Anti malware that can detect cracks and flag them as so, but can also distinguish from trojact and malware? Also, that can be configured to don't use too many resources when not required

I was thinking, mbam, have you got other suggestions for Windows 10? Also, is there a good setup for when I'm running games I bought, and I don't need active scanning of threats? (Especially for legit games that use resources intensively)

ShadowCat ,

just read this.

ReversalHatchery ,

In recent years I'm very disappointed at antivirus software. I use a paid one, but I'm careful enough to not get into trouble, and they don't alert for spyware/stalkerware and adware, but report and autodelete every single crack and keygen as their own category on the sole basis that they might be more risky.

At least it's less resource intesive, I guess. Or it just knows better when not to do scans, but that shouldn't be that difficult for defender either.

bykdd ,

I use sandboxie-plus with some games.Most of them works without problem.You can restrict net and folder access in sandboxie settings.Sometimes fitgirl repacks can be problematic.

ReversalHatchery ,

Afaik you can only restrict write access, file reads are not restricted.

zaknenou ,
@zaknenou@lemmy.dbzer0.com avatar

Kaspersky and Malwarebytes are the top in the market I think

SpeedySparticus ,

I can highly recommend using common sense and a vm

gemew26 OP ,

virtual machine for games, my pc is medium specs, dunno if I can do that. No problem with common sense, is there an answer to my question please?

SpeedySparticus ,

Most antivirus especially the free ones are not good and are kinda malware themselves. What you can do is to not download from very sketchy sites and maybe try uploading the binary to virustotal. Maybe also check if the binary is very obfuscated

umbrella , (edited )
@umbrella@lemmy.ml avatar

cant stress this enough. read the tos on most antiviruses, they are free for a reason.

if you are on windows, use defender, its built in and enabled by default, so no need to worry.

use virustotal to scan files you download, and run it in a vm first if you still think it might be malicious.

SpeedySparticus ,

This. Better not install any antivirus (other than windows defender) but ANY malware just a bit more sophisticated than something from a scriptkiddie can EASILY bypass windows defender. So please just don’t download from sites where you can download free games as all of those sites I have seem have malware in all their games. And remember just because you don’t see that there is a virus in your computer most malware just hide and silently mine bitcoin or other crypto and steal your credentials to for example discord

gemew26 OP ,

you think even Goat websites in the megathread are unsafe?

DivisionResult ,

So any script kiddie can disable windows defender inside a PC with good group policies?. Defender I prefer it hardened, that a freeware antivirus. If you really are considering a security, setup Wazuh with sysmon alerta. A PC/instance with 2gb/vcpu for 3 agents is OK.

Maybe you can run X process AS other user with less privileges than SYSTEM.

SpeedySparticus ,

No what I am saying is that any hacker BUT a scriptkiddie can disable windows defender

gemew26 OP ,

what if the executables are large like all games basically?

umbrella ,
@umbrella@lemmy.ml avatar

VM with gpu rendering enabled (good emulation driver or passthrough), not enough for the best performance, but you can use software like fswatch (linux only, but windows certainly has something like it too) to see if the game will change anything on your system that it shouldnt.

the best course of action for games is finding a realiably safe source for them so you don't have to do this every single time.

catloaf ,

Any modern security program supports whitelisting.

mindlight ,

You don't want to have any active scanning for threats, like antivirus?
If so, why?

gemew26 OP ,

because it affects the performance of games? For instance I play MMO and I don't need anything security software related running while I play, am I thinking wrong?

mindlight ,

If your computer is network connected you really really need antimalware running.
In theory, a game server could be exploited and controlled to inject malware into game clients ( = you playing online).

If you use a browser to access internet, there has been malware infected ads that infect your computer when you visit legitimate web sites.

If you get infected, the malware most likely won't do anything that makes you notice it. It all depends what the purpose of the malware is.

Ransomware?
Then it stays hidden until it has encrypted all your files and then it pops up telling you to pay or you won't be able to use your computer.

Collecting useful passwords? Getting full access to your Steam account is nice. Got some awesome weapons and armor in the MMORPG you play? That's something they theoretically would script to be able to steal from you.

Or maybe the malware just stays hidden for now, contacting it's control center now and then to see if there is any instructions.

Malware is business. The people behind it are businessmen and you are part of what they sell.

If you have a fairly modern computer there shouldn't be that much impact on the performance.

RisingSwell ,

If on Windows, Windows defender is more than enough for all of that stuff. It's very effective, although does require an internet connection or it won't do as well

mindlight ,

Yes. But the discussion was about not running any since it killed performance.

jnk ,

Extremely case where I'm going to defend windows; but Ms Defender never killed performance in a pc even if i had a low-end one.

Considering all the bloatware windows has, OP would be better off fighting like literally every other program except Defender...

mindlight ,

I fully agree.

But my main point was that they're taking an extreme risk if they're running without active antivirus and access the network in one or another way.

jnk ,

Oh i also agree with that, just wanted to clarify that

SpeedySparticus ,

Not running antivirus does not put you in risk. Antivirus has a considerable impact on performance and does not prevent malware. What puts you at risk is running executables with malware which antivirus can only prevent if it is just some scriptkiddie trying to hack you. Real malware can’t be prevented by antivirus.

mindlight ,

Either you're just ignorant or your working in the Russian malware industry.

Remote exploits doesn't have anything to do with you running any infected executables. It's about vulnerabilities in executables that you are running.
Read up on the zx vulnerability or the log4j vulnerability.

One really really old attack vector is a buffer overflow attack.
For example, if you're running a clean VLC to watch a movie and your VLC is older than version 3.0.12 you're at risk.
The video file, that you "purchased" on PirateBay, could have been manipulated to crash VLC and force VLC run a specific payload in the video file.
If that payload is ransomware it's game over for you.

Yeah, just like wearing a seatbelt doesn't guarantee that you don't get injured, antivirus doesn't guarantee that your computer won't get infected.

But there's no doubt about the usefulness of both seatbelt and antivirus.

SpeedySparticus ,

The liblzma vulnerability does not have have anything to do with antivirus. Running antivirus doesn’t help with that. Same goes for log4j. The liblzma and log4j vulnerabilities didn’t get detected by antivirus and it didn’t help prevent it. Remote exploits can also only happen if you either have some service exposed to the internet or visiting a malicious website with a vulnerable browser. Antivirus can only prevent scriptkiddies but any sophisticated malware will just bypass av

mindlight , (edited )

I explained what a remote exploit was and gave examples of remote exploits.

Are you claiming that antivirus isn't able to detect malware entering through an remote exploit?

SpeedySparticus ,

Antivirus is not what’s stopping g remote exploits. For a remote exploit to work you either have to expose ports to the internet (port forwarding) and run a vulnerable service on said port or visit a malicious website with a vulnerable browser. Antivirus won’t protect you from more than a scriptkiddie regardless of whether or not it is a remote exploit

mindlight ,

Yeah, that was you continuing to show how inexperienced you are.

For a remote exploit to work the computer or device has to expose ports to the network your computer is connected to.

"Remote" means that the vulnerability does not require local access.
So if your friend connects his infected device to your wifi, all devices connected to the same network essentially are at risk, depending on what's listening on the devices and what vulnerabilities they have.

Your idea about avoiding bad websites is ridiculous. History is full of examples where third party ads had been created to infect one way or another. That's ads that users on legitimate site were exposed to.
That's just one little example. There have been numerous examples of malicious sleeping JavaScript code that suddenly wakes up and contacts it's command-and-control server and then download malicious JavaScript code to unknowing site visitors.

Furthermore, you didn't understand my question. Of course antivirus is able to stop malware it recognizes that enters through a remote exploit.
The user with antivirus would at least have a chance of knowing that something was up each time and attempt to infect was made.

You on the other hand would sit there clueless with your little zombie computer and laugh at all them script kiddies.

But hey...
You just continue trying to infect others around you with bad security advice and have a good day. I'm outta here.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • piracy@lemmy.dbzer0.com
  • random
  • All magazines
    •