Still no infection

[gunslinger]

Agreed - I run adblocker, don't click on stuff and rarely go to sites I am not completely sure about.
So far, so good...
From time to time, I do run a scan on the machine, which has been clean for the last 8 years, without a resident AV.

But again - wouldn't ever suggest that to anyone who is not completely sure about what he's doing (or whom I have to support )

So, when its all said and done it comes down to educating users. Thats proven to be the only way to truly stay safe on the net. I think AV gives people a false sense of security and they may even be more likely to engage in risky browsing if they have it because they think they are invincible.


Ive been running AV free for over 7 years on personal machines. You have been running for 8. There are several others that have been running AV free for years without issues. The only explanation for this is browsing habits. As I said before, I worry about any "tech" who gets infected regularly. You are doing something wrong. Stop looking at porn on the PC (save that for the Mac and Linux box) and don't install software you don't fully trust and you should have little to no problems. It really is that simple.

 

[coffee]

Here is what I have observed with customers and viruses.

Your basic customer is looking at a program and they decide to download/install it. They click on the link and install what they think is their program but the site has been compromised and the download link has changed to the virus. Now they are infected. Also, Alot of links for (example) libreoffice at the top of the search page go to sites that add the crapware to the download or have various hard to see click boxes for this crapware. So, They think they are just installing libreoffice (or whatever) and they are actually getting alot more then they bargained for.

There is also the kids. They want to play some game on like, facebook. But when they go to play it tells them "You need to install this to work". So, They go ahead and the virus software starts yelling at them. Their reply is "I dont care, I just want to play the game". So, They infect the computer.

Another avenue of infection is email too. We cannot forget that. Remember the UPS spam email deal

Have a good one,

coffee

 

[jft135]

There is also the kids. They want to play some game on like, facebook. But when they go to play it tells them "You need to install this to work". So, They go ahead and the virus software starts yelling at them. Their reply is "I dont care, I just want to play the game". So, They infect the computer.

I had this happen once. It was the third time in less than a month that the client got reinfected. Finally I decided to really investigate where the viruses were coming from. I figured out that it was the daughter who got really upset with me for getting her in trouble with her mom. Mom brought her in so I could show her what she was doing wrong. I tried downloading eicar.com (AV test file) and when the AV warning popped up she says, "I hate that stupid thing. It keeps bothering me no matter how many times I click ignore."

The good news is I've seen the daughter since then and she appears to be alive and unharmed.

 

[brandonkick]

I've been infected once or twice in the last five or six years, but its been my fault every time and I could have avoided it if I wanted too.


I still do run anti-virus though. I usually run MalwareBytes and make sure I keep everything up to date. I don't really see a hit in performance, and I'm not getting infected so why mess with it if its been working for me.

 

[gunslinger]

I've been infected once or twice in the last five or six years, but its been my fault every time and I could have avoided it if I wanted too.


I still do run anti-virus though. I usually run MalwareBytes and make sure I keep everything up to date. I don't really see a hit in performance, and I'm not getting infected so why mess with it if its been working for me.

So I have been infected once in 7 years, another guy has not been infected in 8 years and we run our computers naked. You have been infected once or twice in the last five or six years and you were running AV. So whats the point? If you are going to get infected as much (or more) while running AV why put up with the headache?

 

[brandonkick]

So I have been infected once in 7 years, another guy has not been infected in 8 years and we run our computers naked. You have been infected once or twice in the last five or six years and you were running AV. So whats the point? If you are going to get infected as much (or more) while running AV why put up with the headache?

All I was saying is that I agree with you. I would be going on 7 or 8 years infection free if I hadn't knowingly done something stupid. It was my fault, and I more or less knew it was going to result in me getting a virus. I honestly didn't care as I was in a rush at the time and I had nothing valuable / personal / irreplaceable on the computer.

I was saying "yes, it would be fine for those who know what they are doing to go without anti virus".

The last part was me just saying that I continue to run it for that feel good feeling, the security blanket which I may or may not need and because I feel no difference in system speed with or without it.

 

[SilverLeaf]

Back in the day when I ran Windows on my personal machines, I would frequently run without A/V, and never had a problem. I did always use a custom hosts file though, usually MVPS. This helped a lot. I still use it today on all my Linux boxes, not so much for malware protection, but for its excellent ad blocking features. You can't connect to a FQDN, if your hosts file resolves it to 127.0.0.1

Now, on my Windows VM's, I just use MSSE. It's lightweight and unobtrusive, and hasn't let anything through yet.

 

[mikeroq]

The only place that I use AV is my work computer and any computer of mine that I let other people use. For myself, no AV.

Chrome + Adblock + Mind = Win.

Never had an issue. My belief is the best protection is your mind (and AV for regular folk). I block ads, I click the right download link, I quit IE, etc.

 

[gunslinger]

All I was saying is that I agree with you. I would be going on 7 or 8 years infection free if I hadn't knowingly done something stupid. It was my fault, and I more or less knew it was going to result in me getting a virus. I honestly didn't care as I was in a rush at the time and I had nothing valuable / personal / irreplaceable on the computer.

I was saying "yes, it would be fine for those who know what they are doing to go without anti virus".

The last part was me just saying that I continue to run it for that feel good feeling, the security blanket which I may or may not need and because I feel no difference in system speed with or without it.

I see what you are saying.You are using the AV for that worm fuzzy feeling...lol

The only place that I use AV is my work computer and any computer of mine that I let other people use. For myself, no AV.

Chrome + Adblock + Mind = Win.

Never had an issue. My belief is the best protection is your mind (and AV for regular folk). I block ads, I click the right download link, I quit IE, etc.

Exactly!

 

[lan101]

i just run my browsers in sandboxie just to be sure. other than that no a/v here either. Been that way over 2 years and no issues. chrome has its own sandbox environment too so that helps.

 

[gunslinger]

i just run my browsers in sandboxie just to be sure. other than that no a/v here either. Been that way over 2 years and no issues. chrome has its own sandbox environment too so that helps.

Proof that a little common sense goes a long way. Since this thread started I have been to over 100 sites that are supposed to be the worst for being infected and cannot seem to get infected without manually installing the Virus/Malware. You would have to be 4 years old or mildly retarded to be infected.


This says to me that something is very wrong with the way most of my customers use their computers. I don't think they are THAT stupid. I think they just feel invincible because they are running an AV.


That being said I think the three main problems are these:

1. people keep hitting the "next" button without paying attention to whats actually being installed.


2. When downloading files, almost every customer I have ever had chooses to open the file rather than save it to the computer. This is a sure way to be infected. I even disable this on my Mac.


3. People fall for the "you have to install this special player to play your porno vids" then are too ashamed to admit it.

 

[brandonkick]

IMO it's that most people don't actually know how to run a computer system. They know how to do the things they were shown, but don't really have a very good understanding of what to do and what not to do. So they find themselves in a situation that COULD result in trouble, and they don't know any better. It's like flipping a coin. Sooner or later it is going to come up trouble.

Then you have the adventurous type, who has learned a little bit and is feeling very confident now. They will mess with anything, and aren't afraid to screw things up. They get brave, wind up playing with things they shouldn't and end up screwing up the computer.

Finally the warez/pron people. They honestly don't care whether or not their activities are bad for the computer. All they know is that they aren't paying for the hot new album of the day or that naughty dvd that caught their eye. Doesn't matter what sites they go to looking for the stuff, and they will click on any link that seems to be what they are looking for. Even the educated pirates are at risk, as a lot of these files have stuff packed in with them.


It's not that their really stupid, it's just that their either uneducated or just plain unconcerned with what they are doing.

 

[citizensmith]

Id agree about lack of education.
From todays' theRegister http://www.theregister.co.uk/2014/02/28/cryptolocker_victims_pay_up_survey/
"findings include that more than a quarter (28.2 per cent) of respondents in the survey claim not to engage in any security practices online, such as using antivirus software, firewalls, or password management tools."
Unbeleivible. I have no ethical problem taking the cash to sort out their foul ups. Guess its like the garage mechs. They crash, you fix, they pay. They crash again and so have to pay again. Education? Only way to stop them clicking everything is to breake their mouse

 

[mr m]

I don't think they are THAT stupid. I think they just feel invincible because they are running an AV.

Some are that stupid. Most are just amateurs. I just had a woman click a phony Adobe Flash update window. While looking for the page that infected her it looked nothing like an official Adobe update warning. We know this from staring at this crap all day but the EU will never get it. We also see these things enough to realize Adobe will prompt us just after Win boots or will install automatically if set up that way.

When I first got the call this lady insisted on reading all the pop ups. Now I've mentioned many times here it is our job to control the situation and not waste time by letting the customer dictate the troubleshooting process. I had to keep interrupting her to make her realize that whatever was popping up was BS.

Even after she said "Oh, I get it" she would keep trying to read me pop up from the tons of malware she loaded. She is a teacher so she is no dummy. Most clients will never get it...that's why they call us.

What is so simple to us is scary to most. Think of the "User Account Control" pop up that started with Vista. How does a client really know if it's real? There are two of them no less.

Anyway, I'm cautious like you you except I use an AV and have surfed porn sites...strictly for educational purposes. I'm not click happy and I can smell when a pop up is real or phony. I also save as opposed to open.

I run MSE on my Win-based bench rigs and I'm going to scan with my usual preferred tools to see how clean they are.

 

[ComputerRepairTech]

• I have seen worms travel infect people through ports with no user interaction
• I have seen devices like mp3 players in sealed packaging with malware preloaded
• I have seen picture files like .jpg that execute viruses from just highlighting the file or have anything try to view it.
• I have seen legit programs have their update servers compromised and transmit malware
• I have seen popular websites compromised

and some of you actually think its a good idea to run without an AV? There is no performance loss for MOST of the AV only products for the past....what 8 years!? (well unless your running one of those really cheap single core processors then theres a tiny tiny tiny performance hit) There is absolutely no reason not to run an AV...well unless you're infecting yourself on purpose. I personally run bitdefender because thats what I sell to clients and if theres an issue I experience it first hand.

As far as security updates go i have seen microsoft take 2-3 weeks on critical security updates several times thats 2-3 weeks AFTER the exploit is in the wild. Most AV companies take less than 48 hours hell i've seen some AV companies detect fresh exploits in less than 8 hours.

Putting on my seatbelt every morning is WAY WAY WAY more of an inconvenience than running my AV. I don't have to do anything its just there running updating automatically.

 

[HFultzjr]

The reason I use antivirus is not so much for protection.

I use it because I SELL IT to my customers.

I'm expected to know how it works, what settings to user, how to answer pop-ups and basically provide support to my customers.

I agree, I could probably run naked (not a pretty sight) and not get infected.

Most of my "machines" have a different anti-virus on it at any point in time.

That is how I learn what to recommend to my customers.

A fully patched system is very hard to infect, except for click happy customers.

Just my thoughts.

 

[gunslinger]

• I have seen worms travel infect people through ports with no user interaction
• I have seen devices like mp3 players in sealed packaging with malware preloaded
• I have seen picture files like .jpg that execute viruses from just highlighting the file or have anything try to view it.
• I have seen legit programs have their update servers compromised and transmit malware
• I have seen popular websites compromised

and some of you actually think its a good idea to run without an AV? There is no performance loss for MOST of the AV only products for the past....what 8 years!? (well unless your running one of those really cheap single core processors then theres a tiny tiny tiny performance hit) There is absolutely no reason not to run an AV...well unless you're infecting yourself on purpose. I personally run bitdefender because thats what I sell to clients and if theres an issue I experience it first hand.

As far as security updates go i have seen microsoft take 2-3 weeks on critical security updates several times thats 2-3 weeks AFTER the exploit is in the wild. Most AV companies take less than 48 hours hell i've seen some AV companies detect fresh exploits in less than 8 hours.

Putting on my seatbelt every morning is WAY WAY WAY more of an inconvenience than running my AV. I don't have to do anything its just there running updating automatically.

Ive seen all of that too. And yet me and several other techs run AV free and don't get infected. How is that possible? So lets see. I can run with an AV and not get infected or I can run without one and not get infected....hmmmm

 

[ComputerRepairTech]

Ive seen all of that too. And yet me and several other techs run AV free and don't get infected. How is that possible? So lets see. I can run with an AV and not get infected or I can run without one and not get infected....hmmmm

Are you really asking? because the answer is very obvious. Statistically speaking you are unlikely to encounter (i mean happen to you personally) any of those things I listed. Just like statistically speaking its unlikely you will die in a car crash but that doesnt mean driving around without a seat belt is a good idea. If there were no seat belt laws I would still wear a seat belt, i mean why not it helps protect me and i have no reason not to put it on.

 

[gunslinger]

Are you really asking? because the answer is very obvious. Statistically speaking you are unlikely to encounter (i mean happen to you personally) any of those things I listed. Just like statistically speaking its unlikely you will die in a car crash but that doesnt mean driving around without a seat belt is a good idea. If there were no seat belt laws I would still wear a seat belt, i mean why not it helps protect me and i have no reason not to put it on.

I think the difference between having my seat belt on and having an AV is this:

Its pretty obvious that if I crash going much over 30 MPH I could be hurt badly by not having a seat belt on. On the other hand, if you know what you are doing I think you are just as safe without an AV as with one. Also with the backups I make even on the off chance I did get infected I don't stand to lose anything. So whats the point?


I guess if it makes you feel more secure and gives you the warm fuzzies, by all means run you some AV Boo-boo.

 

[ComputerRepairTech]

I think the difference between having my seat belt on and having an AV is this:

Its pretty obvious that if I crash going much over 30 MPH I could be hurt badly by not having a seat belt on.

You do realize that really has nothing to do with the point I was making. The point I was making is even if its a small chance of an accident why not buckle up because theres really no reason not to. Just like theres no reason not to run an AV. I have a gps tracking app on my phone even though its incredibly unlikely that I will ever lose it or that it would be in a position where it gets stolen but I lose nothing by having that extra protection on there.

On the other hand, if you know what you are doing I think you are just as safe without an AV as with one.

Thats obviously not correct. As I explained here: http://www.technibble.com/forums/showthread.php?p=426315#post426315

Also with the backups I make even on the off chance I did get infected I don't stand to lose anything. So whats the point?

again what is the point of NOT running an AV? your backups use way more resources.