Every week I run regular scans across my workhorse PC; Defender, Spybot, Malwarebytes, adwcleaner.
They never find a single germ; or, at least none is reported.
Except that adwcleaner always reports the same pre-installed software.

It often occurs to me as wasted time, but then a little warning light at
the back of my head speaks out; "Better safe than sorry; you know how
the world works - stop the checks and some malware will suddenly appear".
Maybe I'm simply running competent permanent AV and firewall.

What do others think of this?

Ed

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Ed,

They never find a single germ; or, at least none is reported.

...

Maybe I'm simply running competent permanent AV and firewall.

The above seems to suggest something else : you seem to be a competent user
of your 'puter, who is not installing random stuff nor are you opening email attachments just because you receive them.

IOW, you seem to have (the best of) anti-virus and -malware installed into
that wetware (brains) of yours. As a result the AV -malware software on
your 'puter simply has nothing to do.

Regards,
Rudy Wieser

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 12/27/2024 6:04 AM, Ed Cryer wrote:

Every week I run regular scans across my workhorse PC; Defender, Spybot, Malwarebytes, adwcleaner.
They never find a single germ; or, at least none is reported.
Except that adwcleaner always reports the same pre-installed software.

It often occurs to me as wasted time, but then a little warning light at
the back of my head speaks out; "Better safe than sorry; you know how
the world works - stop the checks and some malware will suddenly appear". Maybe I'm simply running competent permanent AV and firewall.

What do others think of this?

I haven't used AV regularly since about 2000. I use a fiirewall,
so anything trying to get out will be picked up. Anything trying
to hack in will be blocked. I know how to recognize suspect email.
I use NoScript to block script online whenever possible.

Intrusions don't come from nowhere. They need to exploit a
vulnerability. That mostly means browser script, trick emails that
use "social engineering", or remote execution software. The latter
is the primary problem in corporate settings because they don't
use safe operating procedures. They regularly use things like Remote
Desktop, which in turn is one of the major problems.

On rare occasions I've seen something suspicious and run a
portable AV program like Clam. In general I think the whole paradigm
of AV is outdated. When it first came out, definitions needed
updating once a month. The definitions were 1 MB. Now it's more like
300 MB every few hours. And they still can't be trusted to find
0-day attacks, which are probably the biggest threat. Our tax
dollars pay the NSA to cook up 0-days, along with creepy companies
in Israel, so that cellphones and computers can be accessed by law
enforcement. That, in turn, is what allowed China to recently conduct
extensive hacks.

It's a whole different landscape from the days
of watching out for Melissa or "All you data are belong to us." Hacking
is professional now. The world is full of sneaky governments and clever,
hungry people who are just a network connection away from having
a chance to scam you or access your bank account.

The way we use computers and what we do with them
has to change in order to have reasonable security. With that in mind,
I would never do online banking, rarely use a cellphone, avoid
shopping online, use credit cards minimally, and avoid keeping
sensitive data on my computer, never use debit cards and never
use a credit card at a gas pump or other unattended locations.

Most people are not willing to live that way. Most people bank, shop,
call Ubers and DoorDash; it's all seamless and it's all online. The big complaint is that they actually have to lift their arm to wave their
iPhone at store checkouts. That's a way of life. In that way of life
you have your credit and bank accounts monitored and you accept
occasional scams as unavoidable.

So, if you don't mind incredibly bloated AV programs dragging on
your system and occasionally reporting false positives, then you might
also get some small benefit. For people who don't understand tech
security, software updates and AV are really the only option.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

TmV3eWFuYTIgd3JvdGU6DQo+IE9uIDEyLzI3LzIwMjQgNjowNCBBTSwgRWQgQ3J5ZXIgd3Jv dGU6DQo+PiBFdmVyeSB3ZWVrIEkgcnVuIHJlZ3VsYXIgc2NhbnMgYWNyb3NzIG15IHdvcmto b3JzZSBQQzsgRGVmZW5kZXIsIA0KPj4gU3B5Ym90LCBNYWx3YXJlYnl0ZXMsIGFkd2NsZWFu ZXIuDQo+PiBUaGV5IG5ldmVyIGZpbmQgYSBzaW5nbGUgZ2VybTsgb3IsIGF0IGxlYXN0IG5v bmUgaXMgcmVwb3J0ZWQuDQo+PiBFeGNlcHQgdGhhdCBhZHdjbGVhbmVyIGFsd2F5cyByZXBv cnRzIHRoZSBzYW1lIHByZS1pbnN0YWxsZWQgc29mdHdhcmUuDQo+Pg0KPj4gSXQgb2Z0ZW4g b2NjdXJzIHRvIG1lIGFzIHdhc3RlZCB0aW1lLCBidXQgdGhlbiBhIGxpdHRsZSB3YXJuaW5n IGxpZ2h0IA0KPj4gYXQgdGhlIGJhY2sgb2YgbXkgaGVhZCBzcGVha3Mgb3V0OyAiQmV0dGVy IHNhZmUgdGhhbiBzb3JyeTsgeW91IGtub3cgDQo+PiBob3cgdGhlIHdvcmxkIHdvcmtzIC0g c3RvcCB0aGUgY2hlY2tzIGFuZCBzb21lIG1hbHdhcmUgd2lsbCBzdWRkZW5seSANCj4+IGFw cGVhciIuDQo+PiBNYXliZSBJJ20gc2ltcGx5IHJ1bm5pbmcgY29tcGV0ZW50IHBlcm1hbmVu dCBBViBhbmQgZmlyZXdhbGwuDQo+Pg0KPj4gV2hhdCBkbyBvdGhlcnMgdGhpbmsgb2YgdGhp cz8NCj4+DQo+IA0KPiAgwqDCoCBJIGhhdmVuJ3QgdXNlZCBBViByZWd1bGFybHkgc2luY2Ug YWJvdXQgMjAwMC4gSSB1c2UgYSBmaWlyZXdhbGwsDQo+IHNvIGFueXRoaW5nIHRyeWluZyB0 byBnZXQgb3V0IHdpbGwgYmUgcGlja2VkIHVwLiBBbnl0aGluZyB0cnlpbmcNCj4gdG8gaGFj ayBpbiB3aWxsIGJlIGJsb2NrZWQuIEkga25vdyBob3cgdG8gcmVjb2duaXplIHN1c3BlY3Qg ZW1haWwuDQo+IEkgdXNlIE5vU2NyaXB0IHRvIGJsb2NrIHNjcmlwdCBvbmxpbmUgd2hlbmV2 ZXIgcG9zc2libGUuDQo+IA0KPiAgwqAgSW50cnVzaW9ucyBkb24ndCBjb21lIGZyb20gbm93 aGVyZS4gVGhleSBuZWVkIHRvIGV4cGxvaXQgYQ0KPiB2dWxuZXJhYmlsaXR5LiBUaGF0IG1v c3RseSBtZWFucyBicm93c2VyIHNjcmlwdCwgdHJpY2sgZW1haWxzIHRoYXQNCj4gdXNlICJz b2NpYWwgZW5naW5lZXJpbmciLCBvciByZW1vdGUgZXhlY3V0aW9uIHNvZnR3YXJlLiBUaGUg bGF0dGVyDQo+IGlzIHRoZSBwcmltYXJ5IHByb2JsZW0gaW4gY29ycG9yYXRlIHNldHRpbmdz IGJlY2F1c2UgdGhleSBkb24ndA0KPiB1c2Ugc2FmZSBvcGVyYXRpbmcgcHJvY2VkdXJlcy4g VGhleSByZWd1bGFybHkgdXNlIHRoaW5ncyBsaWtlIFJlbW90ZQ0KPiBEZXNrdG9wLCB3aGlj aCBpbiB0dXJuIGlzIG9uZSBvZiB0aGUgbWFqb3IgcHJvYmxlbXMuDQo+IA0KPiAgwqAgT24g cmFyZSBvY2Nhc2lvbnMgSSd2ZSBzZWVuIHNvbWV0aGluZyBzdXNwaWNpb3VzIGFuZCBydW4g YQ0KPiBwb3J0YWJsZSBBViBwcm9ncmFtIGxpa2UgQ2xhbS4gSW4gZ2VuZXJhbCBJIHRoaW5r IHRoZSB3aG9sZSBwYXJhZGlnbQ0KPiBvZiBBViBpcyBvdXRkYXRlZC4gV2hlbiBpdCBmaXJz dCBjYW1lIG91dCwgZGVmaW5pdGlvbnMgbmVlZGVkDQo+IHVwZGF0aW5nIG9uY2UgYSBtb250 aC4gVGhlIGRlZmluaXRpb25zIHdlcmUgMSBNQi4gTm93IGl0J3MgbW9yZSBsaWtlDQo+IDMw MCBNQiBldmVyeSBmZXcgaG91cnMuIEFuZCB0aGV5IHN0aWxsIGNhbid0IGJlIHRydXN0ZWQg dG8gZmluZA0KPiAwLWRheSBhdHRhY2tzLCB3aGljaCBhcmUgcHJvYmFibHkgdGhlIGJpZ2dl c3QgdGhyZWF0LiBPdXIgdGF4DQo+IGRvbGxhcnMgcGF5IHRoZSBOU0EgdG8gY29vayB1cCAw LWRheXMsIGFsb25nIHdpdGggY3JlZXB5IGNvbXBhbmllcw0KPiBpbiBJc3JhZWwsIHNvIHRo YXQgY2VsbHBob25lcyBhbmQgY29tcHV0ZXJzIGNhbiBiZSBhY2Nlc3NlZCBieSBsYXcNCj4g ZW5mb3JjZW1lbnQuIFRoYXQsIGluIHR1cm4sIGlzIHdoYXQgYWxsb3dlZCBDaGluYSB0byBy ZWNlbnRseSBjb25kdWN0DQo+IGV4dGVuc2l2ZSBoYWNrcy4NCj4gDQo+ICDCoMKgIEl0J3Mg YSB3aG9sZSBkaWZmZXJlbnQgbGFuZHNjYXBlIGZyb20gdGhlIGRheXMNCj4gb2Ygd2F0Y2hp bmcgb3V0IGZvciBNZWxpc3NhIG9yICJBbGwgeW91IGRhdGEgYXJlIGJlbG9uZyB0byB1cy4i IEhhY2tpbmcNCj4gaXMgcHJvZmVzc2lvbmFsIG5vdy4gVGhlIHdvcmxkIGlzIGZ1bGwgb2Yg c25lYWt5IGdvdmVybm1lbnRzIGFuZCBjbGV2ZXIsDQo+IGh1bmdyeSBwZW9wbGUgd2hvIGFy ZSBqdXN0IGEgbmV0d29yayBjb25uZWN0aW9uIGF3YXkgZnJvbSBoYXZpbmcNCj4gYSBjaGFu Y2UgdG8gc2NhbSB5b3Ugb3IgYWNjZXNzIHlvdXIgYmFuayBhY2NvdW50Lg0KPiANCj4gIMKg wqAgVGhlIHdheSB3ZSB1c2UgY29tcHV0ZXJzIGFuZCB3aGF0IHdlIGRvIHdpdGggdGhlbQ0K PiBoYXMgdG8gY2hhbmdlIGluIG9yZGVyIHRvIGhhdmUgcmVhc29uYWJsZSBzZWN1cml0eS4g V2l0aCB0aGF0IGluIG1pbmQsDQo+IEkgd291bGQgbmV2ZXIgZG8gb25saW5lIGJhbmtpbmcs IHJhcmVseSB1c2UgYSBjZWxscGhvbmUsIGF2b2lkDQo+IHNob3BwaW5nIG9ubGluZSwgdXNl IGNyZWRpdCBjYXJkcyBtaW5pbWFsbHksIGFuZCBhdm9pZCBrZWVwaW5nDQo+IHNlbnNpdGl2 ZSBkYXRhIG9uIG15IGNvbXB1dGVyLCBuZXZlciB1c2UgZGViaXQgY2FyZHMgYW5kIG5ldmVy DQo+IHVzZSBhIGNyZWRpdCBjYXJkIGF0IGEgZ2FzIHB1bXAgb3Igb3RoZXIgdW5hdHRlbmRl ZCBsb2NhdGlvbnMuDQo+IA0KPiAgwqAgTW9zdCBwZW9wbGUgYXJlIG5vdCB3aWxsaW5nIHRv IGxpdmUgdGhhdCB3YXkuIE1vc3QgcGVvcGxlIGJhbmssIHNob3AsDQo+IGNhbGwgVWJlcnMg YW5kIERvb3JEYXNoOyBpdCdzIGFsbCBzZWFtbGVzcyBhbmQgaXQncyBhbGwgb25saW5lLiBU aGUgYmlnDQo+IGNvbXBsYWludCBpcyB0aGF0IHRoZXkgYWN0dWFsbHkgaGF2ZSB0byBsaWZ0 IHRoZWlyIGFybSB0byB3YXZlIHRoZWlyDQo+IGlQaG9uZSBhdCBzdG9yZSBjaGVja291dHMu IFRoYXQncyBhIHdheSBvZiBsaWZlLiBJbiB0aGF0IHdheSBvZiBsaWZlDQo+IHlvdSBoYXZl IHlvdXIgY3JlZGl0IGFuZCBiYW5rIGFjY291bnRzIG1vbml0b3JlZCBhbmQgeW91IGFjY2Vw dA0KPiBvY2Nhc2lvbmFsIHNjYW1zIGFzIHVuYXZvaWRhYmxlLg0KPiANCj4gIMKgIFNvLCBp ZiB5b3UgZG9uJ3QgbWluZCBpbmNyZWRpYmx5IGJsb2F0ZWQgQVYgcHJvZ3JhbXMgZHJhZ2dp bmcgb24NCj4geW91ciBzeXN0ZW0gYW5kIG9jY2FzaW9uYWxseSByZXBvcnRpbmcgZmFsc2Ug cG9zaXRpdmVzLCB0aGVuIHlvdSBtaWdodA0KPiBhbHNvIGdldCBzb21lIHNtYWxsIGJlbmVm aXQuIEZvciBwZW9wbGUgd2hvIGRvbid0IHVuZGVyc3RhbmQgdGVjaA0KPiBzZWN1cml0eSwg c29mdHdhcmUgdXBkYXRlcyBhbmQgQVYgYXJlIHJlYWxseSB0aGUgb25seSBvcHRpb24uDQoN CkkgZmluZCBpdCBpbXBvc3NpYmxlIHRvIGxpdmUgYSB3b3J0aHdoaWxlIGxpZmUgdG9kYXkg d2l0aG91dCB0aGUgTmV0Lg0KSSBidXkgb25saW5lLCBiYW5rIG9ubGluZSwgcmVhZCBuZXdz IG9ubGluZSwgZmluZCBmcmllbmRzIGFuZCBkaXNjdXNzaW9uIA0Kb25saW5lLg0KSWYgeW91 IHNheSAiZG9uJ3QgZG8gaXQiLCB0aGVuIEkgY2FuIG9ubHkgc2F5IHRoYXQgbXkgbGlmZSB3 aWxsIGJlIA0KZGlmZmljdWx0IGFuZCBpbXBvdmVyaXNoZWQuDQoNCkEgY291cGxlIG9mIHJl YWwgZXh0cmFjdHMgZnJvbSBteSByZWNlbnQgbGlmZSB3aWxsIGlsbHVzdHJhdGUuDQoNCkkg Y2FsbGVkIGluIG15IGJhbmsgdG8gZHJhdyBjYXNoIGZyb20gYW4gQVRNOyBpdCByZWZ1c2Vk IG1lOyBJIGNhbGxlZCANCmZvciBhbiBhc3Npc3RhbnQsIGFuZCBzaGUgc2FpZCAiRG8geW91 IGhhdmUgYSBwaG9uZT8iICJZZXMiLiBBbmQgc2hlIA0KZ3VpZGVkIG1lIHRocm91Z2ggdG8g dGhlaXIgb25saW5lIHNpdGUsIGFuZCBmdXJ0aGVyIG9uIHRvIHdoZXJlIG15IFBJTiANCndh cyByZXZlYWxlZC4gSSdkIGdvdCBvbmUgZGlnaXQgd3JvbmcuDQoNCkkgZ290IGFuIGVtYWls IGluIG15IEp1bmsgZm9sZGVyIChNUyBPdXRsb29rIGFjY291bnQpLiBJdCBzYWlkICJJJ3Zl IA0KaGFja2VkIHlvdXIgYWNjb3VudCwgYW5kIEknbSBwb3N0aW5nIHRoaXMgZnJvbSBpdC4g UGF5IHVwIC4uLi4uLi4iDQpJIGtuZXcgaW5zdGluY3RpdmVseSB0aGF0IGl0IHdhcyBzY2Ft LCBzbyBJIGp1c3QgZXhhbWluZWQgdGhlIHdlYm1haWwgb2YgDQpteSBhY2NvdW50LCBhbmQg dGhlcmUgd2FzIG5vIHNpZ24gb2YgYW55IGluZmlsdHJhdGlvbi4NCkNvbmNsdXNpb247IHNv bWUgYXNzaG9sZSBoYWQgZ290IG15IGVtYWlsIGFkZHJlc3MgZnJvbSBzb21lIG90aGVyIA0K YXNzaG9sZSwgYW5kIHdhcyBwdWxsaW5nIGEgZmFzdCBvbmUuDQoNClRoaXMgaXMgbm90IGdv b2QsIGl0IHRha2VzIGEgbGl0dGxlIGNvbXB1dGVyLXNhdnZ5bmVzcyB0byBnZXQgYnksIGJ1 dCANCml0J3MgcHJlZmVyYWJsZSB0byBsaXZpbmcgYSBwYXJhbm9pZCBsaWZlIHdoZXJlIHRo ZSBzY2FtbWVycyB3aW4uIERvIA0KYmF0dGxlLCBmaWdodCB0aGUgZ29vZCBmaWdodCBhbmQg ZmVlbCBsaWtlIGEgbWFuLg0KDQpFZA0K

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 12/27/2024 3:06 PM, Ed Cryer wrote:

Newyana2 wrote:

On 12/27/2024 6:04 AM, Ed Cryer wrote:

Every week I run regular scans across my workhorse PC; Defender,
Spybot, Malwarebytes, adwcleaner.
They never find a single germ; or, at least none is reported.
Except that adwcleaner always reports the same pre-installed software.

It often occurs to me as wasted time, but then a little warning light
at the back of my head speaks out; "Better safe than sorry; you know
how the world works - stop the checks and some malware will suddenly
appear".
Maybe I'm simply running competent permanent AV and firewall.

What do others think of this?

    I haven't used AV regularly since about 2000. I use a fiirewall,
so anything trying to get out will be picked up. Anything trying
to hack in will be blocked. I know how to recognize suspect email.
I use NoScript to block script online whenever possible.

   Intrusions don't come from nowhere. They need to exploit a
vulnerability. That mostly means browser script, trick emails that
use "social engineering", or remote execution software. The latter
is the primary problem in corporate settings because they don't
use safe operating procedures. They regularly use things like Remote
Desktop, which in turn is one of the major problems.

   On rare occasions I've seen something suspicious and run a
portable AV program like Clam. In general I think the whole paradigm
of AV is outdated. When it first came out, definitions needed
updating once a month. The definitions were 1 MB. Now it's more like
300 MB every few hours. And they still can't be trusted to find
0-day attacks, which are probably the biggest threat. Our tax
dollars pay the NSA to cook up 0-days, along with creepy companies
in Israel, so that cellphones and computers can be accessed by law
enforcement. That, in turn, is what allowed China to recently conduct
extensive hacks.

    It's a whole different landscape from the days
of watching out for Melissa or "All you data are belong to us." Hacking
is professional now. The world is full of sneaky governments and clever,
hungry people who are just a network connection away from having
a chance to scam you or access your bank account.

    The way we use computers and what we do with them
has to change in order to have reasonable security. With that in mind,
I would never do online banking, rarely use a cellphone, avoid
shopping online, use credit cards minimally, and avoid keeping
sensitive data on my computer, never use debit cards and never
use a credit card at a gas pump or other unattended locations.

   Most people are not willing to live that way. Most people bank, shop,
call Ubers and DoorDash; it's all seamless and it's all online. The big
complaint is that they actually have to lift their arm to wave their
iPhone at store checkouts. That's a way of life. In that way of life
you have your credit and bank accounts monitored and you accept
occasional scams as unavoidable.

   So, if you don't mind incredibly bloated AV programs dragging on
your system and occasionally reporting false positives, then you might
also get some small benefit. For people who don't understand tech
security, software updates and AV are really the only option.

I find it impossible to live a worthwhile life today without the Net.
I buy online, bank online, read news online, find friends and discussion online.
If you say "don't do it", then I can only say that my life will be
difficult and impoverished.

A couple of real extracts from my recent life will illustrate.

I called in my bank to draw cash from an ATM; it refused me; I called
for an assistant, and she said "Do you have a phone?" "Yes". And she
guided me through to their online site, and further on to where my PIN
was revealed. I'd got one digit wrong.

I got an email in my Junk folder (MS Outlook account). It said "I've
hacked your account, and I'm posting this from it. Pay up ......."
I knew instinctively that it was scam, so I just examined the webmail of
my account, and there was no sign of any infiltration.
Conclusion; some asshole had got my email address from some other
asshole, and was pulling a fast one.

This is not good, it takes a little computer-savvyness to get by, but
it's preferable to living a paranoid life where the scammers win. Do
battle, fight the good fight and feel like a man.

Ed

If it works for you... Probably the more risks you take online,
the more relevant AV is as an extra protection. My impression
is that the Windows anti-malware is pretty good these days,
but I'm not expert on that.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 12/27/2024 4:55 PM, Newyana2 wrote:

On 12/27/2024 3:06 PM, Ed Cryer wrote:

I find it impossible to live a worthwhile life today without the Net.
I buy online, bank online, read news online, find friends and discussion online.
If you say "don't do it", then I can only say that my life will be difficult and impoverished.

A couple of real extracts from my recent life will illustrate.

I called in my bank to draw cash from an ATM; it refused me; I called for an assistant,
and she said "Do you have a phone?" "Yes". And she guided me through to their online site,
and further on to where my PIN was revealed. I'd got one digit wrong.

I got an email in my Junk folder (MS Outlook account). It said "I've hacked your account, and I'm posting this from it. Pay up ......."
I knew instinctively that it was scam, so I just examined the webmail of my account, and there was no sign of any infiltration.
Conclusion; some asshole had got my email address from some other asshole, and was pulling a fast one.

This is not good, it takes a little computer-savvyness to get by, but it's preferable
to living a paranoid life where the scammers win. Do battle, fight the good fight
and feel like a man.

Ed

If it works for you... Probably the more risks you take online,
the more relevant AV is as an extra protection. My impression
is that the Windows anti-malware is pretty good these days,
but I'm not expert on that.

You would use some AV-Comparatives PDF reports, to see how the
built-in protection fares against the rest. There are real time
scans, heuristic protection tests, legacy (signature) based
checks, a variety of bake-off tests that AV-Comparatives runs.
"When a thing doesn't have a rating, you take any rating
you can dig up."

https://www.av-comparatives.org/vendors/microsoft/

(one and two stars)

https://www.av-comparatives.org/vendors/eset/

(three stars)

*******

[Picture]

https://i.postimg.cc/tTD2vtX5/AV-Comparative-windows-Defender-vs-ESET.gif

Now, once you see this, the AV-Comparatives have PDF document files
with the actual numbers attained in the tests (how many exploits got
through, as small integer numbers). And a "dismal looking" star level
report, might not really, numerically, be all that much different.

The ESET I selected as a reference, they have varied from year
to year on performance. Microsoft slipped big-time, a long time
ago, when Microsoft first got into the game. There is a lot of
"pull up your socks" in this business, which is why you look into
the PDF level reports and study them, hoping to find a theme.

When some of the companies with "A" in their name consolidated,
it would mean some layoffs and redundancy, and subject matter
experts could quit and retire or quit and move elsewhere. And if
a company falls on economic hard times, they can cut back on
their staffing to compensate... with some impact on performance.

The picture above does not immediately scare me, but it does
say that it is time to read the PDF level stuff.

*******

One of the differentiators, is Heuristic protection, and the
ability to recognize a brand new threat for which you have
no Signature Definition, is trying to get into the machine.
The Kaspersky subscription I had yonks ago, used to notice
that all the programs were accessing the OS random number
generator, and put a notification on the screen of doom
and gloom based on an (apparently) normal behavior. But that
is part of heuristic, is watching what programs do, and
stomping them mercilessly if they get out of line.

When I tried to install FRAPS frame rate measurement software,
Kaspersky and FRAPS got into a knife fight, and the activity
of the two was so furious, the machine locked up :-) Thinking
about it later, the response was actually perfect. That's
because FRAPS was carrying out an un-allowed behavior, on
every Program Files folder, and Kav would have none of it.

Not many of the programs, have that protection type.

And for the ones that do have that protection type, the
head to head performance has varied quite a bit.

Still, if I had to armor myself, even if the ESET reports
weren't all that good this week, I might prefer to use
them than to use ClamAV (a non-real time signature based
scanner, which is the lowest form of protection possible
and still call it protection).

AV-Comparatives does not treat all fifty AV companies
equally. They don't waste their time on rubbish. And the
rubbish can be spotted in virustotal scans, as the
ones that "could not open the file for scanning".

That too is a measure of competence, if your "bargain protection"
can't even open a 7ZIP file and scan it. Yikes.
Right now, Microsoft has their compression-lib in the
OS, and there is now native 7z support in at least Windows 11,
and quite likely in Windows 10. I don't bother to test this,
as I have a copy of the real 7ZIP, and do not need the
File Explorer version. Executables are packed with thirty
different packers, and your AV must have a copy of each
and every one of those, or they're no protection at all.
Suspicious executables ("snake-oil") will be obscured
by two packers, and that is how I can tell I don't
even want to install their stuff. If you use one packer,
it means you're trying to save bandwidth costs -- if you
use *two* packers, it means you are hiding something and
are not to be trusted.

Sometimes I use Virustotal scans for the colour commentary,
as much as for the AV scan. There can be clean files,
for which I don't like the description of what they're doing,
which is listed on Virustotal.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 12/28/2024 2:08 AM, Paul wrote:

When I tried to install FRAPS frame rate measurement software,
Kaspersky and FRAPS got into a knife fight, and the activity
of the two was so furious, the machine locked up :-) Thinking
about it later, the response was actually perfect. That's
because FRAPS was carrying out an un-allowed behavior, on
every Program Files folder, and Kav would have none of it.

Not many of the programs, have that protection type.

That's an interesting point. Doing things I didn't ask it to
do is, for me, a sign of overproduced ninny software. Like
MalwareBytes, which scans the Registry for all non-ninny
settings and then lists them as potential problems, without
explaining the reasoning.

Why would I want a program that doesn't allow access to
program folders? I'm asking it to look for malware, not to
tell me how to manage my business. Over time, a lot of
products have gradually bloated into firewall/AV/ninny programs
for people who don't have an inkling about security and just
want a big dog guarding the door. There's a big cost to that,
in terms of resource hogging and restrictions, as the programs
monitor every file touched and every action taken.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, 12/28/2024 7:34 AM, Newyana2 wrote:

On 12/28/2024 2:08 AM, Paul wrote:

When I tried to install FRAPS frame rate measurement software,
Kaspersky and FRAPS got into a knife fight, and the activity
of the two was so furious, the machine locked up :-) Thinking
about it later, the response was actually perfect. That's
because FRAPS was carrying out an un-allowed behavior, on
every Program Files folder, and Kav would have none of it.

Not many of the programs, have that protection type.

 That's an interesting point. Doing things I didn't ask it to
do is, for me, a sign of overproduced ninny software. Like
MalwareBytes, which scans the Registry for all non-ninny
settings and then lists them as potential problems, without
explaining the reasoning.

  Why would I want a program that doesn't allow access to
program folders? I'm asking it to look for malware, not to
tell me how to manage my business. Over time, a lot of
products have gradually bloated into firewall/AV/ninny programs
for people who don't have an inkling about security and just
want a big dog guarding the door. There's a big cost to that,
in terms of resource hogging and restrictions, as the programs
monitor every file touched and every action taken.

If Firefox reached into your Chrome folder and modified it,
how would you feel about that ?

Say, for example, two products were competing on speed,
and the competing product suddenly slowed down, after the other
product got installed.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 12/28/2024 9:06 AM, Paul wrote:

On Sat, 12/28/2024 7:34 AM, Newyana2 wrote:

On 12/28/2024 2:08 AM, Paul wrote:

When I tried to install FRAPS frame rate measurement software,
Kaspersky and FRAPS got into a knife fight, and the activity
of the two was so furious, the machine locked up :-) Thinking
about it later, the response was actually perfect. That's
because FRAPS was carrying out an un-allowed behavior, on
every Program Files folder, and Kav would have none of it.

Not many of the programs, have that protection type.

 That's an interesting point. Doing things I didn't ask it to
do is, for me, a sign of overproduced ninny software. Like
MalwareBytes, which scans the Registry for all non-ninny
settings and then lists them as potential problems, without
explaining the reasoning.

  Why would I want a program that doesn't allow access to
program folders? I'm asking it to look for malware, not to
tell me how to manage my business. Over time, a lot of
products have gradually bloated into firewall/AV/ninny programs
for people who don't have an inkling about security and just
want a big dog guarding the door. There's a big cost to that,
in terms of resource hogging and restrictions, as the programs
monitor every file touched and every action taken.

If Firefox reached into your Chrome folder and modified it,
how would you feel about that ?

I'm not worried about that. It doesn't happen. I'm more concerned
with me being able to reach into those folders without being shackled.

Say, for example, two products were competing on speed,
and the competing product suddenly slowed down, after the other
product got installed.

Then I'd look into it. But I don't install security products
based on theories of how I could possibly need them given a
scenario that hasn't actually occurred. If I find raccoons in
my living room then I'll start looking for large holes in the wall.
I don't need to hire someone to hunt for holes, based on the
premise that raccoons in my living room is a possible future.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Paul in Houston TX wrote:

Ed Cryer wrote:

Every week I run regular scans across my workhorse PC; Defender,
Spybot, Malwarebytes, adwcleaner.
They never find a single germ; or, at least none is reported.
Except that adwcleaner always reports the same pre-installed software.

It often occurs to me as wasted time, but then a little warning light
at the back of my head speaks out; "Better safe than sorry; you know
how the world works - stop the checks and some malware will suddenly
appear".
Maybe I'm simply running competent permanent AV and firewall.

What do others think of this?

Ed

I have never used active AV.  My machines are behind the incoming ATT
cable modem firewall.  From there the signal is Etherneted and natted to
my own router.  It has another firewall.
That router assigns the local addresses.
Each computer has an old,old Zone Alarm software firewall.
All the firewalls are set to stop data flow if things get strange.
Twice a year I run a scan from a live Linux usb dongle.
The comp's O/S's are OFF for those scans.
My local router has an on/off button, the computers are set for instant
off via button, and zone alarm can instantly shut off internet access.
For me, nothing else is needed.  My machines are cloned every two weeks
and the clone drives are then unplugged.
The last virus I found was in 1996 when my son deliberately put one on
my gamer to see what would happen.  It was a benign virus, fortunately.
I never click on any green buttons, especially the ones that say, "Click
here for a good time".

Your son sounds like a really nice guy.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Ed Cryer wrote:

Every week I run regular scans across my workhorse PC; Defender, Spybot, Malwarebytes, adwcleaner.
They never find a single germ; or, at least none is reported.
Except that adwcleaner always reports the same pre-installed software.

It often occurs to me as wasted time, but then a little warning light at
the back of my head speaks out; "Better safe than sorry; you know how
the world works - stop the checks and some malware will suddenly appear". Maybe I'm simply running competent permanent AV and firewall.

What do others think of this?

Ed

I have never used active AV. My machines are behind the incoming ATT
cable modem firewall. From there the signal is Etherneted and natted to
my own router. It has another firewall.
That router assigns the local addresses.
Each computer has an old,old Zone Alarm software firewall.
All the firewalls are set to stop data flow if things get strange.
Twice a year I run a scan from a live Linux usb dongle.
The comp's O/S's are OFF for those scans.
My local router has an on/off button, the computers are set for instant
off via button, and zone alarm can instantly shut off internet access.
For me, nothing else is needed. My machines are cloned every two weeks
and the clone drives are then unplugged.
The last virus I found was in 1996 when my son deliberately put one on
my gamer to see what would happen. It was a benign virus, fortunately.
I never click on any green buttons, especially the ones that say, "Click
here for a good time".

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)