Just had a little scare but managed to fix it with a clean reinstall of chrome. Norton has done absolutely nothing. What anti virus programs do yall use to have a better peace of mind when surfing the web, especially when scouring for porn?
You shouldnt use an anti virus program like norton, mcafee, kaspersky etc… They dont do anything, shove ads in your face, and in some cases have been caught doing things they shouldnt be doing. If they are on your computer you should remove them.
You have windows defender which is actually just fine. If/when you have a scare or need to scan something you can use either virustotal.com and then for system stuff you can use malwarebytes. This is all you want and need.
Note: using virustotal is a bit complicated in the sense that the information it will give you wont make any sense without some education. A positive hit on the first page you’ll see DOES NOT necessarily mean its malicious. False positives are a common thing and you would need to use several sources for identification. So things like multiple provider hits as well as looking at the behavior and its talking to a bunch of weird IP’s or something. Just make sure to google what youre doing.
5 Likes
Agree 100% with this advice.
4 Likes
100% agree.
Malwarebytes is great for a check if you think something is up, or you want to make sure. But should be uninstalled or disabled after.
Modern and updated windows defender on Windows 10 or Windows 11 is more than enough.
And most of the Anti Virus Programs can be considered malware, ad-ware or bloat ware, or all of that.
Just because an Anti Virus seemingly does “nothing”, doesn’t mean it isn’t doing it’s job. There may just not be anything it needs to report.
Speaking as Sysadmin here. Best prevention is education of the user. And having working Backups for the worst case.
2 Likes
Ill give norton this, it good at stopping unwanted redirects from websites
I don’t use. Norton and the like are more malware then the crap they advertise they stop. Try removing Norton from your system…in full…see how difficult it is 
Win defender is perfectly adequate on it’s own…providing you are sensible about what you download and from where. Just run a scan once a month with malwarebytes or (if you have it) the old freeware version of something like ASC.
Haven’t run a dedicated AV for years and never had a virus.
1 Like
If we were 10 years ago then I would have said AVG + Malwarebytes…now though due to no anti-virus program having the consumer in mind and Windows Defender being much better than it was in the past, just Malwarebytes as that works with Windows Defender instead of disabling it and so gives good extra protection via sometimes blocking bad websites and suspicious connections from hidden adds on sites.
Note I do have an premium subscription with Malwarebytes so I get more out of it since I got on the bus early on and have a very good price for it. Free version of the program I wouldn’t use since real time protection is premium only. Oh and it does sometimes give you an promotion about itself but never of other stuff yet.
+1 to virustotal too but it does do false flags still.
1 Like
Thanks guys for the advice, Have offically uninstalled norton
3 Likes
Oh yeah just to add on, if you ever switch to firefox then I use this extension to stop pop-ups pretty well: Strict Pop-up Blocker – Get this Extension for 🦊 Firefox (en-GB)
Which when coupled with Ublock Origin and Ghostry appear to make a mean combo at stopping most things coming through, although if anything does make it through then Ublock Origin’s picker tool hasn’t failed me yet except for websites that send you to an fake screen till you agree to their cookies like Healthline.
Just note if you are on Windows 10, Microsoft is ending support by October 14th of next year so you will be left vulnerable from any future security issues so keep in mind of either moving on to 11 or any other updated OS by then if you want a better peace of mind
wait…theres a windows 11? wtf 
i thought i read many years ago that they were stopping at 10 and just forever updating it? i think ive woke up in a different universe again lol
Yep Windows 10 quickly died in being the end all of Windows as it was so poorly made that it was clear it was an slightly better 8.1 I believe. So they made Windows 11 which has been out for two years now I believe.
Also I had an laugh and a scare when I heard about the Global IT outage/crisis which appears to have been caused by an anti-virus software called CrowdStrike. Safe to say that company is now on death row for this mistake as it’s due to an update they did.
Upscale/FPS increase request topic , Video resolution mega poll and recommended multi-axis script along with single-axis script which is a Fap Hero.
It highly depends on what you are doing and expecting. Windows does a good job by default, but its also not effective towards the newer malware. Microsoft obviously doesnt want to cause any disruption to anyones pc, so they will have set a very gracefull treshold, and recognition of malware will always be somewhat behind.
If however you arent doing strange things, this is fine in over 99% of the cases. If you visit common websites, its rare to face malware that is new enough so it doesnt get recognised.
However, once you are going to do more risky stuff, windows defender is instantly useless. And this is where normal anti malware software can help. They can feature things like:
- ransomware detection (or better said, mass encryption), as rootkit they should even be able to extract the key from memory before the malware can remove it, making it possible to revert the damage (your pc might still be bricked, but at least data can be recovered).
- for companies this is often too late and anoying. but can be essential to prevent downtime by detecting it fast.
- sandboxing. There is a lot of software that can do usefull things, but is infected by malware. being able to sandbox it, means you can use it to do that specific task, but as all mutations are sandboxed, it cannot affect your pc unless it has an exploit built in. This is extremey rare to happen.
- and while illegal, keygens of old games were commonly affected here. If you got an abandonware game, this might sometimes be your only option to get it to function.
- Faster updates for malware. As they dont care as much about a bricked pc (a reinstall is fine), they can push out newer detection faster. Especialy when this is important (companies with clueless employees that trust random mails), it gives a smaller window of vulnerability when some ransonware attack is being attempted.
However, a key aspect is: if ifs free, you are not a customer, you are the product. Any anti malware tool that is free, means they want to make money of you. Anti malware tools do this through advertisements. Windows does this by proving they barely get malware (and when they do, they know they can nearly always blame the user that got infected by not installing extensive anti malware). For them proving windows is safe is their advertisement.
In most cases when you actualy pay for those anti malware tools, you get a very diffirent executable with a lot less overhead (sure, the file might still contain the same, but it can load very diffirent aspects of the code into memory). And yes, some are good, some are bad (norton and avg being massive offenders).
Note, even if a tool doesnt give advertisements, it might still do telemetry. Which is effectively just as bad as malware sometimes itself is. Tracking user behaviour on the pc itself is one of the things those tools are often ment to stop.
Hard disagree. I dont understand what you mean by ransomware detection, mass encryption, and rootkits are somehow the same thing? Its a confusing sentence, ransomeware can ecrypt your data, sure, can you call it “en mass” maybe i dont depends how much. “as rootkit” Not sure how a rootkit applies here. Are you saying the anti virus is a rootkit or the ransomware is? It sounds like youre saying the anti virus is a rootkit?
Not too sure what you mean by extract the key from memory. Are you assuming that in a ransomware attack that the decrypted key is loaded into memory? If your data gets encrypted there is no decrypting it unless a decryption algorithm has been found. Or i should say its just highly unlikely it can be decrypted. bricking a pc and encrypting data arent the same things. Anti virus’s would need to detect and stop prior to encryption.
there isnt anything that defender and malwarebytes combined wont detect that a scam like norton, mcafee, etc will. Sure there are going to be edge cases here and there where one detects something while the other doesnt. But this isnt common enough to justify paying money for an anti virus. They are simply scams, they slow down your system, and send you ads constantly. They add less protection or at the bery least equal protection to the suggestion i made earlier.
Ramble warning.
Ransomware detection is a part of Defender. Maybe only in Windows 11?
Used to be for paid subscriptions only, but is now enabled by default.
Getting encryption keys out of memory could help with decryption, depending on the algorythm and if the encryption key is identical to the decryption key or at least syncronous keys. But this depends on how it is encrypted in the first place and not something likely or reliable.
Sandboxing is not something that most AVs will do automatically and instead will have to be done manually. Next to nobody will have done so in the past 10 years.
Sandboxing can be setup with Windows Defender as well, but requires some setup unlike starting it via a button in an AV suite.
Microsoft isn’t much slower than competetors with updating their detection rules. And it has been a long time since Microsoft seemingly cared about trying to not break things during updates.
And the “regular” user is their biggest testing platform, meaning they get the updates really quickly.
The biggest issue I see with this is that it relies on the Windows Update Service for updates.
But I think this is going way too far into detail now.
Simply said, for most people Windows Defender is going to be more than good enough.
If companies have ads or their AV preinstalled, it means they probably spend way too much money on marketing in my opinion.
Before someone says anything like just use Linux or Mac. There is also Malware for those, just like for iOS and Android as well. Even your Smart Fridge.
biggest defense you can have against malware is an updated system and using brain.exe. The rest handles defender
I used Malwarebytes forever but recently I noticed after leaving the PC on for +2 weeks it would slow the whole computer down. Uninstalled it and just use windows defender with sample submissions turned off.
jokes asides, lots of precautions
do not run random binaries that you find, or run them in a sandboxes environment.
on windows you can either use a VM or Sandboxie+ to run unknown programs
scanning unknown binaries with virustotal is also a good option
on linux, well there aren’t many malwares on linux, like on macOS, these OSes aren’t immune to malwares but almost every malware is developped for windows only, the probability of catching a malware on mac is low, and even lower on linux.
The virusscanner itself is the rootkit that has full access. And note, its mandatory they have to be one!
Crowdstrike is an example of problems virusscanners can give, but even then, its better that its there and face such problem once. than to get attacked and get an unrecoverable system.
Encryption doesnt involve loss of data. So before and after are always directly connected. To get from A to B, all the key information must be known at the time of encryption.
So as long as the key is somewhere stored in memory or on disk, it can be recovered. It doesnt matter how they encrypt the file. Unless for each file they instantly send this data to a control server and remove it directly (highly unreliably and a lot of traffic).
What most often happens is the files getting encrypted, a key file is generated (this key acts as a seeding value). And in memory a primary key is stored. Sometimes on disk the main key is also stored, especialy when the intention is to delay the final moment.
Upon finalizing this primary key is sent to the server, and upon receiving confirmation, then purged from disk (overwriting it several times probably through hashing the key thousands of times ensuring no remnant of it can be retrieved). And it then is used to encrypt all the small key files again (as this makes cracking it harder as no known encryption weakness traps can be used - some data or keys or seeds are weaker, this negates finding these). It doesnt matter if the finalizing fails and causes a bsod or anything (upon which the encrypt key is lost as memory gets cleared).
For retrieval, when you have the key, each file only needs 2 attempts to decrypt. Once with the seed file undecrypted, and once decrypted. Which is still quickly done.
So upon detecting such malware, if you lock the system and write the memory to disk. As long as it wasnt entirely completed, you have the key stored. Recovering it might not be easy, but you can be sure its there. So data analyzers can do their work and get it out (for experts this is often even trivial).
Windows doesnt involve such protection. It can detect at best, but what is lost is lost. Microsoft relies on you making backups for a reason. Its an easy statement for them to make to blame the problem upon you.
Stopping encryption before it happens is impossible. It means any cryptographic function (any url on https) would now require to throw a warning for potential encryption. Because you cannot know whether it will be written afterward to a place you dont want it to.
And a lot of services (like streaming. or even new game releases) do rely on decryption of data to protect against early releases while being able to mitigate bandwidth issues.
And if you think decryption differs. There are symetric algorythms where you simply cannot see which sort of action was used.
This is why ransomware is such a problem to detect. Microsoft will always be behind here, since if they would be checking such things, they are just making their system less stable again, and giving attackers a huge vulnerability to exploit (1 leak in defender and they have full root access, knowing 95% of pc users are vulnerable). This is where other malware tools have advantages, they are far less likely to get targeted attacks because that would reduce the attack window a lot (and these attacks also have their own signature that can be detected).
Defender is mostly a defense on user level, not kernel. It can feature a few helpers for it. But most of it happens at user level, which for its purpose is already enough. Microsoft has learned by making sure they arent providing a big exploit on kernel level.
load of crap. You have no idea what youre talking about