Monday, April 18, 2011

I Don't Need No Stinking Antivius -- But Will You Please Get It?

People often ask me what antivirus I use. The answer is that I don't use any AV. I typically know the metrics on what my programs are doing, so viruses aren't something I tend to get.

Don't get me wrong; there are a few times I've been exposed to malware, but I had put myself in a risky position and knew what to expect from it. Downloading music or alternative software are both prime examples of such situations. When viruses run amok throughout a computer system, it’s imperative to know how to seek and destroy the many tentacles with which it can take hold. It's actually kind of fun not only to kill, but to observe the hacking creativity (I have a small collection of well designed viruses).

There are some nasty programs out there. It’s important to act very quickly upon getting infected with a virus or malware because it could start transferring private files to the net almost immediately. To make matters worse, once a single piece of malware makes it through, it very often creates a backdoor that provides easy access for other hostile programs, and the scenario inevitably repeats itself. I've cleaned a few systems with literally 100+ virus processes running.

If you install Windows XP out of the box, you can get a virus by visiting a basic website and not even clicking on anything (trust me; I've even experienced it from my own website). To prevent most of the bad stuff, you should run Windows Update (or automatically enable to download) since the folks at Microsoft are pretty much on the forefront of security patches.

Should you come down with an unfortunate case of sporadic applications, browser pop-ups or some other malware, you need to be quick to disable the network adapter and kill the processes. On one occasion, I had to pull the plug on my system as a rouge process was maliciously wiping data files.

I take the care and tending of my system resources very personally and don't want my programs running amuck. I consider AV programs, like Norton, one of the worst offenders. That having been said, please take note that I am a power user and I oversee a farm of web and database servers for my local SEO company- I use hotkeys everywhere, I've created macros to do repetitive tasks and I program automation processes to accelerate and interoperate.

The problem with AV programs is that they operate by constantly scanning inputs & outputs of all your files and internet activity. This adds processing time and latency in just about everything you do. In most situations, this is may be a minor resource utilization and probably goes unnoticed by most users; nevertheless, it’s a burden I'm not inclined to accept. However, unless are prepared to a) avoid malware in the first place, and b) are capable of completely cleaning up something that may have slipped in, then I'd strongly recommend you use AV software.

About a month ago, I was (un)lucky enough to be part of the 0.02% of Google users affected with an outage. Accidents do happen, and antivirus software is like an insurance policy. In fact, if you get a virus on your system, it can often spread to your local and office networks. Nothing is worse than having your co-worker’s computer contaminate the network! So for the other 99.98% of internet users, I recommend you get a solution in place.

If I ever have an AV program installed on my system, I will disable all active monitoring of said program and enable it to perform detection only when I ask it to do so. I personally like to use Microsoft Defender and legacy versions of AdAware (before they went commercial), both of which I've linked on the side of my blog. A nice feature about periodically running AV programs is that they can scan and cleanse unnecessary objects, such as clear wasted registry pointers & marketing/tracking cookies.


Malware Prevention Tips:

  • Don't Click. Just Close It-- when you're prompted with something that you don't want, clicking on anything, even something that looks like "Cancel" or "No" might be a trick. Instead, hit the Escape button, Ctrl-W (a switch to shutdown a browser tab), or Alt-F4 (close application).
  • Keep Windows Patched -- visit http://www.WindowsUpdate.com if you’re not sure.
  • Use Google Chrome or Firefox – both are resilient, yet functional, browsers. Stay far away from Internet Exposer.

Dealing With Malware:

· Disconnect -- pull the network plug or shutdown your wi-fi. That tends to stop most popup based ads.

· Ctrl-Alt-Del -- Open Task Manager and look at the list of processes, sorted by CPU desc. Take note of oddly named processes that you don't see on other computers (call a nerdy friend and ask them to compare). Kill any suspicious ones. If they come back alive, you may need more professional help.

· Run AV -- hopefully you've contained the malware, now eradicate it with Microsoft Defender, AVS, AdAware or your $60 Fry's special software.

· (advanced) -- Seek and Destroy yourself by performing tricks such as: deleting or renaming the malware file, opening Regedit and searching for the process.

2 comments:

E.J. Hopkinson said...

To me, A.V. is like any other form of personal protection, just in the technological realm. Does everyone need a state of the art home security system, armed body guards, and attack dogs to protect themselves? Of course not, it all depends on the person and situation you are in. If you are careful and know what you are doing, or running on a machine that you don't care about, A.V. is simply another program eating up resources for no reason. However, I do believe that certain users or machines should have some form of A.V. on them. What it boils down to is the content you are protecting from the evils of the web and what type of user is on the machine. Figure out the information stored on a machine and the types of users that will have use of it and then decide if A.V. is right for it or not.

The next hurtle to figure out after you come to the conclusion that A.V. is needed for a machine or user is which one to use. Looking out on the net you can find dozens if not hundreds of A.V. programs and providers all jockeying for your business. From the basic free software to the state of the art costing hundreds of dollars, each A.V. can provide different looks and security measures for your machine and one could spend hours researching them all before they find one that fits just right for their needs, but who wants to do that?
Some good baseline A.V. software that is free can be found through Avast (http://www.avast.com/en-us/index) this is a wonderful A.V. software that is free and, for the most part, very unobtrusive in your daily computing when it monitors your system. There are options to purchase this software but a simple registration to the company allows for free use as well with live updates of new viruses that are roaming the net.
Another good free A.V. is AVG (http://free.avg.com/us-en/homepage) like Avast, it has the option to purchase the software for more features but the basic features of its A.V. software is all you need.
With free comes a toll, you always get what you pay for, or in this case don’t. Both Avast and AVG are great for virus detection however “spyware” or “malware” are things that can be overlooked because they are not recognized as a real virus threat and the free versions skip. (They had to omit something to entice their users to purchase their product) However this can be covered by downloading free Spyware and Malware detectors two really good ones are Malwarebytes (http://www.malwarebytes.org/) and Adaware (http://www.lavasoft.com/) . These programs are good for catching Spyware and Malware that may not be caught by the free A.V. however it is another program that needs to be ran in the background and another leech on your system resources.

E.J. Hopkinson said...

continued....

The alternative to the free software found above is paying for a yearly subscription to a more well known A.V. provider such as Norton or McAfee. I personally run Norton A.V. and to be honest it is such a resource hog that I turn of the weekly scan or only allow it to run over night when I’m not on my machine. The reason why I use this software is out of familiarity and convenience; it came preinstalled on my machine and I never spent any real effort finding a replacement for it. I will give it credit with the fact that I have put my computer into some very precarious situations and places and I have yet to get a virus that has beaten the defense that the program provides. However, I am discovering that another provider, ESET, may be my new replacement when my subscription runs out with Norton. ESET (http://www.eset.com/us/) is one of the pioneers for A.V. and their software is one of the least obtrusive but most robust I have ever seen or worked on.
With any of the paid software that is out there the typical format is paying upfront for the software and renewing a subscription with the company to get free updates. This path may be the best option if you are running a machine with limited redundancy and contains vital information on. Either way it can be very costly, both in system resources and financially.
As stated at the start of this response, A.V. is not for everyone and what type that is used, if any, depends on the situation. Do you need the armed guards and attack dogs or just common sense to protect yourself? It really depends on the situation and the user, at least now you know where to find some neat free stuff if you do need A.V.!

Share Links