may not agree with
12.) Keep you off dns request logs
13.) Speed you up for websurfing not only by adblocking but also hardcoding favorite sites
14.) Work on ANY webbound application (think stand-alone email programs, for example).
15.) Give you direct, easily notepad/texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently in cpu cycles + memory usage

* "?"

APK

P.S.=> The ANSWER ="NO" to each enumerated item above as far as AdBlock's concerned: It's also "souled-out" -> http://techcrunch.com/2013/07/...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it.

AdBlock does far less by way of comparison, & hosts do MORE w/ less.

AdBlock also adds more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried too)

... apk

All Antivirus Sucks.

[Deathlizard]

All antivirus sucks, the only difference is how much you pay for it. You give me an PC with any combination of AV product(s) and 15 minutes and I'll give you an infected box, and it won't just be an Adware / Crapware infection. It will be a Screw you type of Cryptovirus or some serious credential stealing backdoor.

That being said, I use MSE / Windows 8 Defender simply because it's free and the least intrusive of the free AV's and it works great as a canary since every Virus attacks MSE / Defender first and you know you're infected when it keels over, giving you time to do something about it before your Files / Backup gets screwed.

Also, Get Adblock plus for your browser, Disable Non Obtrusive ad's in adblock plus so you don't see the Search Engine virus ads and don't download or install anything from anywhere afterwards.

The Human Operating the Computer

The answer to the question, "What's the best anti-virus to use?"

No, seriously. Most trojans and malware get installed because the user is an idiot or just plain ignorant. You want to avoid malware, avoid websites that are shady and email that isn't from anyone you know or do business with. If they are from those people check the links and attachment names before you open anything. Get Adblock Plus and NoScript add-ons for Chrome or Firefox and use Flash only where you have to.

YOU are the best antivirus program there is.

Start by being intelligent with your login

[damn_registrars]

Don't be like the disgusting majority of windows users who log in everytime as admin. Login with regular user access and half the viruses become helpless.

Re:Start by being intelligent with your login

This. But no one does it. God forbid they have to remember some other admin password while they are installing their new favorite cursor pack.

Re:Start by being intelligent with your login

Don't be like the disgusting majority of windows users who log in everytime as admin. Login with regular user access and half the viruses become helpless.

Uh...isn't that really what UAC is all about, regardless of who is logged in?

Those viruses should become helpless based on what they're trying to do, not who they are executing under.

Re:Start by being intelligent with your login

^^^
That. Not running as admin is probably the single best way to deter threats. Why give them keys to the kingdom when keys to the shed is just fine.

Small Business - WebRoot

[blackpaw]

If you are running a small business AD environment, especially if its virtualised, we've had a good experience with webroot. Pushing it out via group policy, easy to manage and track centrally via its webconsole and doesn't kill your shared network storage.

Plays nice with other virus checkers to, we also use malware bytes free for random scans of desktops.

Off topic replies. On topic, NO CD/DVD

Most posts are regarding the value of the software. They totally miss the point the laptop lacks a CD/DVD drive. Simple solution that works for Windows and Linux is an external USB optical drive. They are not expensive and can be had for less than some nicer keyboards.

I don't pack an optical drive with my netbooks and notebook, but I do have a drive for those times I need to view or write optical medial. Some are designed for travel and don't require a wall wart for power.

Security Essentials + MalwareBytes

[Frankie70]

Running Security Essentials + MalwareBytes for close to 5 years now.

Disagree!

[King_TJ]

Malware Bytes? Yes.... Great product that really is pretty effective (especially if you can boot into "safe mode" in Windows first) at cleaning up malware.

But Windows Defender? Absolutely not. It got ranked absolute worst at detecting malware in a head to head test last year vs. something like 40 other products on the market! And just from personal experience trying to keep PCs clean in an office setting with a lot of mobile workers? It didn't even trigger on some heavily infected machines.

Personally, we use eSet NOD32, and while I won't claim it's "best" - I just feel it seems to do a reasonably good job without dragging down system performance. It's not free but not that expensive either.

Re:Disagree!

[AmiMoJo]

Windows Defender isn't a traditional AV app, and the head-to-head detection tests don't do it justice. Rather than relying on having signatures for every virus going or heavy weight (slow) heuristics like most AV software does it just relies on blocking infections via the most common infection vectors, and spotting specific tricks used to hide malware. The result is that it is very light weight and doesn't slow the computer down, but still blocks most of the crap that would otherwise infect the system.

Malware detection rates are misleading. Great, your software can detect the infection after it's already happened and probably can't remove it now. Focus on prevention and the most common threats, combined with a secure browser and some common sense. Traditional AV tries to stop the user being a moron, which is a recipe for failure.

Norton 360 / Internet Security

[Canth7]

The reason is this - for 4 years running, it has one of the lowest performance impacts on a running system. Does it catch everything? No, but nothing does. Given that AV is imperfect protection, I might as well have a smoothly running system with minimal protection.

Re:Rathaus

[billstewart]

It especially explains why many colleges (at least before the US drinking age was raised to 21) have bars called "The Rathskeller", pronounced "Rat Cellar".

Sophos

[TomGreenhaw]

We have excellent results with Sophos. It has not been a drain on resources and has blocked everything so far for a couple of years on over 250 windows systems and servers. Symantec became ineffective and ruined performance. Microsoft Security Essentials is much better than it used to be and if you only surf safe sites and run commercial software, it will likely be fine; it comes loaded on Windows 8 and is free for Windows 7.

ESET is very good, but so is Outpost

I've been using Outpost on a lifetime license for 8 or 9 years. I used ESET before that. I haven't had a computer infection in 15 years or so... Mostly because I am not stupid about what I click on or what I open in email. I like having a backup, but just don't be stupid is the most important thing.

Malwarebytes?

[Futurepower(R)]

I'm interested in anything anyone has to say about Malwarebytes.

MalwareBytes #1: Don't settle for less... apk

See subject: I also don't associate myself w/ "just anyone" -> http://ask.slashdot.org/commen...

* :)

(Enjoy - it works, & to quote Howard Stark from the film "Captain America": "It's stronger than steel, & a 3rd the weight...")

APK

P.S.=> Simply by keeping you from *REALLY* even needing antivirus/antispyware @ all, by blocking out the main threat - the source of infestation online (& yet going faster + more reliably online, even more anonymously to an extent, if you like)... apk

Comment removed

[account_deleted]

Comment removed based on user account deletion

antivirus, free or paid?

Hello everyone and hello to the author of this article,

My name is Sean, and after using numerous antivirus software I have concluded that the best antivirus software to use is WEBROOT. Yes you do have to pay for it, but it's worth the $50/year because the software actually does what it's programmed to do plus it's the only antivirus and antimalware software that doesn't use large amounts of resources. If anyone disagrees then please comment or post the best antivirus software to use.

P.S.
Malwarebytes only stops malware, it does nothing for viruses.

Message from M$

This is hilarious because Bill Gates said it.

Re:Message from M$

[Zontar+The+Mindless]

Except that we all know that Bill only reads Ars Technica.

Noooooooo!!!oooooo!oooooo!oooo!!00000

and the no-ads hosts file from mvps.

YOU FOOL! You typed the file that shant be named! You will summon HIM! Do you know nothing?

Re:Noooooooo!!!oooooo!oooooo!oooo!!00000

Have you considered decaf?

"It's not easy being world-class"... apk

See subject & this link -> http://ask.slashdot.org/commen... ?

(Enjoy)

* I'm glad to be associated with a great effort doing great stuff vs. the rotten stuff out there in this world (@ least some of it - & so, simply by applying myself with what I know how to do, which is code... thus, online I do, & aid others along with them, & it ALL works/helps vs. online infestation... the right idea)!

APK

P.S.=> "It's not easy being 'world-class'..." :)

... apk

Re:Your mistake: You bought into Microsoft Windows

Can't tell if troll at this point or just ridiculously stupid.

You really can't tell? You must be yankin' our chain...

MalwareBytes #1... apk

See subject & this link -> http://ask.slashdot.org/commen... ?

(Enjoy)

* I'm glad to be associated with a great effort doing great stuff vs. the rotten stuff out there in this world (@ least some of it - & by simply applying myself doing what I have done for decades, coding...? I help online being faster, safer, & more reliable for others, & help out also vs. infestations/infections by malware of all kinds cutting off their main sources online, & it works...)!

Plus, hey - I *don't* just associate myself with just "anyone", either...!

APK

P.S.=> "It's not easy being 'world-class'..." :)

... apk

MalwareBytes #1... apk

You'd like this #1 test result in mid 2014 vs. all others http://ask.slashdot.org/commen...

APK

P.S.=> I don't associate myself with "just anyone"... apk

Ask yourselves these questions

Can adblock do 16 things hosts files do for more speed, security, & reliability:

1.) Protect you vs. known malicious sites/servers (beyond malicious adbanners: See 2-7 next)
2.) Protect you vs. fastflux using botnets + stop their communication back to C&C servers
3.) Protect you vs. dynamic dns using botnets + stop their communication back to C&C servers
4.) Protect you vs. DGA/domain generation algorithm botnets + stop their communication back to C&C servers
5.) Protect you vs. downed DNS servers (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns servers
7.) Protect users vs. DNS Amplification attacks
8.) Protect users vs. trackers
9.) Protect users vs. spam mails sources
10.) Protect users vs. phishing mails sources
11.) Get you past a dnsbl you may not agree with
12.) Keep you off dns request logs
13.) Speed you up for websurfing not only by adblocking but also hardcoding favorite sites
14.) Work on ANY webbound application (think stand-alone email programs, for example).
15.) Give you direct, easily notepad/texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently in cpu cycles + memory usage

* "?"

APK

P.S.=> The ANSWER ="NO" to each enumerated item above as far as AdBlock's concerned: It's also "souled-out" -> http://techcrunch.com/2013/07/...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it.

AdBlock does far less by way of comparison, & hosts do MORE w/ less.

AdBlock also adds more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried too)

... apk

Sophos UTM Home Edition

I have found the Sophos product to be awesome for home use. If you register for it, you get a license to use the security gateway with up to 50 IP addresses, and you also get A/V for 10 hosts.

http://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx

AdBlock = Inferior + 'Souled-Out'... apk

A FREE hosts program adds speed, security, & reliability, doing more, more efficiently vs. addons + fixes DNS' redirect security issues:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

---

A.) Hosts do more than:

1.) AdBlock ("souled-out" 2 Google/Crippled by default http://techcrunch.com/2013/07/... )
2.) Ghostery (Advertiser owned) - "Fox guards henhouse" http://en.wikipedia.org/wiki/G...
3.) Request Policy -> http://yro.slashdot.org/commen...

B.) Hosts add reliability vs. downed/redirected dns (& overcome site redirects e.g. /. beta).

C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity

D.) Hosts files yield more:

1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed or Kaminsky redirect vulnerable dns, 99% = unpatched vs. it & worst @ isp level + weak vs DGA, & Fastflux + dynDNS botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).

---

* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.

* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth...)

Instead, work w/ a more capable native kernelmode part you already have - hosts (An integrated part of the ip stack)

APK

P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"

...apk

Virtual Machines

I used to use solely Windows. Then I started running a linux distro inside a virtual machine for just a web browser and e-mail client. Now,
I only boot into Gentoo. Aside from updates, the only thing I do with Gentoo is run virtual machines through VirtualBox. It is inside those virtual machines that I do other things:

Win7 in a VM for Windows-only games, and only that
Arch Linux in a VM for web browsing and e-mail, and only that
Various OSes in seperate VMs for testing, all changes to them are discarded afterwards
Xubuntu in a VM for everything else

I like to keep the most-likely-to-be-compromised stuff seperate from everything else. For most, there is likely little need to do all that I did. However, even just running another OS in a VM for a browser and e-mail client is probably magnitudes better than solely hoping an anti-virus program can keep you safe.

Malwarebytes #1... apk

How could they not be? See July 2014 test results -> http://ask.slashdot.org/commen...

APK

P.S.=> I don't associate myself with "just anyone" & when you surround yourself with greatness, you get great results (I do my part with them)... apk

clamwin

Clamwin. Open source. Freeware. Used it on every windows box from xp to 8.1 never got an infection.

Norton Internet Security and Malwarebytes

We run them both.

I don't get it

[mha]

I've run AVG Free for years and I have no idea what you are talking about. It leaves me alone. Only the occasional new version installs (vs. just virus updates), which is once per year, bother me - once. There's a banner underneath the AVG window, but I don't need to open that and it isn't intrusive, it's just "there" (when the AVG window is open).

If it has to be windows

avira
no-script
host file
http://winhelp2002.mvps.org/hosts.htm

AV Software is mostly a scam

There isn't much of a difference between the desktop OS vendor capabilities - Windows Defender on Windows or Xprotect on OS X - and paid software like Norton's and , McAffee etc, in preventing infections.

There are significant down sides in almost all commercial AV software - almost the whole industry is bullshit , based on selling fear.

The most important things you can do do prevent getting viruses are :

- run a recent OS that still gets security patches, and patch ASAP
- keep your Apps/Browsers up to date and patched
- don't use client side Java , or Flash
- do not run as a privileged user
- do not do day to day user stuff on your servers

If you do that, you are 80+% safe. AV software will protect you about 30% of the time.

If you ran Linux or OS X, in addition to the above, that would take you to something north of 95% .

Security Essentials and a Sandbox

A sandboxed browser and smart application installation choices have kept me clean for a long time now.

Something hosted by them does

Hosts stop you from visiting virus sources online getting infected http://ask.slashdot.org/commen...

APK

P.S.=> I work alongside a group from MalwareBytes who host my program & recommend it in fact for custom hosts file creation http://ask.slashdot.org/commen... which gives you more speed, security, reliability, & even anonymity (to a lesser extent on the latter only though) online & it makes sense:

"You can't get burnt if you avoid fires"

Which IS the VERY SIMPLE PRINCIPLE hosts work on for security, yet they speed up your online experience unlike MOST other 'security solutions' which slow you!

Blocking ads speeds you up massively & is source of infection too since ads = ~40% bulk of sites, but also speeding you up by hardcoding your fav. sites into hosts' TOP portion avoiding DNS security issues too - bonus!

Hosts additionally make you more reliable + safer (avoiding DNS security issues like DNS Amplification attacks, Redirect Attacks, & even being downed) + more anonymous (avoiding dns request logs) even...

Host do MORE, with far less & consume FAR less resources than *ANY* other "bolted-on so-called 'solution'" out there, bar-none, using something you already have natively (part of the IP stack in kernelmode & queried 1st )... apk

Since no one else appears to be answering you...

[Maxo-Texas]

I've used AVG and Avast plus malwarebytes and the microsoft cleaner.

They are free.

It's been 20 years since I got a virus but I've had several caught attempts.

I left AVG a couple years ago and went to Avast. It's a little pushing on upselling lately.

I've had to clean virii off of friends computers. Malwarebytes is good for that.
Avast is also good for that.

Avast has a "web page reputation" feature.. but to be honest, the only thing it ever flagged for me is the site that records all DMCA filings (which I knew was safe which mean the corporations had corrupted Avast's rating system for that page).

I'm not sure how the hell my friends get them. I has to be lol cats or something like that. I got to a few porn sites now and then and never had a problem.

Malwarebytes has been effective for cleaning a machine that was infected already.

I don't keep the microsoft cleaner on disk but download it as needed so I always have to look it up.

Hosts files make YOU better

Hosts stop you from visiting virus sources online getting infected http://ask.slashdot.org/commen...

* Per my subject-line: Hosts also make you FASTER (unlike other "so-called security 'solutions'"), & more reliably connected online (& even a bit more anonymous too).

APK

P.S.=> I work alongside a group from MalwareBytes who host my program & recommend it in fact for custom hosts file creation http://ask.slashdot.org/commen...

Which gives you more speed, security, reliability, & even anonymity (to a lesser extent on the latter only though) online & it makes sense:

"You can't get burnt if you avoid fires"

Which IS the VERY SIMPLE PRINCIPLE hosts work on for security, yet they speed up your online experience unlike MOST other 'security solutions' which slow you!

Blocking ads speeds you up massively & is source of infection too since ads = ~40% bulk of sites, but also speeding you up by hardcoding your fav. sites into hosts' TOP portion avoiding DNS security issues too - bonus!

Hosts additionally make you more reliable + safer (avoiding DNS security issues like DNS Amplification attacks, Redirect Attacks, & even being downed) + more anonymous (avoiding dns request logs) even...

Host do MORE, with far less & consume FAR less resources than *ANY* other "bolted-on so-called 'solution'" out there, bar-none, using something you already have natively (part of the IP stack in kernelmode & queried 1st )... apk

Common-Sense = hosts files

"You can't get burnt if you avoid fires": That's what hosts do for security.

Hosts also speed you up in 2 ways (blocking ads + hardcoded topmost entries in them, which also aids reliability online vs. DNS downage or redirect poisonings) unlike MOST other "so-called 'security solutions'" which slow you down due to their overheads!

Hosts protect you vs. malware/viruses/trojans/botnets/rootkits (of all kinds) by blocking their sources online (per your common sense point) + vs. DNS amplification attacks, rogue DNS servers malware makers & botnet herders use, spam/phish, trackers & can yield more anonymity online (vs. dns request logs) + freedom (vs. dnsbl you may not like).

MalwareBytes #1 too.

* :)

(I say that with GOOD solid reasons & not just since I contribute alongside them: See my p.s. below & that link from this discussion...)

APK

P.S.=> "Shameless plug" yes, but true -> http://ask.slashdot.org/commen...

... apk

Agreed, 110%... apk

Per my subject: & not just for "personal reasons" but great results http://ask.slashdot.org/commen...

* :)

(Concrete, verifiable, & undeniable results in 2014 for MalwareBytes...)

APK

P.S.=> "Onwards, & UPWARDS..."

... apk

Depends on your attacker.

[dweller_below]

My experience may not be applicable to you. I do IT Security for a university. We encounter a wide variety of attackers from script-kiddy to aggressive hostile government.

When our attackers desire to remain hidden, we usually can not detect and remove them using any common tool. The techniques for remaining in hidden control of systems are straightforward, effective and available to any attacker. We can detect all kinds of stuff by carefully inspecting network activity, but learning to do it takes years. And, analyzing 1 machine's traffic is slower than real-time.

For example, a while ago one of my coworkers managed to crack the C&C for a major fake-antivirus group. For 2 months we grabbed the rootkits as they went by. Code on compromised machines was updated daily. VirusTotal pronounced it all clean. Usually, the victims had no clue. None of the virus or malware detectors/removers would regain control of a compromised system. Sometimes the utilities would claim to have done something. It was never complete or successful. On the other hand, if we isolated a compromised machine from the C&C for 3 weeks, some of the utilities would start to be effective. At 6 weeks, almost all of them were effective. Of course, this fake antivirus group was indiscriminate and had a huge footprint.

We still use Microsoft Security Essentials or EndPoint Protection. It almost never prevents compromise, but in some circumstances it will let us know that that we have been had. Some attackers get what they want immediately and don't try to hide. Others break discipline after a few days or weeks. Then there are the ones that get what they want and sell you to less capable attackers. Finally, if the user/machine is vulnerable to attack then the machine eventually gets infested with multiple attackers. Once multiple attackers start interfering with each other, something always gets dropped.

We always recommend a "change passwords/backup/wipe/rebuild/restore" when we discover compromise. Even then, sometimes an attacker regains control by hiding hostile code in user files.

The preventative measures that seem to be most effective for us are:

1. 1) Some form of Addblock. The primary attack vector for most of our people is hostile browser adds.
2. 2) Limiting the execution of unwanted browser code. We recommend Chrome/Click-To-Run for most users. Motivated users can get better protection with Firefox/NoScript.
3. 3) Working with our users to improve our defenses. See: https://www.youtube.com/playli...

Eset's Aryeh Goretsky's agreed w/ me

Hosts do more for speed, security, & reliability vs. addons:

1.) Protect you vs. malicious servers (beyond malicious adbanners: See 2-7 next)
2.) Protect you vs. fastflux botnets + stop communication back to C&C servers
3.) Protect you vs. dynamic dns botnets + stop communication back to C&C servers
4.) Protect you vs. DGA botnets + stop communication back to C&C servers
5.) Protect you vs. downed DNS (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns
7.) Protect you vs. DNS amplification attacks
8.) Protect you vs. trackers
9.) Protect you vs. spam sources
10.) Protect you vs. phishing sources
11.) Get you past a dnsbl you don't like
12.) Keep you off dns request logs
13.) Speed up websurfing by adblocking + hardcoding favorite sites
14.) Work on ANY webbound app (think stand-alone email programs) multiplatform.
15.) Give you direct easily texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently

* Per subject: By email Mr. Goretsky said "hosts are a valuable security method" (not direct quote but point's there).

APK

P.S.=> Ghostery/AdBlock don't DO any of the above (or as well):

Ghostery's Advertiser owned - "A fox guards the henhouse"-> http://en.wikipedia.org/wiki/G...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/...

BOTH do far less than hosts do & less efficiently - hosts by way of comparison, do MORE w/ less.

Both add more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried).

BEST hosts file? APK Hosts File Engine 9.0++ SR-1 32/64-bit -> http://ask.slashdot.org/commen...

... apk

MalwareBytes #1... apk

Per my subject: & not just for "personal reasons" but great results http://ask.slashdot.org/commen...

* :)

(Concrete, verifiable, & undeniably great results in 2014 on testings of efficacy vs. the competition for MalwareBytes...)

APK

P.S.=> "Onwards, & UPWARDS..."

... apk

MalwareBytes #1... apk

Per my subject: & not just for "personal reasons" but great results http://ask.slashdot.org/commen...

* :)

(Concrete, verifiable, & undeniably great results in 2014 on testings of efficacy vs. the competition for MalwareBytes...)

APK

P.S.=> "Onwards, & UPWARDS..."

... apk

Eset's Aryeh Goretsky's agreed w/ me

Hosts do more for speed, security, & reliability vs. addons:

1.) Protect you vs. malicious servers (beyond malicious adbanners: See 2-7 next)
2.) Protect you vs. fastflux botnets + stop communication back to C&C servers
3.) Protect you vs. dynamic dns botnets + stop communication back to C&C servers
4.) Protect you vs. DGA botnets + stop communication back to C&C servers
5.) Protect you vs. downed DNS (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns
7.) Protect you vs. DNS amplification attacks
8.) Protect you vs. trackers
9.) Protect you vs. spam sources
10.) Protect you vs. phishing sources
11.) Get you past a dnsbl you don't like
12.) Keep you off dns request logs
13.) Speed up websurfing by adblocking + hardcoding favorite sites
14.) Work on ANY webbound app (think stand-alone email programs) multiplatform.
15.) Give you direct easily texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently

* Per subject: By email Mr. Goretsky said "hosts are a valuable security method" (not direct quote but point's there).

APK

P.S.=> Ghostery/AdBlock don't DO any of the above (or as well):

Ghostery's Advertiser owned - "A fox guards the henhouse"-> http://en.wikipedia.org/wiki/G...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/...

BOTH do far less than hosts do & less efficiently - hosts by way of comparison, do MORE w/ less.

Both add more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried).

BEST hosts file? APK Hosts File Engine 9.0++ SR-1 32/64-bit -> http://ask.slashdot.org/commen...

... apk

Eset's Aryeh Goretsky's agreed w/ me

Hosts do more for speed, security, & reliability vs. addons:

1.) Protect you vs. malicious servers (beyond malicious adbanners: See 2-7 next)
2.) Protect you vs. fastflux botnets + stop communication back to C&C servers
3.) Protect you vs. dynamic dns botnets + stop communication back to C&C servers
4.) Protect you vs. DGA botnets + stop communication back to C&C servers
5.) Protect you vs. downed DNS (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns
7.) Protect you vs. DNS amplification attacks
8.) Protect you vs. trackers
9.) Protect you vs. spam sources
10.) Protect you vs. phishing sources
11.) Get you past a dnsbl you don't like
12.) Keep you off dns request logs
13.) Speed up websurfing by adblocking + hardcoding favorite sites
14.) Work on ANY webbound app (think stand-alone email programs) multiplatform.
15.) Give you direct easily texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently

* Per subject: By email Mr. Goretsky said "hosts are a valuable security method" (not direct quote but point's there).

APK

P.S.=> Ghostery/AdBlock don't DO any of the above (or as well):

Ghostery's Advertiser owned - "A fox guards the henhouse"-> http://en.wikipedia.org/wiki/G...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/...

BOTH do far less than hosts do & less efficiently - hosts by way of comparison, do MORE w/ less.

Both add more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried).

BEST hosts file? APK Hosts File Engine 9.0++ SR-1 32/64-bit -> http://ask.slashdot.org/commen...

... apk

MalwareBytes #1... apk

Per my subject: & not just for "personal reasons" but great results http://ask.slashdot.org/comments.pl?sid=6809411&cid=48889655

* :)

(Concrete, verifiable, & undeniably great results in 2014 on testings of efficacy vs. the competition for MalwareBytes...)

APK

P.S.=> "Onwards, & UPWARDS..."

... apk

Thanks.

[Futurepower(R)]

Thanks very much for the link. It's helpful.

I've been an advertising copywriter for technology ad agencies. Here is something that may be helpful for you: I suggest you work on creating a better way of explaining what you are trying to say.

I visited the link you gave and became confused. It says, "Powered by Malwarebytes". My guess is that it would take me an hour to decide what is being communicated. And, I already know about host files.

If you put more effort into explaining, every reader would find it far easier to understand what you have to say.

Sophos

[acoustix]

I use Sophos at the office and they allow free home use for all employees. It's solid stuff.

Eset's Aryeh Goretsky's agreed w/ me

Hosts = more speed, security, & reliability vs. addons:

1.) Protect you vs. malicious servers (beyond malicious adbanners: See 2-7 next)
2.) Protect you vs. fastflux botnets + stop communication back to C&C servers
3.) Protect you vs. dynamic dns botnets + stop communication back to C&C servers
4.) Protect you vs. DGA botnets + stop communication back to C&C servers
5.) Protect you vs. downed DNS (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns
7.) Protect you vs. DNS amplification attacks
8.) Protect you vs. trackers
9.) Protect you vs. spam
10.) Protect you vs. phishing
11.) Get you past a dnsbl you don't like
12.) Keep you off dns request logs
13.) Speed up websurfing adblocking + hardcoding fav. sites
14.) Work on ANY webbound app (think stand-alone email programs) multiplatform.
15.) Direct easily texteditor controlled data for all of the above
16.) Do all those things & block ads (better than addons) more efficiently

* Per subject: By email Mr. Goretsky said "hosts are a valuable security method" (not direct quote but point's there).

APK

P.S.=> Ghostery/AdBlock don't DO any of the above (or as well):

Ghostery's Advertiser owned - "A fox guards the henhouse"-> http://en.wikipedia.org/wiki/G...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/...

BOTH do far less than hosts do & less efficiently - hosts by way of comparison, do MORE w/ less.

Both add more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried).

BEST hosts file? APK Hosts File Engine 9.0++ SR-1 32/64-bit -> http://ask.slashdot.org/commen... which malwarebytes hosts & recommends

... apk

Use everything

Every free AV that is, simultaneously, that should cover 99% of the most common evil code.
If you have the money, run all of the paid versions.

And to be extra safe, make sure that you click every single checkbox in the installer so it doesn't leave out some of the useful features.

When you're done, format the computer, go to your geeky best friend and have him install windows and set it up for you.

For the best hosts file possible... apk

See subject (good choice with hosts too) & rthis link http://ask.slashdot.org/commen...

APK

P.S.=> My program incorporates ALL of their data AND tons more for custom hosts files from 12 reputable & reliable sources in the security community (one of which, malwarebytes, hosts & recommends my program APK Hosts File Engine 9.0++ SR-1 32/64-bit as is shown in that link, with malwarebytes doing a "#1 showing" @ a very reputable antivirus testing site in 2014 too)... apk

Browser addons = inferior

Can ghostery/adblock do 16 things hosts do for more speed, security, & reliability:

1.) Protect you vs. known malicious sites/servers (beyond malicious adbanners: See 2-7 next)
2.) Protect you vs. fastflux using botnets + stop communication back to C&C servers
3.) Protect you vs. dynamic dns using botnets + stop communication back to C&C servers
4.) Protect you vs. DGA botnets + stop communication back to C&C servers
5.) Protect you vs. downed DNS servers (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns servers
7.) Protect users vs. DNS Amplification attacks
8.) Protect users vs. trackers
9.) Protect users vs. spam
10.) Protect users vs. phishing
11.) Get you past a dnsbl you don't like
12.) Keep you off dns request logs
13.) Speed you up online by adblocking + hardcoding fav. sites
14.) Work on ANY webbound application (think stand-alone email programs).
15.) Give you direct texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently in cpu cycles + memory usage

* "?"

APK

P.S.=> The ANSWER ="NO" to each enumerated item as far as Ghostery/AdBlock are concerned:

Ghostery's Advertiser owned - "A fox guards the henhouse"-> http://en.wikipedia.org/wiki/G...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/...

BOTH do far less than hosts do & less efficiently - hosts by way of comparison, do MORE w/ less.

Both add more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate, w/ also as 1st resolver queried too).

For the BEST hosts file? APK Hosts File Engine 9.0++ SR-1 32/64-bit -> http://ask.slashdot.org/commen...

... apk

If you want an opinion rather than a flamewar

It's been my favorite for years: Eset. The only subscription-based software i care to pay for. It is on all my family's computers, my friends', their parents'...
And I am a professional technician actually doing the cleanups after some poor soul thrusted Norton, McAfee, threndmicro, Kaspersky, Bitdefender, Comodo, Avg, Avast, name it.
They don't block malware (and often neither do they viruses) and are all more cpu/ram hungry.
Eset really works. And is available for windows linus mac servers and android.
It beats a host file imo but the host is still a giod way to avoid ads...

Re:If you want an opinion rather than a flamewar

ESET may be good, but implying it's better than all others... just checking http://chart.av-comparatives.org/chart1.php and http://www.av-test.org/en/antivirus/home-windows/ charts and anyone can see that ESET is good, but never the best, on the tests (real world included), in protection.

No anti-malware solution protects 100%.
People is using white lists approach in enterprises because they learn the hard way.
Also limiting the account privileges to the minimum possible needed is a good idea to limit the damages... even (specially) in home computers.
 

Posting ac restricts me

See subject: I did posts on hosts in detail thru this article's discussion w/ more details. I also cannot post as much text as you registered users can (part of being ac is the restriction). Is THIS what you're looking for/suggesting -> http://ask.slashdot.org/comments.pl?sid=6809411&cid=48891339 OR perhaps this post of mine vs. that one -> http://ask.slashdot.org/comments.pl?sid=6809411&cid=48890343 ?

Now, when in doubt of either or they don't "do it for you"?

Well - Then, the main site for my program (not just malwarebytes but an exclusively 64-bit software site features it) extolls most ALL of hosts many virtues for added speed, security, reliability, & even anonymity online (to a lesser extent on the latter) APK Hosts File Engine 9.0++ SR-1 32/64-bit -> http://start64.com/index.php?option=com_content&view=article&id=5851:apk-hosts-file-engine-64bit-version&catid=26:64bit-security-software&Itemid=74

* In fact, I updated the program 5 days ago (better than ever).

APK

P.S.=> It works & to quote Howard Stark from the film "Captain America"? "It's stronger than steel & a 3rd the weight..." since in MANY ways? It's analogous to that (better than *ANY* single "so-called 'security solution' in terms of abilities, & FOR LESS, yet doing more - less resources consumed, moving parts "bolted-on" (when what you have already natively, really works), & less parts to breakdown OR be exploited)... apk

Re:Posting ac restricts me

[bouldin]

I think part of FuturePower's point is that you have too many words, so it isn't clear what you are trying to communicate. Your whole paragraph about Howard Stark is confusing and irrelevant.

Not trying to criticize - trying to help

I find it's best to pick maybe 3 points and stick to those. One key point should be WHAT you are offering. Is it a hosts file for whitelisting? A hosts file for blacklisting? A software program that intercepts DNS requests? How do you choose good domain names? I honestly can't tell.

AV software

[JohnVanVliet]

Install ClamAV
builds just fine and VERY easy with gcc 4.8
just a few simple commands and it is done
------
autoreconf -i -v ./configure --prefix=/usr
make
su
make install
-----

Aside from being useless...

[OneSmartFellow]

...as antivirus suppliers themselves have admitted, anti-virus software only slows your system down (dramatically)

Re:Aside from being useless...

Clearly, checking av-comparatives and av-test charts their are products that have more impact in system than others! VIPRE, Avast or AVG have a bigger impact than kaspersky or bit defender, according to the tests... although by my experience Avira (paid one) and Comodo have almost no impact. Others may have different experiences, depending on their CPU's, RAM's, HARD DRIVE's and others.

Re:My 2 cents: avast, MWB, ABP, noscript, sandboxi

Avast has started inserting itself into https requests (MITM style), which, in my case, somehow prevented me from doing https git pulls from github. Uninstalled and it worked fine again; much easier than the alternative solutions. That and its frequent popups requesting you purchase its other products are pretty annoying.

Re:Ghostery = Inferior + 'Souled-Out'

You were owned, stoned, and boned long ago--so STFU already, loser.

Re:Addons = Inferior... apk

When it comes to getting owned, no man is your master. Now fuck off.

On a related note, how many PCs run no AV ..

[guacamole]

.. simply because the OEM disabled MSE/Defender and instead shipped the PCs with a trial version of Norton or some other commercial suite? At some point those trials expire, and there could be a lot of people who neither bought the full version nor enabled MSE/Defender.

best anti-virus ever

[jjohn_h]

The last virus I fell victim to was a virus spreading around on diskettes with infected boot sector. That was 1991.

Since then the only viruses and malware running on my PC would be there by invitation. I let them in intentionally, had a look and kicked them out - fully in control.

Last week I just fancied getting a virus check of my storage devices and installed Bitfender. It modified my Windows BCD boot without asking and took over. It would not let me launch it on demand, no, it deemed itself so indispensable that it had always to be there in imperial role. It didn't like being offline. Kicked out in no time.

And what anti-virus was I using? Ah, an easy one. I browse around as lowly user without javascript, session cookies only. Sure, I must use javascript with some banks and travel agencies and Google Maps but I know them and wipe out all their settings afterwards. Otherwise I do not allow web sites to take over my machine. No, bastards, keep your dirty fingers off my files.

Re:best anti-virus ever

For most users not use: Javascript, Oracle Java, adobe flash is completely out of question... they need to do stuff... some barely know how to open a browser...

Dont Install any. Use free manual scans.

[danknight48]

Turn off Windows Defender via run > services.msc.
Run this free AV/Malware scan twice a month, or whenever you feel your system "may be infected".
http://www.eset.com/us/online-... (left option)

- No need to install a bulky Antivirus/Anti-Malware program that will slow your PC down more than an actual infection.
- No need to pay for something that you'll probably never use, let alone need.

If you "must" have active protection. Re-enable Windows Defender and put up with the performance impact it has on your system.

We should be comparing the EULAs

Now this is a worthy topic:

We should be comparing the EULAs of each AV/anti-malware product, free and paid. IMO most are very invasive and disturbing in the amount of data they collect from people's computers.

If you read any EULA in your life, let it be from AV/anti-malware products. Make sure you agree with the vast amount of your system's private info being transferred to them, with or without cloud functionality.

I normally don't request this but please mod this up so the regular /. users can see this. It is very important. Thank you.

Re:We should be comparing the EULAs

That is true. Fortunately most of them allow (specially in the paid versions) to disable that options... they understand the privacy implications. Some don't send private documents and photos unless the user add's them manually to send to the virus lab of the company.

But even worse, only AVIRA says in write ( http://www.avira.com/en/itsmig ) that they don't have any intentional backdoor on their programs... no other anti-malware company that I'm aware of says this.

F-Secure?

has anyone tried and compared this?

they also have a free AV LiveCD.

Quick heal

[acewebacademy]

Quick heal is best anti virus in 2015, it is paid

Re:Quick heal

"Quick heal is best anti virus in 2015" we are in the beginning of the year... isn't a bit early to say that? If referring to 2014 I could also not agree... if Quick heal was really good in 2014 present your evidences... because independent tests from Av-Comparatives and AV-Test don't even list that.

About 2015, is early to say, but BitDefender, Trend Micro, Kaspersky, Avira, F-Secure seem to be in the best position to deliver the best protection... if they keep delivering the same protection they delivered in 2014 according to independent tests.

Comodo

[ledow]

Hate antivirus, personally, only use it where I'm required to.

When people bring me a laptop to fix, one of the first things I ask is if I can uninstall McAffee / Norton for them. They almost universally agree as, even as a user, it just bugs them to shit and gets in their way.

There was a time I'd put AVG Free on instead but those days are long gone.

So I slap on Comodo. Free firewall, antivirus, etc. in an integrated suite, that you can turn shit off for, that you can uninstall easily if you do buy something else, you can pay to upgrade it to a full version if you want, and it just keeps out of your way for the most past.

I don't hear any complaints afterwards.

Re:Comodo

Comodo is not perfect, but seems to delivered an higher protection... really adjustable if one wants to mess with it, and it's free, unless the person wants to pay for the additional services that they also offer (virus insurance, remote help and that kind of things).

Best AV: Linux + VM

[dargaud]

Install Linux on your machine, browse with GhostScript, adblock plus, flshblock. Use it for everything except the very few tasks where you need Windows.
Then install Windows in a virtual machine. Take snapshots regularly. Don't use any AV. Don't browse the web with it.

Kaspersky #1 in 2014 for home protection.

[thexfile]

Dennis Technology Labs says Kaspersky is the best for home protection. http://dennistechnologylabs.co...

What is this antivirus of which you speak?

and does it run linux?

Re:Addons = Inferior... apk

You avoid answering apk's questions here (you owned yourself) http://ask.slashdot.org/commen... forrest

Re: Only if you install flash in the first place..

Only if you install flash in the first place..

Your Linux distro of choice (free/

[Qbertino]

Need to run special software tied to the OS? No? ... Install Linux. Ubuntu can be a drag, in more ways the one, but it's worth a try. Suse and Redhat probably are hassle free aswell. All three are way easyer to install than a fresh Windows.

Your Linux distro of choice (free)

[Qbertino]

Need to run special software tied to the OS? No? ... Install Linux.
Really, it's that easy.

Ubuntu can be a drag, in more ways than one, but it's worth a try - and it does look really cool. Seriously.
Suse and Redhat are hassle-free to install aswell. All three are definitly more hassle-free than any Windows installation you can do thesse days.

I've got Ubuntu 14.04 on my ThinkPad. And while it can be anoying (which OS isn't?), it is way ahead of Windows in usability and you can get tons of books and free info on the web for it.

Other than that I'd recommend Mac OS X or Chrome OS - but since you already have your laptop I guess that's ruled out.

Welcome to the camp. Enjoy.

Ghostery = Inferior + 'Souled-Out'

Can ghostery/adblock do 16 things hosts do for more speed, security, & reliability:

1.) Protect you vs. malicious sites/servers (beyond malicious adbanners: See 2-7 next)
2.) Protect you vs. fastflux botnets + stop their communication back to C&C servers
3.) Protect you vs. dynamic dns botnets + stop their communication back to C&C servers
4.) Protect you vs. DGA/domain generation algorithm botnets + stop their communication back to C&C servers
5.) Protect you vs. downed DNS servers (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns servers
7.) Protect you vs. DNS amplification attacks
8.) Protect you vs. trackers
9.) Protect you vs. spam mails sources
10.) Protect you vs. phishing mails sources
11.) Get you past a dnsbl you don't like
12.) Keep you off dns request logs
13.) Speed up websurfing by adblocking & also hardcoding favorite sites
14.) Work on ANY webbound app (think stand-alone email programs).
15.) Give you direct easily texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently in cpu cycles + memory usage

* "?"

APK

P.S.=> ANSWER ="NO" to each above on Ghostery/AdBlock:

Ghostery's Advertiser owned - "A fox guards the henhouse"-> http://en.wikipedia.org/wiki/G...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/...

BOTH do far less than hosts do & less efficiently - hosts by way of comparison, do MORE w/ less.

Both add more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried).

For the BEST hosts file? APK Hosts File Engine 9.0++ SR-1 32/64-bit -> http://ask.slashdot.org/commen...

... apk

Actually its 92%

Actually its higher,

http://www.zdnet.com/article/report-92-of-critical-microsoft-vulnerabilities-mitigated-by-least-privilege-accounts/

Re:Ghostery = Inferior + 'Souled-Out'

You're owned/stoned/boned by running from a question http://ask.slashdot.org/commen... forrest. Posting ac only proves you unjustifiably downmodded that to *try* to vainly and effetely "hide" what's in that link above you refused to answer. Only thing you can't hide is the egg on your face coward and that hosts files are an obviously better solution for abilities and efficiency compared to Ghostery and Almost all ads blocked.

Jebus F. Chrickey! Fix the goddam mobile version,

[Qbertino]

Seriously guys, this is fucking outrageous! I' writing my first post on my brand new tablet just a minute ago and you're abysmaly flaky mobile version double posts again. So it wasn't android 3.2 after all.

And why can't I turnoff ads in the mobile version?

Rob, what's going on? .... You guys need to get your shit together man - it's 2015, mobile web is standard now. Get with the effing programm. ... Do you need help?n

Perhaps you need help? I'll build a professional mobile version for credit alone.

(Please don't mod down - this needs attention folks. Seriously.)

Hosts secure you and?

Hosts speed you up (2 ways) http://ask.slashdot.org/commen... outlined there (unlike what you complain about in most security software slowing you down).

APK

P.S.=> Enjoy... apk

AdBlock = Inferior + 'Souled-Out'... apk

A FREE hosts program adds speed, security, & reliability, doing more, more efficiently vs. addons + fixes DNS' redirect security issues:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

---

A.) Hosts do more than:

1.) AdBlock ("souled-out" 2 Google/Crippled by default http://techcrunch.com/2013/07/... )
2.) Ghostery (Advertiser owned) - "Fox guards henhouse" http://en.wikipedia.org/wiki/G...
3.) Request Policy -> http://yro.slashdot.org/commen...

B.) Hosts add reliability vs. downed/redirected dns (& overcome site redirects e.g. /. beta).

C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity

D.) Hosts files yield more:

1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed or Kaminsky redirect vulnerable dns, 99% = unpatched vs. it & worst @ isp level + weak vs DGA, & Fastflux + dynDNS botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).

---

* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).
* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.
* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth...)

Instead, work w/ a more capable native kernelmode part you already have - hosts (An integrated part of the ip stack)

APK

P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"

...apk

Ask yourselves these questions... apk

Can ghostery/adblock do 16 things hosts do for more speed, security, & reliability:

1.) Protect you vs. malicious sites/servers (beyond malicious adbanners: See 2-10 next)
2.) Protect you vs. fastflux botnets + stop communication back to C&C servers
3.) Protect you vs. dynamic dns botnets + stop communication back to C&C servers
4.) Protect you vs. DGA botnets + stop communication back to C&C servers
5.) Protect you vs. downed DNS servers (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns servers
7.) Protect you vs. DNS amplification attacks
8.) Protect you vs. trackers
9.) Protect you vs. spam mails sources
10.) Protect you vs. phishing mails sources
11.) Get you past a dnsbl you don't like
12.) Keep you off dns request logs
13.) Speed up websurfing by adblocking & also hardcoding favorite sites @ TOP of hosts files
14.) Work on ANY webbound app (e.g. stand-alone email programs).
15.) Give you direct easily texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently in cpu cycles + memory usage

* "?"

APK

P.S.=> ANSWER ="NO" to each above on Ghostery/AdBlock:

Ghostery's Advertiser owned - "A fox guards the henhouse"-> http://en.wikipedia.org/wiki/G...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/...

BOTH do far less than hosts do & less efficiently - hosts by way of comparison, do MORE w/ less.

Both add more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried).

For the BEST hosts file? APK Hosts File Engine 9.0++ SR-1 32/64-bit -> http://ask.slashdot.org/commen...

... apk

I'll point out something interesting then

"I'm interested in anything anyone has to say about Malwarebytes" - by Futurepower(R) (558542) on Friday January 23, 2015 @11:04PM (#48890863)

See subject & this link -> http://ask.slashdot.org/commen...

(Enjoy)

* I'm glad to be associated with a great effort doing great stuff vs. the rotten stuff out there in this world (@ least some of it)!

APK

P.S.=> "It's not easy being 'world-class'..." :)

... apk

AdBlock = Inferior + 'Souled-Out'... apk

A FREE hosts program adds speed, security, & reliability, doing more, more efficiently vs. addons + fixes DNS' redirect security issues:

APK Hosts File Engine 9.0++ 32/64-bit:

http://start64.com/index.php?o...

---

A.) Hosts do more than:

1.) AdBlock ("souled-out" 2 Google/Crippled by default http://techcrunch.com/2013/07/... )
2.) Ghostery (Advertiser owned) - "Fox guards henhouse" http://en.wikipedia.org/wiki/G...
3.) Request Policy -> http://yro.slashdot.org/commen...

B.) Hosts add reliability vs. downed/redirected dns (& overcome site redirects e.g. /. beta).

C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity

D.) Hosts files yield more:

1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed or Kaminsky redirect vulnerable dns, 99% = unpatched vs. it & worst @ isp level + weak vs DGA, & Fastflux + dynDNS botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).

---

* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.

* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth...)

Instead, work w/ a more capable native kernelmode part you already have - hosts (An integrated part of the ip stack)

APK

P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"

...apk

Ask yourselves these questions... apk

Can ghostery/adblock do 16 things hosts do for more speed, security, & reliability:

1.) Protect you vs. malicious sites/servers (beyond malicious adbanners: See 2-7 next)
2.) Protect you vs. fastflux botnets + stop their communication back to C&C servers
3.) Protect you vs. dynamic dns botnets + stop their communication back to C&C servers
4.) Protect you vs. DGA/domain generation algorithm botnets + stop their communication back to C&C servers
5.) Protect you vs. downed DNS servers (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns servers
7.) Protect you vs. DNS amplification attacks
8.) Protect you vs. trackers
9.) Protect you vs. spam mails sources
10.) Protect you vs. phishing mails sources
11.) Get you past a dnsbl you don't like
12.) Keep you off dns request logs
13.) Speed up websurfing by adblocking & also hardcoding favorite sites
14.) Work on ANY webbound app (think stand-alone email programs).
15.) Give you direct easily texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently in cpu cycles + memory usage

* "?"

APK

P.S.=> ANSWER ="NO" to each above on Ghostery/AdBlock:

Ghostery's Advertiser owned - "A fox guards the henhouse"-> http://en.wikipedia.org/wiki/G...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/...

BOTH do far less than hosts do & less efficiently - hosts by way of comparison, do MORE w/ less.

Both add more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried).

For the BEST hosts file? APK Hosts File Engine 9.0++ SR-1 32/64-bit -> http://ask.slashdot.org/commen...

... apk

BitDefender renewal

[ponos]

I would just like to mention a rather dubious automatic yearly renewal I got with BitDefender. Although I normally wouldn't mind being given a reminder, in that case I only discovered the item in my VISA card statement. Annoyingly, they didn't even apply the discount that was running at their website at that moment, so I was charged something like $89 for a product that was selling $49 or so.

Anyway, be sure to check this if you are running or planning on buying BitDefender.

Re: BitDefender renewal

This^ I used Bitdedender for 2 years. I thought it seemed shady also. Lucky for me I found out about the auto renew bullshit they pull and was able to nip it in the bud. After they started popping up shit for my PAID version it was buh-bye. Now I use MSE.

AdBlock = Inferior + 'Souled-Out'... apk

APK Hosts File Engine 9.0++ SR-1 32/64-bit:

http://start64.com/index.php?o...

FREE & adds speed, security, + reliability, doing more with less, more efficiently vs. addons + fixes DNS' redirect security issues:

---

A.) Hosts do more than:

1.) AdBlock ("souled-out" 2 Google/Crippled by default http://techcrunch.com/2013/07/... )
2.) Ghostery (Advertiser owned) - "Fox guards henhouse" http://en.wikipedia.org/wiki/G...
3.) Request Policy -> http://yro.slashdot.org/commen...

B.) Hosts add reliability vs. downed/redirected dns (& overcome site redirects e.g. /. beta).

C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity

D.) Hosts files yield more:

1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed or Kaminsky redirect vulnerable dns, 99% = unpatched vs. it & worst @ isp level + weak vs DGA, & Fastflux + dynDNS botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).

---

* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.

* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth...)

(Instead, work w/ a more capable native kernelmode part you already have - hosts (An integrated part of the ip stack))

APK

P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"

...apk

AdBlock = Inferior + 'Souled-Out'... apk

APK Hosts File Engine 9.0++ SR-1 32/64-bit:

http://start64.com/index.php?o...

FREE & adds speed, security, + reliability, doing more with less, more efficiently vs. addons + fixes DNS' redirect security issues:

---

A.) Hosts do more than:

1.) AdBlock ("souled-out" 2 Google/Crippled by default http://techcrunch.com/2013/07/... )
2.) Ghostery (Advertiser owned) - "Fox guards henhouse" http://en.wikipedia.org/wiki/G...
3.) Request Policy -> http://yro.slashdot.org/commen...

B.) Hosts add reliability vs. downed/redirected dns (& overcome site redirects e.g. /. beta).

C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity

D.) Hosts files yield more:

1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed or Kaminsky redirect vulnerable dns, 99% = unpatched vs. it & worst @ isp level + weak vs DGA, & Fastflux + dynDNS botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).

---

* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.

* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth...)

(Instead, work w/ a more capable native kernelmode part you already have - hosts (An integrated part of the ip stack))

APK

P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"

...apk

Ask yourselves these questions... apk

Can ghostery/adblock do 16 things hosts do for more speed, security, & reliability:

1.) Protect you vs. malicious sites/servers (beyond malicious adbanners: See 2-7 next)
2.) Protect you vs. fastflux botnets + stop their communication back to C&C servers
3.) Protect you vs. dynamic dns botnets + stop their communication back to C&C servers
4.) Protect you vs. DGA/domain generation algorithm botnets + stop their communication back to C&C servers
5.) Protect you vs. downed DNS servers (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns servers
7.) Protect you vs. DNS amplification attacks
8.) Protect you vs. trackers
9.) Protect you vs. spam mails sources
10.) Protect you vs. phishing mails sources
11.) Get you past a dnsbl you don't like
12.) Keep you off dns request logs
13.) Speed up websurfing by adblocking & also hardcoding favorite sites
14.) Work on ANY webbound app (think stand-alone email programs).
15.) Give you direct easily texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently in cpu cycles + memory usage

* "?"

APK

P.S.=> ANSWER ="NO" to each above on Ghostery/AdBlock:

Ghostery's Advertiser owned - "A fox guards the henhouse"-> http://en.wikipedia.org/wiki/G...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/...

BOTH do far less than hosts do & less efficiently - hosts by way of comparison, do MORE w/ less.

Both add more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried).

For the BEST hosts file? APK Hosts File Engine 9.0++ SR-1 32/64-bit -> http://ask.slashdot.org/commen...

... apk

AdBlock = Inferior + 'Souled-Out'... apk

APK Hosts File Engine 9.0++ SR-1 32/64-bit:

http://start64.com/index.php?o...

FREE & adds speed, security, + reliability, doing more with less, more efficiently vs. addons + fixes DNS' redirect security issues:

---

A.) Hosts do more than:

1.) AdBlock ("souled-out" 2 Google/Crippled by default http://techcrunch.com/2013/07/... )
2.) Ghostery (Advertiser owned) - "Fox guards henhouse" http://en.wikipedia.org/wiki/G...
3.) Request Policy -> http://yro.slashdot.org/commen...

B.) Hosts add reliability vs. downed/redirected dns (& overcome site redirects e.g. /. beta).

C.) Hosts secure vs. malicious domains too -> http://tech.slashdot.org/comme... w/ less "moving parts" complexity

D.) Hosts files yield more:

1.) Speed (adblock & hardcodes fav sites - faster than remote dns)
2.) Security (vs. malicious domains serving malcontent + block spam/phish & trackers)
3.) Reliability (vs. downed or Kaminsky redirect vulnerable dns, 99% = unpatched vs. it & worst @ isp level + weak vs DGA, & Fastflux + dynDNS botnets)
4.) Anonymity (vs. dns request logs + dnsbl's).

---

* Hosts do more w/ less (1 file) @ faster levels (ring 0) vs redundant inefficient addons (slowing slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ os, & 1st net resolver queried w\ 45++ yrs.of optimization).

* Addons = more complex + slow browsers in messagepassing (use a few concurrently & see) & are nullified by native browser methods - It's how Clarityray's destroying Adblock.

* Addons slowup slower usermode browsers layering on more - & bloat RAM consumption + excessive cpu use too (4++gb extra in FireFox https://blog.mozilla.org/nneth...)

(Instead, work w/ a more capable native kernelmode part you already have - hosts (An integrated part of the ip stack))

APK

P.S.=> "The premise is quite simple: Take something designed by nature & reprogram it to make it work for the body rather than against it..." - Dr. Alice Krippen: "I am legend"

...apk

Ask yourselves these questions... apk

Can ghostery/adblock do 16 things hosts do for more speed, security, & reliability:

1.) Protect you vs. malicious sites/servers (beyond malicious adbanners: See 2-7 next)
2.) Protect you vs. fastflux botnets + stop their communication back to C&C servers
3.) Protect you vs. dynamic dns botnets + stop their communication back to C&C servers
4.) Protect you vs. DGA/domain generation algorithm botnets + stop their communication back to C&C servers
5.) Protect you vs. downed DNS servers (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns servers
7.) Protect you vs. DNS amplification attacks
8.) Protect you vs. trackers
9.) Protect you vs. spam mails sources
10.) Protect you vs. phishing mails sources
11.) Get you past a dnsbl you don't like
12.) Keep you off dns request logs
13.) Speed up websurfing by adblocking & also hardcoding favorite sites
14.) Work on ANY webbound app (think stand-alone email programs).
15.) Give you direct easily texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently in cpu cycles + memory usage

* "?"

APK

P.S.=> ANSWER ="NO" to each above on Ghostery/AdBlock:

Ghostery's Advertiser owned - "A fox guards the henhouse"-> http://en.wikipedia.org/wiki/G...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/...

BOTH do far less than hosts do & less efficiently - hosts by way of comparison, do MORE w/ less.

Both add more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried).

For the BEST hosts file? APK Hosts File Engine 9.0++ SR-1 32/64-bit -> http://ask.slashdot.org/commen...

... apk

honest suggestion

Hey there. Try avast free antivirus. It's pretty complete and configurable (disable the annoying voice over, animation, etc)
From all the antivirus software I've tried, this one seems to be the most unobtrusive and light on resources when properly configured.
On a side note, why is everybody being such a judgemental asshole? Let the guy do whatever he wants, limit yourself to answer the question or just ignore the topic completely, and that's it!

Comodo

[neghvar1]

For a long time I have been using Comodo Internet security suite. I am very pleased with it.

Re:Hate to answer for the poster but...

[LostMyBeaver]

There are hundreds of different BIOSes. System init code isn't like program code, it's non-relocatable. You can't just add a hook and bypass the original. In theory, boot block flash which is a mini-BIOS might be hooked, but every single MB model would be different. Unless you're running a REALLY high volume computer (Surface, Macbook), the investment in such hooks would be meaningless.

HD firmware could be more interesting, but the payoff would be hard to justify. HD vendors tend to use the same firmware for an entire series. Still, I can't see it.

Just because "Security researchers" can show a possible exploit for a specific hd or mb model and raise FUD, I would just reflash those components if I were actually concerned.

EFI is a different beast, but that's why we have signed code and OS bootloaders.

Seriously???

MS Security Essentials ranks at the BOTTOM of the list of every independent AV test and you think it is safe? The thing is just as useless as the built-in MS Firewall (does nothing).

The only people who suggest MSSE are people who are completely clueless about basic security.

Security Essentials or Windows Defender in Win8 costs nothing, is hardly noticeable in action and does a decent job. There's no ads or any other garbage. Of course MS also pays nothing to all the companies publishing lists of greatest AVs, so these products naturally land at the bottom of the list. I'm a software specialist since before the days of Windows 1, but I guess I must be pretty clueless. Never had a virus infection though. Or maybe I was just too stupid to notice my empty bank account or encrypted files. Or anything at all.

Use AV-Test and AV-Comparitives as your guide.

[ITRambo]

Everyone has an opinion on AV programs. Anecdotes aren't really useful, however. I show our customers the latest results from AV-Test.org and AV-Comparitives.org so they can choose based on test comparisons. I have had hundreds of customers that claim they had no problems until "yesterday". Manually scanning the pulled hard drive usually shows malware files from as long as a couple of years ago. They just happened to pick up a particularly nasty one the day before, and then noticed pop-ups, extreme slowness, or other issues. We currently recommend Kaspersky for business use, as it isn't as bloated as Trend Micro or as buggy as Bitdefender. All three are highly rated currently. Others fall short on the test results. Among the free choices Avira is a top performer. 360 Total Security is currently even better, as long as you manually select the add-on Avira and Bitdefender engines. People in general tend to recommend what they use no matter how good it really is in comparison to the competition.

best security solution for windows.

[Mormz]

I prefer FortiClient. Not only AV but has a website blacklisting. Also use a browser like SRWare Iron or Comodo Dragon... Adblock + the standard security stuff for the browser. Comodo Internet security premium is good (so I've read)... Also free. Windows firewall should be enough, but do configure it properly. Default settings aren't enough. Although seriously, if you are in-the-know... Even MS's Defender/malicious software removal tool and a proper windows config (blocking ad/malware sites via OpenDNS or Comodo DNS or whatever else)... For you guys that bash this or that OS... I use, Windows for gaming and some development... OSX as my main development workhorse... It's the best of both worlds... Linux for everyday office work, servers and a lot more else... Solaris for 2 Oracle DBs

free

just install mutliple free ones, the more the merrier

Don't use any AV

[HycoWhit]

If you understand computers--don't even bother with anti-virus. The anti-virus software on a PC of a savvy PC users is just lowing down the computer.

AdBlock and NoScript on my browser is all I every use--and that is mainly so I don't have to deal with ads, pop-ups, and auto-play videos.

You should be able to tell if you are a savvy user fairly easily. How many times has your PC been infected over the last five years? If zero--you probably know what you are doing.

Re:Ghostery = Inferior + 'Souled-Out'

How does your host file solution protect against domain generating algorithms?

The whole point of that strategy is to evade blacklisting.

12 sources I import from's how

As they're discovered, 12 reputable security community sources my data comes from fills them in automatically.

Pretty simple.

* They get discovered every day, like mad... & I get them, every day like mad (via my program APK Hosts File Engine 9.0++ SR-1 32/64-Bit http://start64.com/index.php?o... ).

APK

P.S.=> Another VALUABLE source (manually done on my own of course) is security community articles:

E.G. - Speaking of DGA utilizing malwares too, I used Gar Warner's security blog to get DGA'd C&C + payloads servers for CryptoLocker & many like it that used Domain Generation Algorithms, by the MANY 1,000's (his blog = great, & there are MANY others, that security sources for hosts data leverage as I do)... apk

Re:12 sources I import from's how

http://www.pcworld.com/article/250824/malware_authors_expand_use_of_domain_generation_algorithms_to_evade_detection.html

I've got more than THAT Luckyo

I've also got the likes of MalwareBytes (#1!!!) too http://ask.slashdot.org/commen...

* :)

Of course, I've ALSO got truth & facts + greater abilities using less AND more efficiency than my "so-called 'competition'" does by a mile too -> http://ask.slashdot.org/commen... that NOBODY HERE CAN VALIDLY DISPROVE, period...

(Face it, Luckyo: YOU *WISH* YOU WERE ME... lol!)

APK

P.S.=> Let me tell you all, 1 thing: It's NOT easy being 'world-class' (like me)... apk

Re:I've got more than THAT Luckyo

[Luckyo]

I see. You don't have fans - you have worshippers!

Re:Ghostery = Inferior + 'Souled-Out'

[Ginger+Unicorn]

I love the irony that you're evading the point he made by accusing him of "running away". We all know why people "run away" from you APK, it's because you refuse to engage with the argument and just keep spamming non-sequiturs until people just shrug and walk off. Arguing with you is like playing chess with a pigeon. You can be checkmated in two moves, but you'll still shit all above the board and strut around like you've won. You are completely mental, and I guarantee that your response to this post will only demonstrate that further. Let me assure you, you can post whatever nonsense you like in response, safe in the knowledge that I won't be engaging with it because it's a waste of my time. I anticipate...ooohh say... ~4 posts that are thinly disguised as posts from 4 different ACs that are clearly all written by you. I'll be disappointed if you don't include the phrase "run forrest, run".

another alternative

[uniquegeek]

Create a separate regular user account that you use 100% of the time, and only use the admin account credentials when you know you are installing or updating something that's legit. Do or don't use anti-virus (I use Microsoft Security Essentials on my Windows machine because it's free, good enough, and not pesky).

If you do manage to get infected with something, create another user account and only copy documents over. Since the virus is likely hiding elsewhere in your user profile or in your user registry key, the virus is gone, by your perspective.

My suggestions for Windows

[bjoswald]

MSE
HOSTS file
Adblock, NoScript, Disconnect (Ghostery was sold to an ad company)
EMET
MalwareBytes

Job's done!

OffTopic b.s. doesn't cut it... apk

Until you've proven ME wrong here you fail http://ask.slashdot.org/commen... & you know it... lol!

* :)

(Off topic crap doesn't cut it, & that is ALL you've got... lmao!)

APK

P.S.=> Clue: I don't "argue" with trolls like you - I simply challenge them to prove me wrong on my points on hosts vs. inferior competitors (& they are, by miles) - funniest part?

Not a SINGLE ONE has to date (not a one, including you, troll -> http://yro.slashdot.org/commen... after you did a "Run, Forrest: RUN!!!" there vs. those same points in the link above that you can't even touch, lmao!)... apk

The second you could flash bios

See subject: (especially from windows) is when this was a threat. It was only shortly after that BIOS flashing malwares showed up (not only for mobos, but really *anything* using an eeprom that can be 'flash updated').

* Additionally - They don't "alter" the code as is, they stuff it with a BOGUS model iirc...

(Yes, you can "reflash" to wipe it out, but nevertheless again, such attacks DO & have existed + occurred in the past...)

APK

P.S.=> It exists as a threat, but you make a point there are MANY bios out there (AMI, Award, etc.) so the attacks are LIMITED to those in scope, not "universal" to ALL/EVERY BIOS maker's stuff... still, they happen as they occur, of course (point taken on that account, but I figured that was just 'understood' minus having to say it)... apk

Anti-virus is worse than most viruses

[LinuxLuver]

Lately I've been dealing with Windows systems virtually crippled by the "real time protection" now standard in most antivirus applications. I bought Chromebooks for my family. They are fast, cheap and don't need anti-virus. My wife loves hers. The only way to stop AV packages crippling a Windows system is to disable or degrade the protection.... Which leaves you vulnerable. That's not the answer either. So I ditched Windows. That was the best answer. This has been going on for 20 years and more. Clearly it's part of the Windows ecology. No thanks.

The Very Best Anti-Virus Is...

Don't turn it on.

This solution SPEEDS YOU UP... apk

Agreed: See subject & my p.s. in this link http://ask.slashdot.org/commen... from this discussion (no software required, just a single file you have already does the job...)

* To quote Howard Stark (from the film "Captain America")? "It's stronger than steel & a 3rd the weight..."

(Hosts files really are that too, oddly enough - how so? Ok: They do MORE with less vs. browser addons, by far, on all fronts in abilities & also resources consumed...)

APK

P.S.=> It works (better than *ANY* single "so-called 'solution'" out there, bar-none, & does everything I said in the subject above (as well as making you faster online, a single NATIVE part of the TCP/IP stack you already have also makes you more secure + more reliably connected also))... apk

Seriously???

MS Security Essentials ranks at the BOTTOM of the list of every independent AV test and you think it is safe? The thing is just as useless as the built-in MS Firewall (does nothing).

The only people who suggest MSSE are people who are completely clueless about basic security.

Agreed. MSSE/Defender is useless. Had that on my parents' machine and it would invariably get infected every month or two. Have not once seen that POS detect or stop anything in the wild.

Got them an iMac, and knock on Formica it's been trouble free for six months so far :-)

MSE and Defender are not good choices.

[cryogenix]

There's a lot of people saying Microsoft Security Essentials or Windows Defender. That was a great answer a few years ago, it's not now. It's near the bottom of of the lists in rankings on most tests. For those saying don't use any AV, stop posting please. You're not impressing anyone by trying to be l33t prosauce internet surfer. http://www.av-comparatives.org... http://www.av-test.org/en/anti... https://www.virusbtn.com/vb100... http://www.tomsguide.com/us/be... http://www.lifehacker.co.uk/20... Nowhere on ay of those links will you find someone saying that MSE/Defender is a good choice.

Avira

Avira has been one of the highest rated hueristic scanners, detecting virii by behavior as opposed to a check sum of a know virus.

Free for personal use: https://www.avira.com/en/index

Too many words? Come on, lol!

This is "too many words" http://ask.slashdot.org/commen... ? The analogy I used via Howard Stark regarding Capt. America's shield is QUITE apt (provided you've seen the film) since hosts are FAR MORE than "a 3rd the weight" (especially vs. AdBlock) & do FAR MORE than browser addons do (stronger than THEIR steel, by far).

ANY DOUBTS as to "what hosts do"?

They're all covered here -> APK Hosts File Engine 9.0++ SR-1 32/64-bit http://start64.com/index.php?o...

* Look: I appreciate the advice, but I've done extremely well in the software world over time since the mid 1990's (not just in freeware/shareware: Those are a "labor of love", just as this program I have @ MalwareBytes is - but also in commercially sold wares to this day which bear my code in them that did well @ say, Microsoft TechEd in its HARDEST CATEGORY - SQLServer Performance Enhancement).

Thus, based on a Pretty GOOD trackrecord & experience here on those notes? Well - I'll be true to myself, & continue as I have been doing & always have done (I've done well using HOW I do things before... have you, in the software world I wonder?).

That post you're all responding to now?

Hey - that's merely to point on MalwareByte rocks (did great in a mid 2014 antivirus comparison test from a reputable site no less, AND, to show they like my stuff enough to not only host it, but also RECOMMEND it... why? It works!)

APK

P.S.=> Besides, the 16 point list I put up in a few spots in this article ARE salient & apply - I don't just "concentrate on a few things only": I leave NO STONE unturned - that's all. There's SO MUCH hosts do, for less no less vs. other 'competitors' (that have to "eat my dust" on MANY levels in resources consumed AND lack of abilities hosts has), that I simply cover them all... apk

Re:Too many words? Come on, lol!

[bouldin]

That article doesn't even mention hosts files or your program.

Don't try to bullshit me. You and I both know you have never had any commercial success. You are a pest who spams your crap "hosts file manager" all over the forums here.

Your hosts file approach doesn't even address hardcoded IPs or domain-generating algorithms. Start working on another approach or shut the fuck up.

wow, so much misinformation

[jgranto]

First off, ignore everyone who recommends Microsoft Security Essentials and/or Windows Defender. Google why - it sucks, totally worthless.

Second, the person who recommended http://www.av-comparatives.org... is wise. Look over their reports over the past few years, as well as http://www.av-test.org/. You will see that Avira, AVG, and Avast are very good products (all free). Some are more bloated that others - I prefer Avast, personally.

NOD32 by Eset used to be known as have the least-impacting AV product - no popups, silent gamer mode, low CPU and disk utilization, etc. It is not free.

I only resort to HijackThis or MalwareBytes when helping someone who already has some form of malware/virus. Safe browsing habits and a decent AV product will protect you just fine.

AVG was it's own company, then got bought by Intel, IIRC.

The person who recommended SandBoxie is also wise. It is a great product to use when you want to browse a site you are unsure about. My biggest complaint about Avast is that is dislikes SandBoxie - to get it to configure settings that I am uncomfortable disabling, so I gave up on using SandBoxie.

I only looked at ClamWin years ago - it did not have an on-access component, it only did disk scans. If this is still true I do not recommend it. You want an on-access scanner that can protect you as soon it it is read or written.

For free, I recommend Avast. For money, Trend Micro and BitDefender always perform well, and I would consider ESET, too.

POP3 your E-mail, reading it with Agent

[Trax3001BBS]

I have many E-mail accounts as I'm sure others do, all being forwarded to my main E-mail account (Gmail). Gmail allows POP3 which lets you download your E-mail, many E-mail sites don't offer that ablity.. Web based E-mail you need to open to read (or even see) you don't know what it's going to contain or do, mostly though install beacons -the sender, if a site you subscribe to will tell you this up front in it's privacy policy.

I use Agent as my E-mail/newsgroup reader, actually I've always used Agent starting with version .98 (so know of no other similar programs); at this time Agent 6 as it has SSL. While I prefer 1.93 it hasn't SSL and the latest update to Stunnel not only didn't work, neither will the older versions now.

Agent won't load HTML, allowing you to read your E-mail as text; most HTML E-mail have two "versions" the HTML followed by text, both saying the same thing. Agent will load your E-mail in your browser if you want, but I have rarely needed to.

I can tell if an attachment has been sent with the E-mail by it's flags (status), the first item listed before the lines the message has, subject, author, and date. If I don't know the sender I just delete it by right clicking on the line of E-mail info itself. Since I've already downloaded it, if I really wanted to I could go into my incoming directory and see what it is, but if an unknown sender I couldn't care.

Charter offers access to the newsgroups (UseNet) as part of it's service (no charge) which I use Agent for as well. I've begun to notice people referring to Google Groups as the newsgroups (not even close).

Headers, while not as informative as they used to be (senders IP address no longer listed) are fully listed and an option to view along with the message. None of the E-mail programs I've seen (cell phone and such) have more than a few lines and of no real value.

I see E-mail having bounced back and forth between Google servers much like ping-pong. Servers which btw use the 10.0.0.0 ip address block Https://tools.ietf.org/html/rfc1918, all internal to Google. I was kind of impressed, cost em nothing.

I'd post one of the headers here but it would have to be edited to senselessness as it shows the complete path the E-mail followed; being forwarded E-mail, just too much info.

The only down side of Agent I've ever encountered are the features and options one has to work with, which can be overwhelming at first, this includes the message filtering system.

Not being that bright, a filter can take me quite awhile to get it to do just what I want, whether it's to begin downloading a file showing up sight unseen, or deleting one. The last time was to keep the first .par file but delete any additional .par files (ones needed to repair) as the newsgroups are very reliable, yep it took awhile.

But don't forget web based E-mail is a threat as well.

Feel I need to add: I have nothing to do with Agent (Forte), just a user.

WARNING about antivirus program vs. POP email

Many antivirus programs will attempt to delete any email that contains a virus, even if said email resides in an index file managed by your email program.

This has been known to destroy entire local email databases, resulting in loss of all data since previous backup. Note that this includes newly received unread emails that are probably not recoverable because your email program already removed them from the server, and your email provider's customer support may not honor requests to recover deleted POP emails. In other words, you can lose an important message from X because Y sent you a virus.

Worse, you may not realize that you lost anything until years later -- after you've already migrated your email to another email program. In such cases, having a full backup of your old PC helps, but it's still a major pain in the ass to try to piece together which emails you still want, because importing the entire backup email database may not be an option if you've already painstakingly re-categorized and deleted thousands of old emails.

tl;dr: Do not run antivirus on the computer that hosts your email database. Always use IMAP locally, or use a web-based email if you run an antivirus program on your computer.

Prevention Options

[Fencepost]

A couple of other things for prevention could include CryptoPrevent and HitmanPro.Alert.

CryptoPrevent is primarily an automated way to set a variety of documented settings to restrict execution from a variety of locations, though you may need to temporarily disable it for installing or updating some software. I also haven't investigated this, but it occurred to me this evening that those policy changes might have caused problems I recently had with some Windows security updates that ended up with me saying "screw it" and reinstalling Windows.

HitmanPro.Alert monitors filesystem behavior to attempt to detect and block the assorted CryptoLocker-style infections, though there are some that it still doesn't detect (or at least can't differentiate enough from regular activity).

It's about the topic... apk

See subject? "Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid?"

APK

P.S.=> MalwareBytes undeniably "RoCkeD-TeH-PlaNeT" in a test of effectiveness vs. the competetion recently: There's no doubting that - I only plugged my freeware because it's working alongside their excellent & yes, noble effort... AND, it's highly effective in that capacity also & from where the threats REALLY are & originate from - online. I do so using what you have already, minus being dumb, bolting on more to do the same... in usermode SLOW no less! apk

Re:It's about the topic... apk

Bouldin goes silent after that. You quieted that young lad down a bit.

Bouldin: "Eat your words"... apk

"Your hosts file approach doesn't even address hardcoded IPs or domain-generating algorithms. Start working on another approach or shut the fuck up." - by bouldin (828821) on Saturday January 24, 2015 @09:15PM (#48896165)

See subject-line, & this link http://ask.slashdot.org/commen...

* :)

APK

P.S.=> Are you actually *trying* to make me look good, & yourself, well... "not so good"? You are successful in it if so. Thank-You, however, I just MUST (lol) ask you a question:

QUESTION: How does it taste eating your words washed down with the "bitter taste of SELF-DEFEAT", rammed down by your foot in your mouth too, for it?

(LMAO)

... apk

Re:Bouldin: "Eat your words"... apk

[bouldin]

Do you understand how DGAs work?

The malware hits an ephemeral domain and then the bot herders throw that domain away. The domain may only exist for an hour.

That is the whole point of domain-generating algorithms. They defeat blacklists. That is the whole point.

Also, you dodged my point about hardcoded IPs, which is just one technique malware can use to circumvent host files.

Keyword = domain (you fail)... apk

Clue: IF a domain name's in hosts blocked? It's nullified! They can throw it away, who cares if it lasts 1 second even: They own it & can use it again (ala FastFlux recycling) potentially, which hosts again, nullify...

* You fail, no matter what, due to what you yourself use, the word domain (host in other words).

APK

P.S.=> Pretty simple: IF it's blocked, it's no threat & hosts do THAT for you (as well as speed you up using hardcoded IP addresses proofing you vs. DNS shortcomings in that same stroke also - mega multi bonus!)...Eating your words again, eh? Hey, listen: Eating your words != "good nutrition" (change your diet, lmao...)...

... apk

Re:Keyword = domain (you fail)... apk

[bouldin]

You still don't understand. The botherder registers a new domain, has it resolve to the C&C server for an hour, then throws the domain away.

By the time it makes it to your list, it's too late.

As I said, that is the point of DGAs.

You fail again... apk

The odds of me hitting a domain that lasts 1 second? Near zero.

Again, clue: Hosts block a domain name, no matter what, I can't be harmed by it

(... & domain name generation using botnets have that as their weakness - hosts block domain names)

APK

P.S.=> You still haven't answered my question, since you have to "eat your words" (1 word in particular - domain): How does it taste, eating your words, washed down with "the bitter taste of SELF-defeat", spiced with egg on your face, & ramming it all down with your foot in your mouth...?

... apk

Re:You fail again... apk

[bouldin]

The odds of me hitting a domain that lasts 1 second? Near zero.

Nobody said DGAs use domains that last 1 second. I said 1 hour. Some malware might use domains that last 24 hours. But, the point is that the domain name calculated by the malware changes faster than you can update your blacklist.

Again, clue: Hosts block a domain name, no matter what, I can't be harmed by it

I say again, by the time you know the domain name, it is no longer being used. Your hosts file program does not magically predict domain names.

Re:You fail again... apk

http://ask.slashdot.org/commen...

Reminds me of ModemMouthGuy

Visual cues. Sure. Obviously this dude's a commercial pilot who claims he can land a plane BY SMELL.

I still get them added as blocked

If a domain is blocked in hosts it can't harm me. It gets discovered and added as blocked when it's bad. Happens all the time.

* See Gar Warner's blog (has many DGA botnets' C&C + payload servers listed).

Thus - I don't *HAVE* to predict them in hosts: I simply block them as they are added.

If they last longer than 1 second, I get them added as blocked by 12 reputable sources in the security community OR from security blog articles (like Mr. Warner I mentioned).

It works simply because DGA uses hostnames.

APK

P.S.=> No matter what you say, as long as I get entries for ANY KIND of threat online as blocked entered in hosts (and I do by the truckloads every hour here due to my program being automated to pickup that data), they cannot harm me (odds & time do the rest - since the odds of me hitting it are also INCREDIBLY small, especially if/when short-lived). Protecting/Security-Hardening my system does the rest (especially omitting using threats like Javascript or even Java for example - the "main harbingers of doom")... apk

Re:I still get them added as blocked

[bouldin]

* See Gar Warner's blog (has many DGA botnets' C&C + payload servers listed). Thus - I don't *HAVE* to predict them in hosts: I simply block them as they are added. If they last longer than 1 second, I get them added as blocked by 12 reputable sources in the security community OR from security blog articles (like Mr. Warner I mentioned). It works simply because DGA uses hostnames.

NO, by the time those blogs post a domain name, it is not being used anymore. The malware will generate another domain name based on the date/time, and you will not have that domain name in your blacklist.

You still don't get it, so I guess I'm giving up. This is like explaining Calculus to a housecat.

P.S.=> No matter what you say, as long as I get entries for ANY KIND of threat online as blocked entered in hosts (and I do by the truckloads every hour here due to my program being automated to pickup that data), they cannot harm me

This is not true! Malware has so many ways it can circumvent a hosts file. A hosts file is great for blocking ad domains, but it does NOT provide strong security.

Here are just some of the ways malware can completely bypass your hosts file:

• It can hardcode a C&C IP address, like the Sony Pictures malware did
• It can hardcode IP addresses for a peer-to-peer network, like the new Zeus variants do
• It can just send the UDP port 53 packets to resolve DNS itself, bypassing the system calls that would check the hosts file
• It can disable checking of the hosts file
• I could keep going. There are a LOT of ways to bypass the OS hosts file.

Whatever you want to call it?

See subject: It's far more than you have http://ask.slashdot.org/commen...

* :)

APK

P.S.=> Face it, Luckyo: You *WISH* you were me... lol!

... apk

Re:Whatever you want to call it?

[Luckyo]

Not a fan of being worshipped. Tends to end really badly for the subject when he's not imaginary.

Best anti-viral software?

Why that would be 'common sense' of course.

KNOW what "fastflux" is?

"NO, by the time those blogs post a domain name, it is not being used anymore. The malware will generate another domain name based on the date/time, and you will not have that domain name in your blacklist." - by bouldin (828821) on Sunday January 25, 2015 @09:50AM (#48898125)

See subject: I'm protected if an entry's blocked in hosts, period. Yes, I have any DGA generated hostnames. I get them from my sources in the security community I noted.

(Gar Warner's excellent on that account, specifically/in particular!)

Secondly: The malware makers/botnet herders etc. own those domain/host names. Thus, they'll recycle (fastflux) & reuse them (more than just potentially) since they own them.

---

"A hosts file is great for blocking ad domains, but it does NOT provide strong security." - by bouldin (828821) on Sunday January 25, 2015 @09:50AM (#48898125)

ACL & UAC + WFP/SFP start out the show there on that account THEN My program furthers that by applying read-only attributes to the hosts file (constantly on a hi-res timer when left resident) and at shutdown of the program. Nothing is going to get thru to write the hosts file while my application runs.

My app's in the way protecting hosts ABOVE those std. measures in Windows.

You fail.

---

"You still don't get it, so I guess I'm giving up. This is like explaining Calculus to a housecat." - by bouldin (828821) on Sunday January 25, 2015 @09:50AM (#48898125)

LMAO - listen you little ARROGANT NOBODY:

Has your work EVER been a FINALIST @ Microsoft TechEd, 2 yrs. in a ROW, in its HARDEST CATEGORY? Mine has. It also went into commercially sold ware to this day because of it. * How about you? You pick on my shareware here, where's YOURS that does a BETTER JOB?? It's not.

APK

P.S.=> Unbelievable - I've been writing code professionally AND SECURING PC's before you were out of diapers I'd strongly wager!

... apk

Re:KNOW what "fastflux" is?

[bouldin]

NO, by the time those blogs post a domain name, it is not being used anymore. The malware will generate another domain name based on the date/time, and you will not have that domain name in your blacklist.

See subject: I'm protected if an entry's blocked in hosts, period. Yes, I have any DGA generated hostnames. I get them from my sources in the security community I noted.

Do you understand what words mean? I've walked you through it, but you still don't understand the difference between DGAs and Fast Flux. I even gave you a link to an opendns blog that explains what DGAs are. I guess you will never get it.

LMAO - listen you little ARROGANT NOBODY: Has your work EVER been a FINALIST @ Microsoft TechEd, 2 yrs. in a ROW, in its HARDEST CATEGORY? Mine has. It also went into commercially sold ware to this day because of it. * How about you? You pick on my shareware here, where's YOURS that does a BETTER JOB?? It's not. APK P.S.=> Unbelievable - I've been writing code professionally AND SECURING PC's before you were out of diapers I'd strongly wager!

Uh, no, you have never written any commercially sold code.

I've developed security products for actual security companies, and work as a security engineer. Where do you "work," your mom's basement?

Arrogant and stupid are a bad combination.

More shutting down your b.s. ... apk

"It can hardcode a C&C IP address, like the Sony Pictures malware did" - by bouldin (828821) on Sunday January 25, 2015 @09:50AM (#48898125)

LOL- that's what I use this for (complimenting hosts) -> http://yro.slashdot.org/commen... (Windows Firewall rules - since they filter by IP addresses - then again, I never *once* claimed hosts stop those, but then again, 99% of malware doesn't USE IP ADDRESSES & instead favors hostnames - I know: I fill my hosts file with data from the major security sites and see both types... daily, for years!)

---

"It can just send the UDP port 53 packets to resolve DNS itself, bypassing the system calls that would check the hosts file" - by bouldin (828821) on Sunday January 25, 2015 @09:50AM (#48898125)

Speaking of hardcoded IP addresses: When I put my favorite sites into hosts @ the top of the hostsfile, I bypass DNS entirely for them (which is how DNS amplification attacks can't affect me since I do that via hosts).

(WTF is it you're *trying* to say here?)

---

"It can disable checking of the hosts file" - by bouldin (828821) on Sunday January 25, 2015 @09:50AM (#48898125)

LMAO - not when my hosts file program is running protecting hosts AND the registry entries for resolution order as I said in my other post, nullifying your "I read it online but never wrote such code myself" bullshit (yes, that's about YOUR speed).

You just got "shot down in flames" again...

APK

P.S.=> You sure "talk a good game" but I don't SEE anything YOU have *EVER* done that did any good, whereas by way of comparison, I could put out a small list of my favorites only that would make you shit your pants... apk

Ok, boy: Tell you what

Write or call Mr. Eric Dickman @ SuperSpeed.com (formerly EEC systems) & find out otherwise (first of all): What code have you written in a product I can verify the same at that is sold commercially?

APK

P.S.=> You make stupid assumptions: Malware can't modify my hosts file (my app protects it BEYOND OS UAC/ACL & WFP/SFP also) & hosts files keep me AWAY FROM SOURCES OF INFESTATION (& I don't use javascript/java etc. to get more) + I conscientiously patch my OS & apps, as well as security harden my system beyond that (of which hosts is a part also) - you talk a LOT OF TALK about "a virus could do this & that" b.s., but it's no good if hosts stop me from getting it in the FIRST PLACE (which hosts are great at), & if I do all that too... apk

Re:Ok, boy: Tell you what

[bouldin]

I'm not contacting Eric or telling you where I work, idiot.

Look back through the comments in this Slashdot post and see if there is a single person who likes you or has any respect for you.

Ok dimwit... apk

"by the time those blogs post a domain name, it is not being used anymore" - by bouldin (828821) on Sunday January 25, 2015 @06:28PM (#48901031)

If a hostname's not used anymore it's not threat 1st of all. Get it? Secondly: THEY OWN THAT NAME (& thus, via fastflux design use in their botnet or future versions, those domains can be reused for malicious purposes).

You have NO imagination or creativity. You're (& now I've just GOTTA say this) just "too, Too, TOO EASY: Just '2ez'" to get the better of on ALL fronts... you're no security pro. You like to TALK like one, but I haven't seen that commercially sold code of yours have I? Nope... I can do that. You? Can't. You fail (on all fronts).

APK

P.S.=> Lastly: IF I have that name (& even DGA generated I do, even if eventually), it is NO THREAT TO ME BLOCKED IN HOSTS (even IF reused/recycled in the future via fastflux botnet design, if not already present in said malware)... Get THAT too? I hope so... lmao!

... apk

HAHAHAHAHAHAHA (knew it)

"I'm not contacting Eric or telling you where I work, idiot." - by bouldin (828821) on Sunday January 25, 2015 @07:24PM (#48901297)

You're full of it (knew it... lol, see subject-line above).

"Look back through the comments in this Slashdot post and see if there is a single person who likes you or has any respect for you." - by bouldin (828821) on Sunday January 25, 2015 @07:24PM (#48901297)

MalwareBytes does, hosting & recommending my program -> http://hosts-file.net/?s=Downl... so what would I need ANYBODY ELSE for?

* You done better?

(Show me, show us all, something of even THAT extent that helps not only surf more reliably & SAFER online, but faster too... ok? Show us you've done better... you can't & you KNOW it, I know it, & anyone reading with 1/2 a brain does by now too!)

APK

P.S.=> I can show you, literally, where a RESPECTED computer security company showcases & recommends my wares in that simple freeware: How about you? NADA/SQUAT/ZIP... you're full of it, period (no balls, & certainly NOTHING to back up your b.s.)... apk

Re:HAHAHAHAHAHAHA (knew it)

[bouldin]

So you're admitting you don't actually have a job, and nobody likes or respects you?

You're not worth worshipping.

I'm like Linus Torvalds in 1 respect: I don't care about you - I care about my ware being the best it can be (just updated today, it is) -> http://start64.com/index.php?o... & personally, I am *NOT* into being worshipped either (sets you up for a fall. Media does it all the time...)

* Which is, of course, clearly beyond your abilities to create (a something that makes folks go faster, more reliably & SAFER online - getting their monies' worth & peace of mind... for FREE!)

Lastly, per my subject-line: You don't merit worship (I'd like to know where you got THAT idea from in the 1st place why did you bring it up?).

Besides: Since you brought up worship (for Lord only knows why as to your reasons) What've you done for your non-existent worshippers (nothing) since you don't merit having any?

APK

P.S.=> Beat that with a stick & do better on YOUR end (you'd be surprised @ the rewards, as there IS a joy in giving alone)... apk

Re:You're not worth worshipping.

[Luckyo]

All I can say is that I'm not sure if you're insane or awesome, or just awesomely insane.

Why would I need anyone else?

No, I just don't need a job (you do evidently) & MalwareBytes does http://hosts-file.net/?s=Downl... : See subject...

APK

P.S.=> Before you talk shit about something? Try it -> http://start64.com/index.php?o... OR do better yourself... apk

Anti-virus is dead

non-admin accounts and Software whitelisting is what you should be doing.

I'm just a regular guy... apk

See subject: However, I do try to do "the right thing" giving others faster, safer, & more reliable online experiences (see below) via skills in coding I've acquired over time since 1982 programming - that's all.

* Life's been good to me so far (as the song goes) so, I thought I'd share that with others.

APK Hosts File Engine 9.0++ SR-1 32/64-bit:

http://start64.com/index.php?o...

(Call it a "pay it forward" since it's free, & does a great job for all of its virtues I extolled above...)

APK

P.S.=> MalwareBytes seems to like my work enough to host & RECOMMEND it here http://hosts-file.net/?s=Downl... & THAT? Is good enough, for me... apk

Re:I'm just a regular guy... apk

[Luckyo]

Awesomely insane it is.

Sane in a crazy world's more like it

See subject: I wish you the same 'craziness' - It pays off in MANY ways http://ask.slashdot.org/commen... again - per my 'p.s.' in that last post of mine to you... I'm quite proud of that (especially vs. all the "flack" I've taken here from trolls on this forums especially here on /. ... having MalwareBytes host & recommend my wares makes ALL the difference!)

* :)

APK

P.S.=> "Onwards & UPWARDS!!!"... apk

baidu antivirus

[bgrf]

Take a look at baidu antivirus, I'm using it for a while and I like it.

Addons = Inferior... apk

Can ghostery/adblock do 16 things hosts do for more speed, security, & reliability:

1.) Protect you vs. malicious sites/servers (beyond malicious adbanners: See 2-10 next)
2.) Protect you vs. fastflux botnets + stop their communication back to C&C servers
3.) Protect you vs. dynamic dns botnets + stop their communication back to C&C servers
4.) Protect you vs. DGA botnets + stop their communication back to C&C servers
5.) Protect you vs. downed DNS servers (adds reliability)
6.) Protect you vs. DNS redirect poisoned dns servers
7.) Protect you vs. DNS amplification attacks
8.) Protect you vs. trackers
9.) Protect you vs. spam sources
10.) Protect you vs. phishing sources
11.) Get you past a dnsbl you don't like
12.) Keep you off dns request logs
13.) Speed up websurfing by adblocking & also hardcoding favorite sites
14.) Work on ANY webbound app (think stand-alone email programs).
15.) Give you direct easily texteditor controlled data for all of the above
16.) Do all of those things & block ads (better than addons) more efficiently in cpu cycles + memory usage

* "?"

APK

P.S.=> ANSWER ="NO" to each above on Ghostery/AdBlock:

Ghostery's Advertiser owned - "A fox guards the henhouse"-> http://en.wikipedia.org/wiki/G...

AdBlock's 4++gb & 100% CPU usage flooring inefficiency -> https://blog.mozilla.org/nneth... + ClarityRay defeats it + it 'souled-out' & is crippled by default paid off to not do its job http://techcrunch.com/2013/07/...

BOTH do far less than hosts do & less efficiently - hosts by way of comparison, do MORE w/ less.

Both add more complexity/room for breakdown/exploit + from a slower mode of operations (usermode = more messagepassing overheads vs. hosts in kernelmode).

Hosts start w/ the IP stack itself before REDUNDANT inefficient addons BEGIN to operate (as 1st resolver queried).

For the BEST hosts file? APK Hosts File Engine 9.0++ SR-1 32/64-bit -> http://start64.com/index.php?o...

... apk

Re:Addons = Inferior... apk

[Luckyo]

Someone will one day post you the obvious "can condoms protect you from" post where they will list things like hand wounds in boxing.

But that will not be today :D

Luckyo, you're MORE than welcome

See subject: To validly prove my points on hosts wrong here http://ask.slashdot.org/commen... as to their superiority to browser addons (that don't do a FRACTION of what hosts can for more speed, security, & reliability online + with less resources consumed, by FAR...)

* Good luck - you'll need a miracle!

"But that will not be today :D" - by Luckyo (1726890) on Tuesday January 27, 2015 @10:06AM (#48914005)

You're right on 1 account: You'll FAIL this FAIR & SIMPLE CHALLENGE put to you - guaranteed.

APK

P.S.=> That's how it always goes - nobody can do it since it CAN'T validly be done... apk