Some AV protection

Any other tech-related topics
Message
Author
carbonize
Posts: 363
Joined: Wed Jan 09, 2008 1:16 am
Location: Bristol, UK
Contact:

Re: Some AV protection

#46 Post by carbonize »

It's all well and good not using an AV so long as it's not the family computer. I have no protection on my laptop as i am the sole user but on this desktop I have a running AV and scan monthly with MBAM.

skall
Posts: 7
Joined: Wed Feb 18, 2015 8:48 am

Re: Some AV protection

#47 Post by skall »

3K3 wrote:Malwarebytes Anti-Malware Portable
UniEx on installer:
all in {App} -> mbam folder (portable package)
Configuration folder ({commonappdata}\Malwarebytes\Malwarebytes' Anti-Malware) -> mbam\Users folder

Launcher=MBsAnti-Malware.exe

Config Options (Launcher.ini):
[MBsAnti-Malware]
Command Line Parameters=commas to separate params
[Windows Integration]
Start MBsAnti-Malware At Login=startup reg value
Send To Shortcut=Scan with Malwarebytes Anti-Malware Portable option
[FileASSASSIN]
Integrate Into Shell=right-click options on files
i would like to give mbam portable a try, but there have been quite some changes (different launcher name - mbam.exe), is this guide still valid for recent versions?

User avatar
joby_toss
Posts: 2970
Joined: Sat Feb 09, 2008 9:57 am
Location: Romania
Contact:

Re: Some AV protection

#48 Post by joby_toss »

Impact of security software on system performance investigated:

http://hexus.net/tech/news/software/844 ... estigated/

User avatar
Midas
Posts: 6705
Joined: Mon Dec 07, 2009 7:09 am
Location: Sol3

Re: Some AV protection

#49 Post by Midas »

joby_toss wrote:Impact of security software on system performance investigated:

http://hexus.net/tech/news/software/844 ... estigated/

Wow! According to those figures, out of 20 products only Emsisoft and Avast can be considered negligible, IMHO... :shock:

User avatar
webfork
Posts: 10818
Joined: Wed Apr 11, 2007 8:06 pm
Location: US, Texas
Contact:

Re: Some AV protection

#50 Post by webfork »

Midas wrote:... only Emsisoft and Avast can be considered negligible
I do generally recommend Avast so this will give some weight to that recommendation. I've only been able to test two AV solutions but on very different computers: Avast seems fast on my older magnetic drive device but occasionally it gets in the way while doing something hard drive-intensive.  Meanwhile on my other machine, McAfee doesn't really register against a very fast SSD.  As such, it's interesting to see some clear numbers about what's probably taking the most processor cycles between both machines.

User avatar
Midas
Posts: 6705
Joined: Mon Dec 07, 2009 7:09 am
Location: Sol3

Re: MBAM warning

#51 Post by Midas »

FYI, Ghacks recently published an alert regarding MBAM (MalwareBytes Anti-Malware):

User avatar
tactictoe
Posts: 283
Joined: Thu Dec 10, 2015 10:56 am
Location: A galaxy far far downunder
Contact:

Re: Some AV protection

#52 Post by tactictoe »

I used Avast in the past and did enjoy it. I don't use it anymore. Why? It does block the output of compilation of software with: embarcadero product (Delphi and C++ IDE). It even put output release to it's quarantine zone. Sometime it crashed the PC during compilation so badly I lost hours of work. No matter what I tried to stop this behavior nothing worked but turn of the real time scanner. For me and me only I had to go with another solution.

This post to 'revive' the debate as I found it interesting.

User avatar
joby_toss
Posts: 2970
Joined: Sat Feb 09, 2008 9:57 am
Location: Romania
Contact:

Re: Some AV protection

#53 Post by joby_toss »

Former Mozilla Engineer: Your Antivirus Is Poison, Remove It Now
Robert O'Callahan wrote:If you’re currently running third-party antivirus on your computer, remove it now. In case you’re considering buying one, don’t do it. Antivirus solutions are poison for the software ecosystem.
Original blog post: http://robert.ocallahan.org/2017/01/dis ... xcept.html

Note: I don't agree with everything he said, but that was a fun reading... :)

User avatar
Midas
Posts: 6705
Joined: Mon Dec 07, 2009 7:09 am
Location: Sol3

Re: Some AV protection

#54 Post by Midas »

Revisiting the topic, I recently came across this unsettling info regarding antivirus software... :astonished:

RACK911 Labs has come up with a unique but simple method of using directory junctions (Windows) and symlinks (macOS & Linux) to turn almost every antivirus software into self-destructive tools.

BTW, related topic at viewtopic.php?t=23565.

User avatar
SYSTEM
Posts: 2041
Joined: Sat Jul 31, 2010 1:19 am
Location: Helsinki, Finland

Re: Some AV protection

#55 Post by SYSTEM »

Midas wrote: Sat Aug 08, 2020 7:12 am Revisiting the topic, I recently came across this unsettling info regarding antivirus software... :astonished:

RACK911 Labs has come up with a unique but simple method of using directory junctions (Windows) and symlinks (macOS & Linux) to turn almost every antivirus software into self-destructive tools.
WTF? That's a classic TOCTOU vulnerability. Security professionals of all people should be easily able to avoid it.
My YouTube channel | Release date of my 13th playlist: August 24, 2020

User avatar
Midas
Posts: 6705
Joined: Mon Dec 07, 2009 7:09 am
Location: Sol3

Re: Some AV protection

#56 Post by Midas »

SYSTEM wrote:WTF? That's a classic TOCTOU vulnerability.

Is it? Great to know, then. Nothing like the expert overview... :sunglasses:

Post Reply