Slashdot Mirror
Ask Slashdot: Should Average Consumers Install More Than One Antivirus Program On Their System?
Even though you would assume that people would know better, an anonymous reader writes, in my experience, I have found many who think installing more than one antivirus program on their computer is the right way to go about it. Some have installed as many as three third-party security suites, which among other things, takes a toll on the performance. This week the New York Times' tech tip section addresses the matter. From the article, which could be paywalled, but you don't have to read it in entirety anyway: Installing more than one program to constantly scan and monitor your PC for viruses and other security threats can create problems, because the two applications will likely interfere with each other's work. Clashing antivirus programs can cause the computer to behave erratically and run more slowly as the applications battle for system resources. Microsoft advises against running its Windows Defender security software on the same system with another installed third-party antivirus program. Likewise, antivirus software companies also warn against using other system security products when you are using theirs; Bitdefender, Kaspersky Lab and
Symantec all have articles on their sites explaining the potential problems in detail. Programs that do not constantly patrol your operating system, like mail scanners, may not be an issue. What do you folks recommend to people who are not as tech-savvy?
Ever since microsoft came out with their windows defender I have seen no need to install any other virus software.
- don't install shit you don't want/need (true for all os) ...
- don't use windows for browsing (especially if you browse to sites you don't trust)
- don't click and open every damn email and attachment you get
https://en.wikipedia.org/wiki/...
"What do you folks recommend to people who are not as tech-savvy?"
Don't take tech advice from a newspaper.
( I don't disagree about installing multiple anti-virus programs, but the NYT is not a highly regarded tech journal)
"National Security is the chief cause of national insecurity." - Celine's First Law
Antivirus programs are a threat, not a mitigation.
... Chrome OS or the expensive equivalent macOS and be done with it.
The only reason to use Windows is if you're running a specific type of software that only runs on Windows, like some engineering tool or some special creative or scientific software. Otherwise I'd recommend anything other than Windows.
If you're running a setup that requires anti-virus software on the client then you're running the wrong setup. Plain and simple.
My 2 eurocents.
We suffer more in our imagination than in reality. - Seneca
Some people even argue that antivirus programs cause more vulnerabilities that they solve and advise not to install any. Besides that, they will make your computer ridiculously slow, and might interfere with each other, possibly causing crashes and false positives.
You are better off using an anti-virus system from the OS maker because they are able to tackle issues better. For example, CPU, bios, boot, drivers, and compiler, are areas where non-OS anti-virus lack support. So if you are on Windows, stick with just Windows for anti-virus. The problem for non-OS AV makers is that since they are not on the inside, they are on the outside, and they let too many parts of the software stack go unchecked not having inside knowledge.
Assuming that US-provided ones have been "assisted" by the NSA, and that at least one other has been "helped" by the KGB, a mix of the two might keep a few more evesdroppers at bay.
For a number of years I have been running MS Security Essentials for Real Time scanning and Clam Win on a weekly schedule. Clam Win will catch malware and other things that MS might miss. MS catches the odd real time threat. The other thing is to be careful of attachments and suspicious links and train other family members on good surfing practices. This has worked for me. Your mileage may vary.
It's already been shown that American products are susceptible to interference by NSA and CIA, and that the manufacturers have already been forced to let some malware slide through, i.e. American AV is insecure and compromised by definition.
You should "cross-guard" by using two AV products, preferably European products that are not susceptible to this kind of interference, such as F-Secure + Kaspersky, or F-Secure + Avast.
If you can afford all three it may or may not be better depending on how you use your computer, because at this point you have to keep the automatic background scanning disabled for heavy work, or it will slow the machine down too much.
Ask Slashdot: Should Average Consumers Install An Antivirus Program On Their Windows System, Nowadays?
Slashdot, fix the reply notifications... You won't get away with it...
... "average consumers" ought to be able to trust the manufacturer of the software they use and so not need any (third party or otherwise) software that's designed to "heroically attempt, but always fail to some degree" to "fix" a problem that's unfixable because bad engineering decisions early on.
So why they would still use any redmondian software at all eludes me.
No, this does not imply a sermon, traditionally delivered while frothing at the mouth, to the tune of "use linux instead", certainly not since systemd became a thing. And with freebsd trying to be linux the way linux is trying to be windows... there really are no good alternatives in the market. That doesn't mean windows is suddenly acceptable. It isn't.
So what "average consumers" ought to do is complain, complain, complain, then complain some more about how shitty their operating software is and shout "GO FIX ALREADY, YOU TECHNO-BABBLE-SPOUTING COMPUTER SCIENCE-Y TYPES." Because "we", the supposedly smart people having made all this crap, ought to do better in this space.
Happy to introduce you :) Lol
[($)]
Is the simple answer.
I usually recommed 3. At least. Then sell the tickets to watch them battle using all the resources, leaving user nothing to work with.
Having multiple third party antivirus is too much of red flags, just how insecure and vulnerable the OS really that one need three antivirus software? And for none tech savvy people I would assume they can live and work with mobile OSes like the Chromium OS. And better yet why not stop this whole dilemma once and for all and install Linux? And don't argue that its "not intuitive" and "not for dummies" until you try and use these distros for at least a week; Elementary OS, Manjaro Deepin, Linux Mint , Ubuntu
When talking to the uninitiated, I like to bring up an analogy using bouncers.
When you have bouncers from just one security firm, things are alright. He'll do his best to keep the baddies out, things can carry on mostly undisturbed. Things ain't perfect, but hey, whatcha gonna do.
On the other hand, if you hire additional bouncers from a different security firm, those two groups will spend most of their time shouting at each other, getting in scuffles, fucking things up for everyone.
This analogy is simple enough to sink in with mom & pop.
Let me know when antivirus software stops people from calling phone numbers on scare pages in the browser or believing that "Microsoft" is actually cold-calling them. The threat model has changed so much between the DOS days and today that the only truly effective security is not falling for scam artist trickery. I get bombed with targeted scams like "check your WHOIS data" that links to somewhere that definitely isn't my hosting provider all the time and I have to talk down "DO NOT TURN OFF COMPUTER, THIS IS MICROSOFT, CALL US" complaints from frightened people almost daily. 80% of the time those people have already willingly allowed the stranger to use their computer remotely.
I'm glad Syskey is getting tossed from Win10; in the meantime I load a reg file on everyone's machine that sets Notepad as the debugger for Syskey to make using it difficult, but I can't do anything to stop them from choosing to get "Microsoft" scammed.
I have only a single-digit count of computers with actual infections on them in the past year. I've seen hundreds of them with "COMPUTER HELP.txt" files on the desktop.
Linux, end of story.
Less than one would be better.
I am sure that there are many other solipsists out there.
I found this out myself on my computer. I had Windows defender and McCaffrey anti virus software running and this caused programs to crash and my Nvidia Geforce GTX 1060 graphics card to lock up. I removed the McCaffrey software and everything cleared up. Just running Defender is probably best in Windows I think.
E Proelio Veritas.
Avira and Malware Bytes currently.
For the most part on anti-virus, Windows Defender will do, but for the average user these days it's more important to have a good anti-malware installed.
Because the average user keeps going into porn websites and shady Google results which install a whole ton of ad-ware, spyware toolbars and whatnot. Those won't be detected by anti-virus.
But these softwares have been stagnant for quite a while... this is one area that could use AI to teach and prevent a whole ton of users from commiting the same exact mistakes that people have been telling not to do since early Internet days.
I'd be particularly keen on an anti-malware software that would write a warning in big red letters when people click on obvious fishing scam e-mails something like: "ARE YOU FUCKING DUMB? STOP USING THE PC RIGHT NOW, YOU ARE NOT QUALIFIED TO IT".
>" What do you folks recommend to people who are not as tech-savvy?"
Run Linux or just get a tablet. That has been my recommendation for many years now.
Antivirus 1: background scanning file foo.dll
Antivirus 2: detected access to foo.dll, scanning file
Antivirus 1: detected access to foo.dll, scanning file
Antivirus 2: detected access to foo.dll, scanning file
Why is my PC so slow?
Antivirus 3: heuristics has detected unusual access to foo.dll, scanning file .....
Both free, compliment each other and don't conflict.
Antivirus 1: background scanning file foo.dll
Antivirus 2: detected access to foo.dll, scanning file
Antivirus 1: detected access to foo.dll, scanning file
Antivirus 2: detected access to foo.dll, scanning file
Why is my PC so slow?
Antivirus 3: heuristics has detected unusual access to foo.dll, scanning file .....
The more important question is why you are playing with the poop in the toilet bowl
Installing multiple AV products is a bad idea. As the summary states, they tend to conflict with each other. Sometimes one will detect the other AV as malware and quarantine some of their files. I've also seen situations where installing multiple AV products will break things (e.g. the networking stack will stop working).
At its best, antivirus software is a necessary evil. It's going to have a negative impact on performance, and will probably inhibit legitimate functionality at some point. You should assume that your antivirus software is only going to catch old and obvious malware, and not rely on it for your system security. In that context, the best choice in antivirus software is the one that is least obtrusive, and using multiple products at the same time is counter-productive.
Just use MS Defender. That is all I run, otherwise raw doggin my PC on the internet and I never get malware. A good ad blocker does wonders since that is probably one of the major automated infection vectors these days that a security conscious person cannot do much about. I am currently using uBlock. I used to use Ad Block Pro but they recently did something to their plugin where it was causing browsing tabs to just lock up for long periods of time uBlock is so much faster. Otherwise following basic security principals of not opening attachments from those you don't know, or unexpected attachments from friends. Being wary of downloading from only legitimate sites. Other wise I manually scan my PC weekly with Malware Bytes and never come up with any malware
If you do have a need to run some questionable software a VM does wonders. Fire it up in the VM, check for any unexpected behaviors, run a malware scan after. If things appear good its probably ok to install outside of the VM.
The more the merrier!
Install as many as your system can bear. You'll be happy! No single antivirus can cope with all the bad, bad things out there! Plan ahead, dimension your system with some spare performance!
I love Linux and use it on my servers. Just so you know I'm not a rabid, metrosexual Apple fanboy. That said, on the desktop, I use macOS and on the couch, I've used a Chromebook. I've come to the conclusion that a lot of (but not all) problems can be avoided if the average consumer would just get a MacBook or a Chromebook.
Nothing wrong with Windows (I use it on my media PC) but you simply have to "keep driving on the regular highways". And that's just too much to ask from a regular consumer.
8 of 13 people found this answer helpful. Did you?
The real question is whether antivirus software does anything other than making money for vendors.
This is eactly what Multi-Core is for!
Core 1: Windows Defender
Core 2: Windows DRM
Core 3: AntiVirus #1
Core 4: AntiVirus #2
Core 5: AntiMalware
Core 6: AntiMalware #2
Core 7: Windows OS
Core 8: Whatever is left for "user" processes
I have never used an anti-virus software and have windows defender disabled. I have never been infected by a virus for over 25 years. The only thing I use now is an internal and an additional external firewall to keep Microsoft and the government from spying on me. I also never open attachments or download freeware from sites that do not have a good reputation. (Knock on wood!)
As a computer repair tech, I've seen many computers that had more than one AV program installed. It may work for a day, or even a couple of weeks. Ultimately the computer slows to a crawl, and people start thinking they have a virus.
Don't install multiple AV software.
There's a headline. What was the question again?
Oh yes ... for once MS is right: Just Run One for real-time purposes. Defender is OK; it'll do the job for most people. If you want belt & suspenders, let it do limited occasional runs while something else handles real-time. Avast et al. do better for some things, worse for others, and cost something (money, system slowdown, annoying advertising messages, etc.). And the others will usually try to sell you more than you need: Windows these days has a decently functional firewall, for instance, so why do you need to buy (they're never free with AV packages) another one?
I do occasionally download Malwarebytes and run it as a prophylactic. It sometimes catches stuff that Avast, Defender, et al. don't - call it a second opinion. Then uninstall it, because there will be a completely new version by the time I want to run it again. And because it always installs real-time scanning which I (and my non-tech friends) already have, thank you. If they ask about a problem they're having, I might use it for troubleshooting.
What do you folks recommend to people who are not as tech-savvy?
Same thing as I would recommend to folks who are. NO!
I don't understand the tone of the summary. It implies there is a situation where it is a good idea to install multiple. There's not. Don't do it.
Not using anything microsoft based, or better still, dont touch anything that can get on the internet. It already has way too many stupid people on it and is on its way to imploding from the weight of human stupidity. Thanks.
Uninstall flash, java and all anti virus programs and use the ms stuff. Install adblockers on one broswer that always clears the cache when you shut down use this for porn and other consumption sites Install a second browser that also clears cache and operates in private mode use this for shopping and banking.
Avoid email, but keep two and use two email programs. Have an email alias for each site you shop and each banks, never use email for porn
Avoid social media that market you
Always use a nickname
Saying I use Windows firewall cause it's as good as the rest, is a real common phrase. While they are unaware or forget anyone holding a certificate issued by Microsoft can pass through as if it didn't exist.
Finding the the best AV (which is all that's needed) can't really be done anymore. I used VX.Heavens http://preview.tinyurl.com/ybk... (long gone) and found at the time NOD32 (Eset) did around 85% and the best. The test was to download, open, and move the zip file contents elsewhere, and which did what when.
All that's available to use now is use the EICAR test file https://en.wikipedia.org/wiki/... that all AV's are capable of finding (it's hardcoded).
I long ago quit using an AV and put all my trust in a good hosts file, reliable Firewall (old version of Comodo), and to use autoruns on occasion to find the ones that might of been missed (one's running from the temp directory) https://docs.microsoft.com/en-...
If one installs Comodo anymore, autoruns can also disable all of the Geek Squad crap. But Comodo fails the leaktext https://www.grc.com/lt/leaktes... (12 year old test) and not recommended. - Creates a virtual process but it still connects.
All that to say; your on your own - it's a personal preference.
Some of the worst possible performance I have ever seen in my life has been from multiple antivirus softwares fighting with each other for access to a file. For example, you browse to a folder that contains a zip file... Windows Defender starting to scan the file (it gets first dibs because hey, written by operating system manufacture, what do you think?), other antivirus hooks CreateFileW and starts to scan it too. Now you have two applications seeking back and forth over the ZIP FILE trying to unzip it so they can peer inside and "make it safe". It extended what should have been small browsing operations from just a few seconds to many, many minutes.
If you're evaluating antivirus software, a good measure is how much raw data reads they do when you're just browsing your file system and not opening any actual files. Some of them halt processes and scan the entire file when the file is even just queried from the file table (not even when actually opened), and you end up with file iteration taking as long as it takes to read the entire file contents.
There is no place in this world for antivirus.
If they're so dumb that they can't stop from clicking on executables, install windows S on their computer and let them suffer it. Its still more effective than antivirus is.
The signature based solution game is done. Use something that identifies malware using machine learning and AI. This does away with frequent storage scanning and isn't prone to mutated malware. The crimeware thugs are reusing much of the same code and tactics and make minor changes to evade signature based defense so for the love of God, stop playing their game!
x = 0
where x is the number of antivirus software needed
As stated many times in the thread:
Use ONLY one online AV suite at any one time, as two or more will interfere amongst themselves. But, if you (or the non-thechnically-saavy-user) wants an added level of security, use an off-line non installed AV.
I've had reasonable sucess with TrendMicro's HouseCall, but there are others. Use that to scan your machine off-line as needed (in my case, once a month).
This has had sucess in the bootcamp partition of my main machine, as well as the windows only machines of many an accountant at my brother's office.
EOM
I thought everyone here knew that Kaspersky has a backdoor for FSB.
APK Hosts File Engine 9.0++ SR-7 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/
Ads/script & malware rob speed/security/privacy
Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).
Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus + less security bugs/complexity & faster vs. addons/routers/remote dns!
Avoids DNSChangers in routers/IP settings & dns redirects (99.999% of ISP DNS != patched vs. it) + lightens DNS load & resolves faster from local system RAM!
* Via what u NATIVELY have in the IP stack in FASTER kernelmode!
APK
P.S. - Safe https://www.virustotal.com/en/file/e01211ca36aa02e923f20adee0a3c4f5d5187dc65bdf1c997b3da3c2b0745425/analysis/1433430542/
I'd recommend running Windows defender in this case. For a system not used to exchange files with other systems, I would tell non-technical their likliest attack vector is through malcious websites and would recommend installing adblocker o. General purpose browsers. For exchanging files via USB, I might
Suggest a third party av for scanning removable media; not some bloatware that takes over many aspects of the computer but just does a dedicated scan when you have files/filesystems from untrusted sources. AVG is good but bloaty. WinClam/ClamAV are Windows ports of Clam AV, a well known Linux/FreeBSD antivirus. It's commonly deployed on webserver and the virus definitions are constantly updated from the same open source virus definition pools as most other AV's.
There is a right way and a wrong way to have multiple antivirus programs on the computer.
The right way: Only one of them can be using an active component that's looking out for viruses in realtime. You can manually run scans or schedule them, just make sure they don't overlap, those scans take time after all.
The wrong way: Any time you have scans overlap or have more than one realtime component running. They are trying to do the same thing with the same parts of the system, and that will usually slow your system, can cause obvious software issues, and can cause inobvious ones as well, like they don't work properly and miss things.
Warning: Antivirus programs have signatures of known viruses, and because of this they can have false positives on each other. Because of this you will have to set up each program to exclude the files and directories belonging to all the others, or you will probably get annoyed by lots of alerts from the false positives, and if they automatically quarantine or remove anything, they can eviscerate each other. You do NOT want that happening.
Honestly though, the improvement you get in antivirus security by using multiple programs is barely better than the best of the single best antivirus you're running, and may have no improvement at all. If they're free, hey, it's your system. But if you paid for them, you're wasting money.
(Years of testing and troubleshooting antivirus programs at a well known software company. Antivirus was my specialty. )
Any halfway decent, non-bloated anti-virus software and smart browsing habits will defend you from known viruses in the wild. Keeping up to date with the latest updates from Windows guarantees you are up to date with 0-day attack vectors no anti-virus will defend you from.
"Should Average Consumers Install More Than One Antivirus Program On Their System?"
No, they should move to a Linux Distro and quite frankly I'm amazed you have to ask such a question on slashdot.
Certified computer repair technician, for all that you care for an AC's opinion...
Antivirus is worthless.
I'm not talking about any one product in particular. No matter how much you polish them, they're all turds--some are just slightly more solid or shiny turds. The entire concept is backwards. User education, common sense, and using secure software can eliminate over 90% of the threats on the internet.
Yes, I know it's damn near impossible to educate a user. Believe me, I've tried. You can lead a horse to water... And yes, if common sense were truly common it'd just be called sense. Since you can't uninstall the user, focus on addressing what you can fix.
In this case, install a sane browser: chrome, firefox, whatever so long as it's not IE (I'd say 'edge,' but we all know that's just IE in a pretty new dress). Install adblock plus or something along those lines, since most of this crap comes from malicious ads. For the users willing to deal with the hassle added security brings, NoScript (or some variant) would help immensely. I'd advise against using Windows entirely, but users don't want to learn new things--they never do.
For everything else: backups--either manual or backup imaging software like Acronis. If something gets on the system? Pull back and nuke it from orbit. Nothing of value lost.
TL;DR: focus on keeping threats off the system, not trying to fix an infected system when most viruses are written specifically to disable antivirus or antivirus simply doesn't remove some things (rogue antimalware, for instance).
Just want to be sure I read the question correctly. Oh wait, I don't have this problem.
Back in my day, antiviruses would fight *to the death* for control over boot!
I'm sure it has been said already, but here are my 2 cents, for Windows at least.
I have 50 users where I work. They all log in to their PCs with standard (non-power) user accounts. Almost all those PCs have windows defender as the sole real-time AV product . I get about 1 or 2 malware problems every 3 months or so. They are almost always limited to a single user profile and wiped clean by a spybot/malwarebyes scan. I have 3 people who, in terms of internet things, are real suckers, and they have Bitdefender on their PCs with some additional configurations to protect them from malicious stuff.
The single biggest thing to protect users is removing permissions. The day I downgraded people from power user to user was the day I was basically able to say bye bye to AV and watch all their PCs get infected less, and get faster and last longer.
The main issue we still have is mainly "social engineering". It could be a pop-up that gets by a browser's usual bans and looks like ransomware (I had one guy send someone $200 bucks in a panic) even though killing the browser window or logging off or rebooting would have been the end of it. Or it could be an email that looks legit and tricks someone to enter a dialogue with someone looking to manipulate them into sending money or giving away information.
Only disease-ridden LUDDITES need virus-checking software! Modern appers only app clean apps!
I'm sorry, did you have a point, or are you just linux-bashing? I've got an anecdote that refutes your anecdote:
I've installed various distros of linux on various cheap/used laptops for the past ten years (my current personal laptop is an appx. 10-year old Toshiba I bought for $40, running the latest Manjaro and does everything I need just fine) and have never seen nor even heard of the issue you mention happening on a single laptop.
Sounds like you have a hardware issue from where I'm sitting.
So far, I've had good experience with (on Win10) plain old windows Defender and VoodooShield. Yes, VoodooShield is not an AV per se, it's got some of that capability, but mostly functions as an application whitelist. When used properly (ie, let it run and block anything that you haven't specifically run), it seems to work magically. I've even got both of my parents, who are to put it mildly.. technologically reclined... to use it properly and haven't had problems since. Good kit, free, and good enough I even dropped $20 for the pro version which mostly lets you tweak some settings that I really haven't had a need to tweak.
I always tell people who cannot think further than Windows to at least install VirtualBox and a virtual OS, be it Linux [that I wholeheartedly recommend] or Windows and browse the Internet from it. Then you don't need any AV even if you're not particularly computer literate.
"It is no measure of health to be well adjusted to a profoundly sick society." - Jiddu Krishnamurti