Antivirus Poll - 2013 (July - September)

Nope. It's hot right here.

 

I'm using MSE. I could probably get away with none but I keep it around as a last line of defence. I may change to avast at some point. I've used that before and was very happy with it.

 

None in realtime.
On demand (scan once per month): HitmanPro, MBAM.

 

Hmmm... interesting to see that as of right now, "None" leads the list.....

 

What's more interesting is the ones that are still currently at "0"s. The ones getting hits are mostly vendors who have unofficial ongoing threads here or some form of representative on this forum. Take a look at NOD32 (ESET), Avast, BitDefender and EAM for e.g. That says something about Wilders taste when it comes to AVs.

 

I also think that the fact that it isn't a multiple choice poll plays a role

 

Hahahahaha Wilders helps them to get a couple users.

 

Will change that on next poll. I 100% agree. Multiple choice is needed in this forum especially that people change their set ups as lot.

 

Avast! 8 freebie

 

Or people that own multiple PC's.

 

I don't use any AV. Even on Windows. Blacklisting is dead. Whitelisting is the way to go. It is WAY to easy to defeat/bypass/kill AV's - at best they are a forewarning system. At worst they can be used as an attack surface.

 

Switched from Avast 8 to F-Secure. Both have little system drag, trouble free, don't know they are there except Avast has some pop-ups and that voice.

 

Each to their own I guess

 

Which has protected me and my family for almost a decade.

 

Yup Setting up SRP is not for everyone. I also implement EMET with it to be safe and several other prevention mechanisms.

Maybe, but for all we know you have been infected by malware that wasn't detected and had no signatures at the time of infection.

On a more serious note, I just don't trust AV's to protect me nor keep my data private. To much is sent back if you use any other the major AV's, the all use "cloud" services now. Some even run with too high of privileges. I don't remember what AV did this but there was a whitepaper a few years back and they managed to hijack the AV's service and control what the AV could see/scan. Even using it to flag legit files as malware, and allow new malware in.

 

Semi-intentionally infected myself back there. Dang ThinkPoint...

Yes, I can understand it. Although I have never heard an AV was being exploited and then backfired to the user in real-life situation. That's why I prefer to use an AV which has a BB or HIPS module, if I was using one with real-time services. I don't trust SRP more than a signature + heuristic based AV, personally.

Just curious though, what are you using to determine if your computer is clean or infected, and how do you tell if a downloaded file is legit or malware (assuming that you have to execute/open a file from some unknown source)?

 

+ 1 None.

 

I don't blanket trust SRP. But I also don't install apps that aren't known. My windows usage only runs Adobe premier and Visual Studio.

I don't open anything on the computer that is from an unknown source. Even on my daily machine (linux) I run such things in a hardened Linux VM with no networking or anything. I keep PDF's isolated as I don't trust them. The VM is then reverted back to a safe state once closed.

As far as exe's I don't run them. I only need a very few things in windows so I only install from the reputable companies. Most are open-source. I also use Noscript in firefox and sandboxie. EMET is used the strength exploit mitigation. SRP is the final line of defense. I do run Comodo D+ as well. HIPS are a good thing.

If I am ever worried about something that may have gotten in I will use a boot disk like kaspersky to scan it. I only mean I don't run a real-time AV. I do use MBAM to scan some files to be sure but it's on-demand ONLY and runs from a flash drive that has all of my recovery tools on it.

 

Then you're using an AV lol, just with different approach. We're on the same boat it seems.

I was just wondering if there's another way to detect (possible) infections other than AVs (be it real-time AVs or on-demand or even VirusTotal-like services). I know some members here are completely not using an AV, like TOMxEU-san for example. Thus, I'm curious if there's such method?

 

Avira in my main system and Avast in my VM (I could not get Avira to work in the VM).

Acadia

 

Using WSA here...

 

As a last resort Just to see if it's known or not. I PM'd you so this thread can stay on topic

 

Isnt that the same thing?

 

Avira Premium 2013.