this post was submitted on 11 Aug 2023
25 points (90.3% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54443 readers
207 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

Fellow pirates, does anyone have any good antivirus recommendations? Looking to get one but I'm not too sure which one is legit and not just a bunch of bloatware. Thanks in advance

all 20 comments
sorted by: hot top controversial new old
[–] [email protected] 36 points 1 year ago (1 children)

Windows Defender, everything else is malware itself.

If you want to be extra sure, check stuff using virustotal.com

[–] [email protected] 22 points 1 year ago (1 children)
[–] [email protected] 2 points 1 year ago

Best-Class AV

[–] [email protected] 16 points 1 year ago

Windows defender for active threats malwarebytes for scanning downloads/files. Alternatifely: sandbox a Linux distro.

You literally don't need anything more these days.

[–] [email protected] 6 points 1 year ago* (last edited 1 year ago)

You're SOL if you're a spear phishing target. But otherwise?

Also looking bad... Frankly, AVs must fulfill an impossible purpose, and they're horrible at it. If you ask any AV dev how to bypass their AV at a conference, they can give you a magic file size above which their AV gives up. Don't wanna tank the performance of your computer, let's pray that that chunky file is safe. Guess why malware devs deliver their malware in a compressed archive with a suspiciously good compression rate.

Many AV vendors spend a disproportionate amount of time on detection of public toolkits, such as Metasploit. But they suck at detecting everything else, literally. If it's private, they don't detect it for a long time. Malware devs have been using the same techniques to evade AVs over and over again, yet they can't figure out a way to block it. Even if I rig the odds in AVs favor by uploading shit to VirusTotal, only one thinks that my malware with Metasploit payload is malicious, months after the upload.

Now in fairness, VirusTotal only does static analysis. Sucks for AVs that you can call arbitrary, legit functions between malicious ones to confuse the behavioral analysis. Or wait a minute or two for the analysis to give up. Or embed malicious code into legit applications. Or hell, go wild with Java or other more exotic interpreter languages as most AVs don't check for them at all. Or... hear me out... abuse legit apps for illegitimate purposes! If you've got AnyDesk, force it to give the attackers unattended access to your computer.

Thank you for your time, and I hope your trust in AVs is forever shaken. As it should be.

[–] [email protected] 6 points 1 year ago* (last edited 1 year ago) (1 children)

On Windows, just use the built-in Windows Defender. On Linux, I recommend ClamAV + ClamTK. On Android, Hypatia.

If you think you have malware, this is a pretty good guide to remove it.

I'd also strongly recommend using and configuring a content blocker like uBlock Origin in your browser, as well as using a DNS level blocker like NextDNS.

If you have a multilayered setup like this, then I think you're pretty good and it'll be not impossible, but much harder to get malware or be infected. Just use common sense as always.

[–] [email protected] 2 points 1 year ago
[–] [email protected] 3 points 1 year ago (1 children)

If for Windows which I think it is then I highly recommend you to check The PC Security Channel, I have always recommended everyone to use a 3rd party AV but now with my ESET internet security subscription about to end in a month I'm planning to give a windows defender a go

[–] [email protected] 2 points 1 year ago

Thank you for the link. Much appreciated

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

None.

Have a good backup strategy and nuke the OS/restore data from backup when needed.

I wouldn't trust any antivirus to clean everything properly after my machine has been infected.

[–] [email protected] 3 points 1 year ago

Windows Defender.

[–] [email protected] 2 points 1 year ago

clamav / clamtk and nothing proprietary because antivirus gets access to everything. it is worth noting that these are antimalware more than antivirus.

[–] [email protected] 2 points 1 year ago

Windows defender (built in) on Windows, none on any other OS. Keep in mind that you need to uninstall existing AV for Defender to activate.

[–] [email protected] 1 points 1 year ago (1 children)
[–] [email protected] 0 points 1 year ago

linux + clamav for sketchy files is best imo