but Malware does exist. I do understand the argumentation that 'which not exist is difficult to protect against' is a good reason to say no to AV's because no one knows if they really can hold what they promise. But there exist several protection mechanism like HIPS which were originally designed to protect against 'typically malware behavior'. An example would to change the bootloader or change your DNS server to redirect your entire traffic (for e.g. grab your account data or a bot net). This 'detection' works on several layers, but mostly what we call 'signatures'. The problem is that OS itself gets more and better protection mechanism + router manufactures already realizing this too and offering better and better firmware's. This is (imho) a slow process but it's better than 10 years ago. If you patch your Software/OS more often or ASAP when an update comes out you also lower the attack surface + together with several known protection mechanism (which are already offered for years by the OS itself) e.g. not use an Admin account (use UAC high + password when a software gets installed). Such things are only need to be done once and then you're 'mostly' good to go. Since most stuff requires admin rights and then you get a big warning (from UAC). So then the malware guys frighted back and gave us Ransomeware which not want to change some OS files, it want to change and encrypt files which aren't requiring additional user rights (so no UAC promt). The problem here was that the AV still things it's okay because the user wanted to do that, how should he know the difference if it's not in any database?! So it shows that the guys are smart and they always find ways to bypass your AV, if they want. I not say give up because if you use an AV or not they will get into your system but I do say that as a user you not need to buy a product (which you trust) and then get disappointing if it really comes to an attack. My point is that you (again) better use an sandbox to deal with the infection in the first place, which means even if you got infected it gets deleted after you shutdown your sandbox. Of course a sandbox not helps against data theft (pishing) but that's another point. I think a sandbox + backups are good and an easy solution for everyone. I still think that your router + firmware should be the first line of defense, not the OS by itself.
There is news... And it tells us, that the growing group of people who refuse to use any AV software, except MS buil-in and an occasional malwarebytes run, are right. http://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html
Almost half the pc's out there today are running Windows 7 and M$ essentials AV is not installed by default, Telling non-tech folks not to use an AV would put some Windows 7 users at risk I install free version of Bitdefender for people
I need to disagree, users are forced to update the OS and it offers new protection mechanism, if you stay on a outdated OS then it's your own risk. You have to upgrade your OS if you want or not and there is no reason to no doing this. You also need to fill your car tank, if you want or not. On tech level stay up2date. E.g. MS (non rs1) not offered additional ransomeware protection while since RS1 they added additional driver signing which already stops most ransomeware from doing more damage. ALL without any AV btw!
People are ALWAYS at risk. Bitdefender or not... No AV-software helps against the real problem of zero days exploits. And on top of it, the company whose software you install, has access to every last thing on your computer.
The only working ransomware protection needs to be in your head, when you read your mails... And you think that driver will guarantee safety for ever and ever? Sure....
i've slowly worked my way backwards from using norton, moving to avfree, to turning it off most of the time to not using any at all, besides a malware check every blue moon. nothing bad happened so far
Not true, even pros can get infected, there exist also javascript based ransomeware which works within your browser/local files. To say 'use your brain' is horrible wrong, you can't know every single new threat and how to response to it. The thing is if you disable everything and work on highest level then you can't use the internet because videos not working, javascript not showing and and and. Which is then pointless because you can't response or create/upload something. Loots of people using their browsers like an OS, they watch videos, hearing music and doing all s**t with it, so in my opinion the Browser is one of the biggest problems/weaknesses which needs really a good 'protection' (but I already explained that). I not say I think that low level protection can't be bypassed but if an attacker needs more effort to crack/hack something then he might switch to an easier system to get faster in/out.
I have to agree with Chef here. You can't possibly know if a legitimate website has been hacked. And new threats are coming out every day.
And what kind of protection would you recommend? As someone who hacks a legitimate site will not use one that is rarely used, und he will not use a old script, but a new zero day exploit...
I would recommend: 1 ) Do not use Java. It is not safe. If you absolutely must use it, install the Java Run time, do what you have to do and uninstall it. 2 ) Make sure all updates are in place. Especially Microsoft Silverlight, which has been shown to have vulnerabilities. 3 ) Make regular -external- backups of your system. If something goes awry, you can always restore from a backup. 4 ) Read the security bulletins. At least try to get an idea of some of the zero-day exploits that are out there. 5 ) Run an anti-virus. Any antivirus. Not necessarily real-time, but scan your machine at least once a week. I use Malwarebytes free. It works for me. YMMV though. And clean up before you scan. I use JetClean. It seems to work well, and the virus scan will be a little bit quicker. As Mr.X suggested, a Sandbox or virtual machine will protect you, but it's not always practical, especially in the case of high performance software like Cubase (which I use) That's what I do. So far...so good.
It's really depending, newer malware not really care anymore about Sandboxie and VM because they check if there driver/executable are running or not and then they acting different when you test it under real environments which makes it pretty dangerous even for experts. Because you can't debug every new software/update and inspect everything. The thing is that you never know, and if you're malware is good you may never figure it out and only see the symptoms of an infection and one time is enough to send your data in a cloud - you never get your data back. I'm not sure what's the best personally I gave up on all products long time ago an only test here and there but simply ask yourself if you really need the software or is it only for one time, then you can simply do the suggested setup. The problem is more the software you daily use.
Yes at all you've said. But ThomasMann is asking for protection when landing on a compromised server which tries to exploit client computers, namely their browser(s). He's not trying to run malware tests and here's a huge difference. Hence I still recommend Sandboxie for browser protection. In fact for any Internet facing app protection.
Can recommend a proper add blocker and noscript, this combination can defend from attacking sites and or infected add banners.
I get an error: Spoiler Secure Connection Failed An error occurred during a connection to cybellum.com. Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.