Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Security Software IT Technology

Ask Slashdot: Should Average Consumers Install More Than One Antivirus Program On Their System? 159

Even though you would assume that people would know better, an anonymous reader writes, in my experience, I have found many who think installing more than one antivirus program on their computer is the right way to go about it. Some have installed as many as three third-party security suites, which among other things, takes a toll on the performance. This week the New York Times' tech tip section addresses the matter. From the article, which could be paywalled, but you don't have to read it in entirety anyway: Installing more than one program to constantly scan and monitor your PC for viruses and other security threats can create problems, because the two applications will likely interfere with each other's work. Clashing antivirus programs can cause the computer to behave erratically and run more slowly as the applications battle for system resources. Microsoft advises against running its Windows Defender security software on the same system with another installed third-party antivirus program. Likewise, antivirus software companies also warn against using other system security products when you are using theirs; Bitdefender, Kaspersky Lab and Symantec all have articles on their sites explaining the potential problems in detail. Programs that do not constantly patrol your operating system, like mail scanners, may not be an issue. What do you folks recommend to people who are not as tech-savvy?
This discussion has been archived. No new comments can be posted.

Ask Slashdot: Should Average Consumers Install More Than One Antivirus Program On Their System?

Comments Filter:
  • by Anonymous Coward on Saturday July 29, 2017 @05:37AM (#54902849)

    Ever since microsoft came out with their windows defender I have seen no need to install any other virus software.

    • by gweihir ( 88907 ) on Saturday July 29, 2017 @06:11AM (#54902921)

      Indeed. The buy the same signatures everybody else has. Also, installing two AW solutions may well result in them interfering with each other. Not a good idea.

      • by AmiMoJo ( 196126 )

        Most of the AV companies offer a free, stand alone scanner that doesn't need installation. Grab a couple of those and run them periodically.

        • by gweihir ( 88907 ) on Saturday July 29, 2017 @12:35PM (#54904283)

          That is a possibility to avoid interference. For suspicious files, you can also upload them to VirusTotal to basically get almost all scanners. Still, unless you behave in a very risky way, what MS offers is quite enough.

          • Isn't that a bit like the fox guarding the henhouse?

            • by MrL0G1C ( 867445 )

              "That is a possibility to avoid interference. For suspicious files, you can also upload them to VirusTotal to basically get almost all scanners. Still, unless you behave in a very risky way, what MS offers is quite enough."

              "Isn't that a bit like the fox guarding the henhouse?"

              Eh? I'm really not seeing how that analogy fits here.

        • I'd rather run a realtime in-memory scanner that has a chance to catch something before it infects my system, instead of running an on-demand scanner that is guaranteed to catch something after it's infected my system.
    • Re: (Score:2, Insightful)

      by Anonymous Coward

      The Microsoft AV solutions serve the one legitimate purpose of AV software: They absolve the person who installed the system from accusations of negligence when the user inevitably gets the system infected. No AV suite can prevent that, but if you don't install any, the lusers think you're the reason their computers got infected.

      Other than that, MS AV is the least taxing on the system, but also lags behind on recognition rates. The former matters, the latter doesn't.

      • by thsths ( 31372 )

        Indeed. The whole mantra that "you should run AV" is BS, because they offer preciously little protection anyway. But at least MSE does not get in the way.

        • by arth1 ( 260657 ) on Saturday July 29, 2017 @07:38AM (#54903155) Homepage Journal

          Microsoft Security has one thing going for it: it's lightweight.
          Every now and then other AV software appears that is light and fast, but invariably they will bloat into a hideous five-headed hippo, simply because they are run by (or bought by) corporations that have to sell, and marketing departments thus demand more and more features. Eset NOD32 is a prime example. It was the leanest meanest and most effective AV program out there. Now it's underperforming bloatware. Norton Antivirus is another example. Peter Norton's software was usable, but what Symantec and an army of outsourced coders turned it into was a monstrosity.

          There's no MBA alive that has understood that featuritis is a deadly disease. I know the schools teach it, including examples from several industries, but every single corporate executive believes that it doesn't apply to them.

          But Microsoft doesn't have to sell on competition. It's a free (as in toilet paper) product. Their incentive is to reduce the number of people who calls Microsoft support with infected or bogged down machines.

          • Eset NOD32 is a prime example. It was the leanest meanest and most effective AV program out there. Now it's underperforming bloatware.

            Oh my lordy lord, AVP is the biggest and best example EVAR. When AVP first hit the scene (in the win2k days) it was amazing. The performance impact was negligible even on the hundreds-of-MHz class single-core machines of the day. Today, it will eat all your performance and then shit on your desktop.

            • Even worse, it's been the main offender when it comes to flagging official Windows OS files as malevolent and deleting them, requiring a reinstall of Windows.

            • Do you mean AVG or Alien Vs Predator...?

          • by freeze128 ( 544774 ) on Saturday July 29, 2017 @10:45AM (#54903763)

            Their incentive is to reduce the number of people who calls Microsoft support with infected or bogged down machines.

            Haven't you heard? Microsoft actually CALLS YOU, and tells you that you have a virus!

        • by TheRaven64 ( 641858 ) on Saturday July 29, 2017 @07:54AM (#54903209) Journal
          If they offered zero security, then that would be one thing. In fact, they often offer negative security. Last year, there was a vulnerability in Norton Antivirus that allowed arbitrary kernel-mode code execution. It would detect new files in the filesystem and scan them in the kernel (stupid design decision number one: the code scanning untrusted and expected-to-be-malicious data should be an unprivileged userspace process with read-only access to precisely one file). Unfortunately, their image decoder contained a vulnerability, so if your web browser or mail client dropped a png file on the filesystem, even if the user didn't ever open it, the system was compromised. Other AVs have had similar vulnerabilities. You're running some code that hooks into the OS, written by people that don't have access to the OS source code and don't know how many of the internals work, with maximum possible privilege. Does that sound like a good plan to you?
        • by MrL0G1C ( 867445 )

          Indeed. The whole mantra that "you should run AV" is BS, because they offer preciously little protection anyway. But at least MSE does not get in the way.

          2nd this, AV gives people a false sense of security. They run risky executables and think that the AV will stop them when a lot of the time AV will sit there and not even notice, or it'll notice a month later that you've got a trojan but all it will do is tell you because the nasty things are so hard to eradicate once they're in.

      • by tlhIngan ( 30335 )

        Other than that, MS AV is the least taxing on the system, but also lags behind on recognition rates. The former matters, the latter doesn't.

        No, it only lags behind on so-called "heuristic" or "machine learning" or "artificial intelligence" recognition tests. These tests don't use known virus signatures, they use programs designed to mimic virus activity. The hope is that your AV solution will catch one of these "bad programs" doing its thing and quarantine it, so potential future threats are blocked.

        Everyon

    • Re: (Score:2, Informative)

      by Anonymous Coward
      More important than anti-virus (except for Window's built-in): an ad blocker (ublock) & NoScript (or equivalent).

      It is easy to convince non-tech users to us an ad blocker, the NoScript gets more resistance since they have to think about which sites to give permission or not (my children hate NoScript).
      • To be completely fair, NoScript is a real pain in the ass to use. Some websites have 20-30 external domains from which they load JS snippets. Figuring out which one the comments section loads from, for example, is sometimes just impossible. If it's facebook.net or disqus.com or fyre.co it's kind of obvious, but if it's douchebagmediamagicsnortingcdn.tv it's not nearly as simple to figure out.
        • Some websites have 20-30 external domains...

          This precisely is what clogs the tubes more than anything else. It is the single biggest problem in internet traffic today. It's like DDOS in reverse. Take a.fsdn.com, please...

    • in the beginning . . . windows defender was not getting signatures from same places as everyone else
    • by Anonymous Coward

      Avast runs well in parallel with Windows Defender, so i leave both on.
      Avast seems to trigger warnings from dodgy web sites and Defender doesn't, so it seems to be providing additional protection.

    • Yeah because MsMpEng.exe consuming 100% cpu during simple file operations is better.
      Windows defender is the TSA of antivirus. Target everything and anything for scan regardless of how impossible it is to be infected with anything harmful in the least efficient way possible using days old definitions that can't target zero day threats.

      Some commercial products really are much better IMO.

  • by Selur ( 2745445 ) on Saturday July 29, 2017 @05:43AM (#54902865)

    - don't install shit you don't want/need (true for all os)
    - don't use windows for browsing (especially if you browse to sites you don't trust)
    - don't click and open every damn email and attachment you get ...

    • by geekmux ( 1040042 ) on Saturday July 29, 2017 @06:30AM (#54902961)

      - don't install shit you don't want/need (true for all os) - don't use windows for browsing (especially if you browse to sites you don't trust) - don't click and open every damn email and attachment you get ...

      Telling the masses to not use Windows for browsing is like telling people to not drive 4-wheel vehicles for transportation. No matter how stupidly easy alternate OSes could be to operate, they're not mainstream, and therefore they are not the dominant option for the illiterate masses. And because users are obscenely lazy, a Windows alternative will have to become the default option.

      As far as installing shit you don't want/need, that describes 95% of the inventory in every app store. Installing pointless shit has practically become a tradition in the mobile universe. I don't see that behavior changing unless marketing crap suddenly becomes unprofitable.

      • by Eric T Duckman ( 4391433 ) on Saturday July 29, 2017 @10:21AM (#54903707)
        I've got an old laptop, around five or six years old, that I refurbished and tried to load Linux on. No matter what distro's live iso I tried, the internal screen would go black after the initial text menu. An external monitor plugged into the laptop would work fine, but what's the friggin point of a laptop that only works when plugged into an external monitor? None of the dozens of suggestions I found on the web helped one bit. This is apparently a bug that goes back years. I gave up, installed Windows 10, and the damn thing works great. Linux is a long, LONG way from being acceptable for the casual user who just wants to use their computer and isn't interested in fidgeting with and tweaking an OS just to get it to load on their hardware, and calling them "obscenely lazy" for it is arrogant, elitist, and pointless.
    • by Maritz ( 1829006 )

      don't use windows for browsing (especially if you browse to sites you don't trust)

      lol. Why stop there. Just get everybody to code their own OS. Much better.

  • by JcMorin ( 930466 ) on Saturday July 29, 2017 @05:46AM (#54902869)
    • Still waiting on the headline "Does Betteridge's law still apply to news?"
      • by Anonymous Coward

        The exception that proves the rule?

  • by msauve ( 701917 )
    "What do you folks recommend to people who are not as tech-savvy?"

    Don't take tech advice from a newspaper.

    ( I don't disagree about installing multiple anti-virus programs, but the NYT is not a highly regarded tech journal)
    • Re:NYT? (Score:5, Insightful)

      by arth1 ( 260657 ) on Saturday July 29, 2017 @07:13AM (#54903077) Homepage Journal

      Not being a newpaper, but a person who started my career writing AV software in the days when AV software writers worked for themselves, not corporations, my recommendation is to not trust any antivirus software, and particularly not the popular ones.

      The virus writers have access to AV software and design and test malware so it slips through as many major AV products as possible. The end result is that the AV software will only get signatures added for the threat days or weeks later, after the malware has ceased to be a threat.

      Instead, use the internet with caution. Think of it as the worst district in the nearby city. Don't drive around looking for things to do. Don't trust the guy on the corner who tells you where there's fun to be had. Only go where you planned to go, and don't loiter idly, looking for fun. Someone will have fun, but it won't be you.

      • Think of it as the worst district in the nearby city. Don't drive around looking for things to do.... don't loiter idly, looking for fun

        There's no need to search anywhere
        Happiness is here, have your share
        If you know you're loved, be secure
        Paradise is love to be sure [youtube.com]

      • In the past that advice would have been good enough and you really didn't need AV. The issue is now even if you avoid running malicious software the bad guys can still take advantage of a bug in the OS or an application to get on to your system.
    • While we're at it, "Don't ever take a computer to Geek Squad for repair".
  • One is one too many (Score:2, Informative)

    by Anonymous Coward

    Antivirus programs are a threat, not a mitigation.

    • Antivirus programs are a threat, not a mitigation.

      The largest threat is the idiot behind the keyboard.

      Good luck with that mitigation. The masses don't give a shit about security. Never have. Never will.

  • No (Score:5, Insightful)

    by louic ( 1841824 ) on Saturday July 29, 2017 @05:48AM (#54902883)
    Some people even argue that antivirus programs cause more vulnerabilities that they solve and advise not to install any. Besides that, they will make your computer ridiculously slow, and might interfere with each other, possibly causing crashes and false positives.
    • Re:No (Score:4, Insightful)

      by JaredOfEuropa ( 526365 ) on Saturday July 29, 2017 @06:18AM (#54902939) Journal
      Some are horrible in that respect, but others like Kaspersky and BitDefender are well behaved and very unobtrusive. Kaspersky has the very rare issue with false positives.

      I wouldn't recommend doubling down on them though. What I would like to see, in addition to using a virus scanner, is a consumer grade device (or something in the router) that performs some useful intrusion / exfiltration detection on the LAN.
    • Also, if you run Windows 95 on modern hardware, it really kicks ass. In other words, you can do a wide variety of dumb things to make your computer faster.
      • Are there *ANY* HTML5-capable web browsers that run on Windows 95?
        • There's a fork of an older Seamonkey release that supports HTML5 and runs on Windows 95.

          http://toastytech.com/files/95browsing.html [toastytech.com]

          Though it might be a bit challenging to get Windows 95 going on modern hardware. If I remember right there's a bug that will BSOD Windows 95 on boot once you get past about 400-500 MHz or so with clock speed. There's a patch, but you have to apply the patch from within Windows...

    • A friend bought a Win 8.1 PC a couple of years ago with (I think) Norton preloaded, one of those "free for a month or three" deals. She did not want that particular virus scanner, she wanted AV or Avira. She downloaded installed her scanner of choice.
      Windows 8.1 could not handle this, it did a fallback to the previous working config and all of the packages she had installed after buying the PC were gone.

      Don't try this at home folks.

      • by Wolfrider ( 856 )

        > Windows 8.1 could not handle this, it did a fallback to the previous working config and all of the packages she had installed after buying the PC were gone

        A) This is why you don't run Win 8

        B) This is why full BARE METAL BACKUPS before installing/updating software is a Good Idea (Aomei and Veeam are good places to start.)

    • > Some people even argue that antivirus programs cause more vulnerabilities that they solve and advise not to install any.

      In the early 2000's there used to be NUMEROUS problems with Norton and McAffe bringing a working machine to a C-R-A-W-L.

      Also back in the early 2000's I actually ran without an anti-virus for about 6 years. Never got any viruses. When MS Security Essentials came out I decided to give it a go. It detected the one virus I had _already_ manually quarantined and renamed: foo_MAYBE_VIRUS

      • Hell, you should be running ANYTHING _first_ in a Virtual Machine (or Sandboxie)

        +1. This is also a great way to avoid pc slowdown from temporary files. Just delete the VM (or Sandbox) for a new one for a fresh start. Sandboxie is more friendly to casual users though.

  • by Anonymous Coward on Saturday July 29, 2017 @05:56AM (#54902897)

    Assuming that US-provided ones have been "assisted" by the NSA, and that at least one other has been "helped" by the KGB, a mix of the two might keep a few more evesdroppers at bay.

  • by Anonymous Coward

    For a number of years I have been running MS Security Essentials for Real Time scanning and Clam Win on a weekly schedule. Clam Win will catch malware and other things that MS might miss. MS catches the odd real time threat. The other thing is to be careful of attachments and suspicious links and train other family members on good surfing practices. This has worked for me. Your mileage may vary.

  • Ask Slashdot: Should Average Consumers Install An Antivirus Program On Their Windows System, Nowadays?
  • Happy to introduce you :) Lol
  • by dargndorp ( 939841 ) on Saturday July 29, 2017 @06:42AM (#54902999)
    When talking to the uninitiated, I like to bring up an analogy using bouncers.

    When you have bouncers from just one security firm, things are alright. He'll do his best to keep the baddies out, things can carry on mostly undisturbed. Things ain't perfect, but hey, whatcha gonna do.
    On the other hand, if you hire additional bouncers from a different security firm, those two groups will spend most of their time shouting at each other, getting in scuffles, fucking things up for everyone.
    This analogy is simple enough to sink in with mom & pop.
    • "Oh ... I don't believe that ... the ones I have spoken with seem like fine young men. In fact I really liked them. I felt safer when there were two. Four AV packages it is then!"
  • Let me know when antivirus software stops people from calling phone numbers on scare pages in the browser or believing that "Microsoft" is actually cold-calling them. The threat model has changed so much between the DOS days and today that the only truly effective security is not falling for scam artist trickery. I get bombed with targeted scams like "check your WHOIS data" that links to somewhere that definitely isn't my hosting provider all the time and I have to talk down "DO NOT TURN OFF COMPUTER, THIS
    • by arth1 ( 260657 )

      Scamming is not the same problem, and shouldn't be treated as such. People being conned by a hooker don't complain to Trojan and Durex, do they?

      • by Jody Bruchon ( 3404363 ) on Saturday July 29, 2017 @08:13AM (#54903259)
        You missed the point. Manipulating the person behind the keyboard always wins. Actual malicious software is nowhere near as big of a problem as it used to be. The bad guys figured out a long time ago that it is way easier and safer to manipulate the user into willingly giving up their credentials and money than to attempt to exploit software flaws in their computers. Sure, there are still malicious things out there, but getting infected with them is a symptom of the same problem: the person using the mouse willfully takes an action that harms them.
  • by Archtech ( 159117 ) on Saturday July 29, 2017 @07:29AM (#54903127)

    Less than one would be better.

  • I found this out myself on my computer. I had Windows defender and McCaffrey anti virus software running and this caused programs to crash and my Nvidia Geforce GTX 1060 graphics card to lock up. I removed the McCaffrey software and everything cleared up. Just running Defender is probably best in Windows I think.
    • I had Windows defender and McCaffrey anti virus software running and this caused programs to crash and my Nvidia Geforce GTX 1060 graphics card to lock up.

      Which is nothing compared to dealing with threadfall, amirite? How are you getting electricity in your hold, anyway?

      • Solar power of course, that or wind power. Dragon fire does not cut it.

      • hehe Those dragons sure are big... First time I've heard of that crapware McAfee being referred to as McCaffrey.. When the original owner of McAfee, whose last name *IS* McAfee, tells you McAfee AV is crap, you *should* believe HIM... Last company I worked for before I retired used McAfee AV/ePo on our Windows XP systems (this was pre-2010, mind you.. I've been retired since then), and THEN they got the wild idea that our 100 node Linux compute cluster needed the Linux version of McAfee.. Oh how I tried to

  • by XSportSeeker ( 4641865 ) on Saturday July 29, 2017 @08:01AM (#54903225)

    Avira and Malware Bytes currently.
    For the most part on anti-virus, Windows Defender will do, but for the average user these days it's more important to have a good anti-malware installed.
    Because the average user keeps going into porn websites and shady Google results which install a whole ton of ad-ware, spyware toolbars and whatnot. Those won't be detected by anti-virus.

    But these softwares have been stagnant for quite a while... this is one area that could use AI to teach and prevent a whole ton of users from commiting the same exact mistakes that people have been telling not to do since early Internet days.

    I'd be particularly keen on an anti-malware software that would write a warning in big red letters when people click on obvious fishing scam e-mails something like: "ARE YOU FUCKING DUMB? STOP USING THE PC RIGHT NOW, YOU ARE NOT QUALIFIED TO IT".

  • by markdavis ( 642305 ) on Saturday July 29, 2017 @08:03AM (#54903231)

    >" What do you folks recommend to people who are not as tech-savvy?"

    Run Linux or just get a tablet. That has been my recommendation for many years now.

  • Antivirus 1: background scanning file foo.dll
    Antivirus 2: detected access to foo.dll, scanning file
    Antivirus 1: detected access to foo.dll, scanning file
    Antivirus 2: detected access to foo.dll, scanning file
    Why is my PC so slow?

    Antivirus 3: heuristics has detected unusual access to foo.dll, scanning file .....

    • by Anonymous Coward

      Antivirus 1: background scanning file foo.dll
      Antivirus 2: detected access to foo.dll, scanning file
      Antivirus 1: detected access to foo.dll, scanning file
      Antivirus 2: detected access to foo.dll, scanning file
      Why is my PC so slow?

      Antivirus 3: heuristics has detected unusual access to foo.dll, scanning file .....

      The more important question is why you are playing with the poop in the toilet bowl

  • Installing multiple AV products is a bad idea. As the summary states, they tend to conflict with each other. Sometimes one will detect the other AV as malware and quarantine some of their files. I've also seen situations where installing multiple AV products will break things (e.g. the networking stack will stop working).

    At its best, antivirus software is a necessary evil. It's going to have a negative impact on performance, and will probably inhibit legitimate functionality at some point. You should

  • I love Linux and use it on my servers. Just so you know I'm not a rabid, metrosexual Apple fanboy. That said, on the desktop, I use macOS and on the couch, I've used a Chromebook. I've come to the conclusion that a lot of (but not all) problems can be avoided if the average consumer would just get a MacBook or a Chromebook.

    Nothing wrong with Windows (I use it on my media PC) but you simply have to "keep driving on the regular highways". And that's just too much to ask from a regular consumer.

  • by OneHundredAndTen ( 1523865 ) on Saturday July 29, 2017 @09:40AM (#54903577)
    The real question is whether antivirus software does anything other than making money for vendors.
    • Running with that... how often do you learn about a virus because you or someone you know encountered it versus from vendor-driven press?

      In over 30 years of being a computing professional, I've only encountered a couple of viruses on machines I use. Both were before '95. I haven't used an antivirus since 2005.

  • What do you folks recommend to people who are not as tech-savvy?

    Same thing as I would recommend to folks who are. NO!

    I don't understand the tone of the summary. It implies there is a situation where it is a good idea to install multiple. There's not. Don't do it.

  • Saying I use Windows firewall cause it's as good as the rest, is a real common phrase. While they are unaware or forget anyone holding a certificate issued by Microsoft can pass through as if it didn't exist.

    Finding the the best AV (which is all that's needed) can't really be done anymore. I used VX.Heavens http://preview.tinyurl.com/ybk... [tinyurl.com] (long gone) and found at the time NOD32 (Eset) did around 85% and the best. The test was to download, open, and move the zip file contents elsewhere, and which did what

  • by Vektuz ( 886618 ) on Saturday July 29, 2017 @11:57AM (#54904079)
    Some of the worst possible performance I have ever seen in my life has been from multiple antivirus softwares fighting with each other for access to a file. For example, you browse to a folder that contains a zip file... Windows Defender starting to scan the file (it gets first dibs because hey, written by operating system manufacture, what do you think?), other antivirus hooks CreateFileW and starts to scan it too. Now you have two applications seeking back and forth over the ZIP FILE trying to unzip it so they can peer inside and "make it safe". It extended what should have been small browsing operations from just a few seconds to many, many minutes.

    If you're evaluating antivirus software, a good measure is how much raw data reads they do when you're just browsing your file system and not opening any actual files. Some of them halt processes and scan the entire file when the file is even just queried from the file table (not even when actually opened), and you end up with file iteration taking as long as it takes to read the entire file contents.

    There is no place in this world for antivirus.

    If they're so dumb that they can't stop from clicking on executables, install windows S on their computer and let them suffer it. Its still more effective than antivirus is.
  • There is a right way and a wrong way to have multiple antivirus programs on the computer.

    The right way: Only one of them can be using an active component that's looking out for viruses in realtime. You can manually run scans or schedule them, just make sure they don't overlap, those scans take time after all.

    The wrong way: Any time you have scans overlap or have more than one realtime component running. They are trying to do the same thing with the same parts of the system, and that will usually slow your s
  • "Should Average Consumers Install More Than One Antivirus Program On Their System?"

    No, they should move to a Linux Distro [distrowatch.com] and quite frankly I'm amazed you have to ask such a question on slashdot.
    • by dddux ( 3656447 )
      I always tell people who cannot think further than Windows to at least install VirtualBox and a virtual OS, be it Linux [that I wholeheartedly recommend] or Windows and browse the Internet from it. Then you don't need any AV even if you're not particularly computer literate.

Doubt is a pain too lonely to know that faith is his twin brother. - Kahlil Gibran

Working...