For all the people who believe aditional Antivirus software, is not necessary..

PCUser · Jan 15, 2025

pseymour said:
Agreed. You should use something like CrowdStrike Falcon. (sorry @andrew129260, if it's too soon to mention that
)

And don't forget the famous CrowdStrike outage. It was MASSIVE.

2024 CrowdStrike-related IT outages - Wikipedia

en.wikipedia.org

On 19 July 2024, American cybersecurity company CrowdStrike distributed a faulty update to its Falcon Sensor security software that caused widespread problems with Microsoft Windows computers running the software. As a result, roughly 8.5 million systems crashed and were unable to properly restart[1] in what has been called the largest outage in the history of information technology[2] and "historic in scale".[3]

The outage disrupted daily life, businesses, and governments around the world. Many industries were affected—airlines, airports, banks, hotels, hospitals, manufacturing, stock markets, broadcasting, gas stations, retail stores, and more—as were governmental services, such as emergency services and websites.[4][5] The worldwide financial damage has been estimated to be at least US$10 billion.[6]

pseymour · Jan 15, 2025

PCUser said:
And don't forget the famous CrowdStrike outage. It was MASSIVE.

lol yeah, that’s why I specifically mentioned them. Also to traumatize Andrew again.

NavyLCDR · Jan 15, 2025

Silvio said:
It proves, reliance on just Windows security, is not wise.

Why don't you just come right out and tell us which antivirus software company you work for? However, I will agree that reliance on just Windows security is not wise. The best antivirus tool is between the user's ears. Knowing what to click on or open and what not to click on or open, combined with Windows security as well as a NAT firewall built into your internet router will keep you just as safe as any paid for antivirus software.

PCUser · Jan 15, 2025

pseymour said:
lol yeah, that’s why I specifically mentioned them. Also to traumatize Andrew again.

Interestingly enough, the CrowdStrike debacle and its effects were documented in this YouTube video shot by RATT Tour Manager Jason Green in Toledo, Ohio. They misnamed CrowdStrike as CloudStrike in the title, but nevertheless showed some of the effects at the hotel level (no working hotel computers, unable to do hotel purchases, no room keys, etc)

www.youtube.com/watch?v=FEoOWkLGSCU

andrew129260 · Jan 15, 2025

Silvio said:
An "informed", "non emotional" article, on Security researchers "analysis", of a plug X variant.

PlugX malware hides on USB devices to infect new Windows hosts

Security researchers have analyzed a variant of the PlugX malware that can hide malicious files on removable USB devices and then infect the Windows hosts they connect to.

www.bleepingcomputer.com

View attachment 122176

So I guess "Plug X", is "not so targeted", and may well be languishing on many machines, without sophisticated Virus/malware protection.

Q.E.D. - Wikipedia

en.wikipedia.org

its funny you show avast, because a flaw of the avast driver, malware was delivered to machines

Hackers abuse Avast anti-rootkit driver to disable defenses

A new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take control of the target system by disabling security components.

www.bleepingcomputer.com

But yes, other AV's should be updated for this to be sure.

Steve C · Jan 16, 2025

Silvio said:
As a cyber security dude, I'll never accept, free antivirus/anti malware solutions, will be as effective, as solutions, with required R&D budget, and priced accordingly.

Perhaps you use Kaspersky antivirus software made in Russia?

hdmi · Jan 16, 2025

Silvio said:
cyber security dude

lol

Silvio · Jan 27, 2025

bikemanI7 said:
These days i use Windows Defender, backed up by Malwarebytes Premium, Router firewall, and practice safe surfing, and for daily use--on My Standard MS Account, and Only use System Admin account for Admin Tasks

Great post, great regime..

To be honest, I was so disgusted with some of the "pitch fork mob" like responses to this thread, for daring to question MS Windows Defender, I almost left this place, for good.

andrew129260 · Jan 27, 2025

Silvio said:
Great post, great regime..

To be honest, I was so disgusted with some of the "pitch fork mob" like responses to this thread, for daring to question MS Windows Defender, I almost left this place, for good.

Nothing wrong with questioning windows defender or any other security, including windows efforts itself.

It's about having all the facts though and data, which your sources lacked.

Unless we know more, we cannot arrive at a good conclusion. The fact of the matter is no typical home user should be using windows in the first place imho.

Chromebooks are the only type of computer I recommend for home users.

You have your opinion and that is fine. I don't think paying for an antivirus makes you invulnerable which is what you seem to claim. The fact is any security solution can miss things. Whether you pay or not makes no difference. The paid and free get the same detection rates for avast for example.

antspants · Jan 27, 2025

Silvio said:
Great post, great regime..

To be honest, I was so disgusted with some of the "pitch fork mob" like responses to this thread, for daring to question MS Windows Defender, I almost left this place, for good.

One needs to keep their integrity and stick to their guns, regardless of what those with different opinions (and the obvious bigot) have to say

kelper · Jan 27, 2025

Do most users trust the companies that review antimalware or do you think they are in the pockets of the AV companies without whom they would have no busines?

I'm thinking of these companies...

Virus Bulletin (VB100)
MRG Effitas
SE Labs
AV-Comparatives
AV-Test Institute

I see that Bitdefender consistently outperforms MS Defender!

Personally, I use Webroot as it's so lightweight on resources and space. It installs in seconds and use heuristics not definition files.

antspants · Jan 27, 2025

kelper said:
Do most users trust the companies that review antimalware or do you think they are in the pockets of the AV companies without whom they would have no busines?

I think they all sell their soul to the highest bidder

kelper · Jan 27, 2025

If that were true, why would companies that score less well keep paying their subscription? You are too cynical! I think the computer magazines always have an eye on the advertisers but I don't think they are corrupt.

andrew129260 · Jan 27, 2025

kelper said:
I see that Bitdefender consistently outperforms MS Defender!

Personally, I use Webroot as it's so lightweight on resources and space. It installs in seconds and use heuristics not definition files.

Yes for the last couple months I see bitdefender doing quite well, as well as avast. AV test showed defender getting top marks, while av comparatives gets defender a just passing grade.

Everything nowadays are using a combination of definition files, heuristics, hashing, behavioral analysis etc etc. The counter list is huge.

There are tons of holes in security. While one product may be better at detection in some months vs others, I think the user is ultimately the first defense.

I think the operating system used, the knowledge of the user, all are much more important than any chosen AV.

The labs are using samples they have catalogued recently as well as ones over a length of time.

Sometimes on the day of testing it might favor one solution being more up to date vs others that are lagging behind.

Either way, as long as you're using some type of security solution, you're much better off than others.

kelper · Jan 27, 2025

Webroot does not use definition files! That is why it is unique. I never see Webroot popups unless I go to an iffy site. It is very unobtrusive. I find their technical support to be excellent. I hope it continues to innovate but it has been bought out.

Webroot was sold to Carbonite, Inc. in February 2019 for approximately $618.5 million. Later that same year, Carbonite itself was acquired by OpenText, a Canadian software company, in December 2019.

AugPal · Jan 27, 2025

......As a cyber security dude,.... If you are a cyber security dude, I'm surprised you didn't tell people to dump Windows and install Linux. You list it as your OS.

I glanced at the article and it said, ......" This variant of PlugX malware spreads through a computer’s USB port, infecting attached USB devices, and then potentially spreading to other Windows-based computers that the USB device is later plugged into. ...." How did the USB Flash drive that is mentioned get infected in the first place?

I don't plug anything into the USB ports on my computer. I use wireless KDE Connect for my phone.

While I have Windows 11, I never really use it unless there is some software that requires it

RD Mercer · Jan 27, 2025

antspants said:
I think they all sell their soul to the highest bidder

Probably just me, but I have always thought since the beginning, the antivirus companies, are the ones that create the viruses. I believe the best antivirus, is setting on top of your shoulders.

AugPal · Jan 27, 2025

RD Mercer said:
..... I believe the best antivirus, is setting on top of you shoulders.

You are spot on!

TairikuOkami · Jan 27, 2025

For all the people who believe aditional Antivirus software, is not necessary..

I have not AV used since XP, except for testing and this malware can be easily stopped with DNS and firewall.

Code:

https://any.run/malware-trends/plugx
https://www.cybereason.com/blog/threat-analysis-report-plugx-rat-loader-evolution

Not to mention a simple tweak, which works like smart app control and blocks an unsigned exe.

Code:

reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ValidateAdminCodeSignatures" /t REG_DWORD /d "1" /f

andrew129260 · Jan 27, 2025

kelper said:
Webroot does not use definition files!

About Uninterrupted Protection

answers.webroot.com

Webroot provides definition updates almost every day to protect you against the latest malware threats. By choosing our "Uninterrupted Protection" option, you ensure that you will continue to receive regular updates and protection against new virus and spyware threats.

With the convenience of automatic renewals, you never need to worry about keeping your PC safe. We'll automatically take care of it for you so you're always protected.

The amount of incorrect information in this thread is staggering.

TairikuOkami said:
Not to mention a simple tweak, which works like smart app control and blocks an unsigned exe.

Code:

reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v "ValidateAdminCodeSignatures" /t REG_DWORD /d "1" /f

View attachment 123418

Its a shame smart app control usually disables itself automatically on new installs of windows after the evaluation period.

For home people I manually enable it as soon as I can if they really need windows on their pc.

For all the people who believe aditional Antivirus software, is not necessary..

Well-known member

My Computers

Windows developer and admіn

My Computers

Well-known member

My Computers

Well-known member

My Computers

Well-known member

My Computers

Well-known member

My Computer

Jack of all trades – master of none

My Computers

Well-known member

My Computers

Well-known member

My Computers

Like a rolling drone.

My Computers

Well-known member

My Computers

Like a rolling drone.

My Computers

Well-known member

My Computers

Well-known member

My Computers

Well-known member

My Computers

Member

My Computer

Well-known member

My Computer

Member

My Computer

Microsoft 365 Basic

My Computer

Well-known member

My Computers