Security essentials is ok and doesn't spam you, but it's just ok.
Security Essentials used to be just ok. Over the past year or so, it's turned into the most useless piece of crap I've ever seen. I used to recommend it as a free option for some people, but lately I've been ripping it out of every machine I see it on, in the same way I used to do with Norton a few years back.
You don't need no brakes on your car to study what happens to some other guy when they crash their car.
Similarly, I don't need antivirus on my computer to reverse engineer the infected files I pulled from a client machine; which, incidentally, their antivirus said was clean, and I found them manually. (But wait! How did you find them without the antivirus telling you that they were infected?! That's unpossible!!! <head explodes>)
Don't forget checking the state tables on your router every once in a while.
Oh...that's right; most routers don't actually let you see that information. You have to be running something actually, you know, useful. Like pfSense.
Hardy har har. I'm pretty sure you were trying to be funny.
But, just in case you, or any of the other similar comments were actually being serious:
Maybe that actually meant "don't run anything resembling antivirus software," since, you know, that's what the thread and the article are all about.....
Well, once I sorted out your bizarre punctuation and capitalization, I realized I agree with you.
Every one of my computers has Sandboxie installed. It's one of the tools I used when analyzing malware, when I want to see exactly what it does to the machine.
I don't execute virus files on my work computer. That would be stupid. I decompile/reverse engineer/etc them.
I have a separate computer that I use if I need to actively infect one. It's not a VM (for the exact reason that some posters have already given) but I do have a Clonezilla image of it, so I can quickly wipe/reinstall after analyzing the infection.
AC: "I'm a fucking idiot, and have no idea how to tell if a computer's infected without big scary warnings from my antivirus software, therefore everybody else is exactly the same."
Never mind the fact that if nobody could detect an infection without a/v software, then it would be impossible to ever add new viruses to the definitions of any antivirus software; meaning, of course, that all antivirus software would have a precisely zero detection rate, and therefore would be completely useless. So, even if you're right, then you're still wrong.
That would be "in before somebody says 'don't run Windows'".
Having said that, I've run Windows (among other things) for years, and haven't run anti-virus in over a decade for two reasons:
- it's more trouble than it's worth when you know what you're doing,
- it's hard to do any kind of virus research at all when you've got antivirus trying to delete every infected file you're examining.
In the time I've not run a/v, I've never had an infection. (I never had an infection before that, either, but that's beside the point.)
I use Comodo Endpoint Security on the kids' computer, and the HTPC, but my main Windows desktop hasn't had it for years, and won't have it for the foreseeable future, either.
All my Linux machines, of course, don't run anything, except for my mail server, which has ClamAV on it, just to scan attachments.
Link to Original Source
Link to Original Source