Do you need Anti-Virus/Spyware?

[fluidedge]

Hi,

I've got XP set up on a 32GB partition - do i need to go ahead and install anti-virus software? I don't use Windows all that much, but i obviously don't want viruses/trojans/etc jumping over onto my OS X leopard partition. Could this happen if you don't take precautions?

 

[design-is]

The chances of them jumping are extremely unlikely and I don't think its ever happened or been documented. Data on separate partitions should be safe - Let alone on different operating systems. If you don't use XP for anything dodgy, and your smart enough not to open e-mails with viruses, then there is generally no need for virus protection... As far as I'm aware.

But if you download illegal software, music, or videos & visit disreputable sites then you should invest in good protection.

[disclaimer]I am in no way an informed person or an expert on the subject.[/disclaimer]

 

[fluidedge]

lol - ok thanks.

I try to keep my mac pro all nice and clean and do any downloading to my iBook and move it over to the MP by memory stick oe ethernet. I might just put one of the free virus checkers on my XP partition (AVG is supposed to be good) just in case.

 

[design-is]

Yup, AVG would be my recommendation and has a good reputation as the best free anti-virus as far as I'm aware

 

[RaceTripper]

If you share one of your Mac folders under Windows (i.e. if using Fusion/Parallels) you potentially expose it to any viruses/malware you pick up in Windows. If you aren't visiting hinky websites with IE you probably shouldn't have too much to worry about.

 

[kkat69]

The chances of them jumping are extremely unlikely and I don't think its ever happened or been documented. Data on separate partitions should be safe - Let alone on different operating systems. If you don't use XP for anything dodgy, and your smart enough not to open e-mails with viruses, then there is generally no need for virus protection... As far as I'm aware.

But if you download illegal software, music, or videos & visit disreputable sites then you should invest in good protection.

[disclaimer]I am in no way an informed person or an expert on the subject.[/disclaimer]

Though this is commonly where items are found, even "reputable" sites CAN transmit diseases.

Case and point, MMORPG.com which is a reputable site and does not contain anything 'dodgy' was the target of an attack. Someone, somehow got a banner uploaded either via hacking the site (which is what they reported) or by other means and that banner was able to infect hundreds if not more users that visited the site. Probably half of those users had the above mentality, others probably just didn't have any spyware/etc tool running to catch the trojan and others that did have it were alerted and MMORPG.com shutdown to cleanse. The users that weren't aware they were infected ended up having their video game accounts hacked as the trojan that was transmitted was a keylogger.

Now this is just ONE example of a normal non-warez site being the carrier of a trojan/spyware/whatever. Granted the users that visit that site were the target audience for the particular trojan the mentality of "I don't download pr0n or warez so I'm fine" is just stupid and careless.

True, your probably safe 90% of the time, but without a condom eventually you'll catch something even from someone who 'claims' to be a virgin.

When running Windows on ANY platform you should have some sort of protection regardless. Spyware/Adaware are good tools. You may not get an 'active' item, but you may end up a carrier to infect other people.

I doubt a 'keylogger' running in a virtual window, once the virtual window does not have focus, will be able to pick up keystrokes in the host, but if you have any of your Mac folders mapped as drives they can at least be 'read' by a program without your permission.

I once wrote a proof of concept for our security team where I executed a program that would go out on our network, look for all network shares (especially C$/D$ admin shares) and map them, index them, save the contents to a text file and post that contents to a web site. It caused our network team to re-evaluate our security. This is what can happen if you share any drives or map (reconnect at logon type drives) any drives from your Mac partition. We even went to class on how to 'hack' websites and how easy it was to do to upload a file, replace a file/banner, deface an html page, and sql inject to pull CC numbers and personal info.

If it was that easy, hackers are even better at it and can easily attack a 'reputable site' and replace a banner with a malicious one, as with the MMORPG.com example.

Be careful and remember to always carry protection in the windows world.

(damn caught me monologing)

 

[design-is]

the mentality of "I don't download pr0n or warez so I'm fine" is just stupid and careless.

I did add my disclaimer:

[disclaimer]I am in no way an informed person or an expert on the subject.[/disclaimer]

So there's no need to call me "stupid and careless" - I was merely trying to help by passing on what I had learnt from reading other threads like this on MacRumors in the past.

But I stand corrected.

 

[kkat69]

I did add my disclaimer:

[disclaimer]I am in no way an informed person or an expert on the subject.[/disclaimer]

So there's no need to call me "stupid and careless" - I was merely trying to help by passing on what I had learnt from reading other threads like this on MacRumors in the past.

But I stand corrected.

Don't take it personal. I wasn't calling you that. That's a general attitude some people have, maybe a better word would have been "foolhearty and careless" but /shrug.

My wife's mother had that attitude, we visited and she out of the blue asked about spyware/etc and when I scanned her machine she was infected from over 6mths prior (checking file dates) and she couldn't believe where she got those from. I told her basically "They're everywhere, not just hack sites or pr0n." I told her the same thing, that attitude is not how you want to approach this.

FYI, I DID call her stupid LOL but I wasn't attacking you, I appologize if you took it that way.

 

[design-is]

Oh, sorry I misunderstood. Teaches me for reading posts quickly when I should be working

 

[cohibadad]

Personally, I don't use AV on my Windows Bootcamp or Parallels. I use them for limited reasons. I never used AV on any of my Windows machines until I stupidly clicked on an email attachment and contracted the Klez. Is it safer to use AV? yes. Does it rob performance and add annoyance? yes. To each his own.

 

[Neil321]

I did add my disclaimer:

[disclaimer]I am in no way an informed person or an expert on the subject.[/disclaimer]

So there's no need to call me "stupid and careless" - I was merely trying to help by passing on what I had learnt from reading other threads like this on MacRumors in the past.

But I stand corrected.

i don't use a AV in OS X,but i do in windows world. I noticed your from the uk and was
wondering if you watched a program last night on BBC1 called identity fraud-outnumbered
if you did then that would have opened your eyes to internet security

The only reason i have a AV in windows is i need to test IE7

 

[fluidedge]

interesting i'll try and watch that program on iPlayer.

I don't use XP much, but when i do use it, i find myself using it continuously for about a week (some piece of software i need for a project for example) then go back to OS X.

I think AVG is pretty light on system resources isn't it?

 

[Neil321]

interesting i'll try and watch that program on iPlayer.

I don't use XP much, but when i do use it, i find myself using it continuously for about a week (some piece of software i need for a project for example) then go back to OS X.

I think AVG is pretty light on system resources isn't it?

If you can you ought to watch it,it wasn't all to do with computers but the stuff that was
made interesting viewing,they had IT professionals showing how easy it is to gain info
ie credit card details etc from windows based PC's. Heck i even work with guys who know
a thing or two about how easy this can be done

AVG does have a small footprint but me i use NOD32

 

[arjen92]

I use the laptop from the church to prepare the projection. There isn't a virus protection installed. We surfed the web, to go to our mail. But I've visited many other sites.

We once installed AVG to check whether we would have a virus, but after complete scan only cookies were found (which aren't a threat). So, you can definetely use windows without protection. You just need to know what to do, and what not to do.

p.s. we always install the updates. sp3 was a hassle because auto-update wont install it.

 

[Stridder44]

First thing for everyone to understand: Gone are the days of Norton being a bigger problem to PC's than the virus itself.

I had ran without anti-virus for years. But about a year ago I decided it's pretty stupid to just leave yourself open like that, regardless of how careful a user you are. I use Windows for a gaming a lot of the time so I wanted an AV that had little impact on performance. Turns out there's a lot of good options out there now.

I'd highly recommend Avira. It's free, super low impact (takes up very little resources), only uses a total of about 10 MB of RAM, and is very secure and up to date on definitions. As I said, there are a lot of other good options out there now, but this seemed to be the safest, and had lowest impact.

AVG is alright, but again there are better out there so why settle for second best?

 

[Streamer]

I use the laptop from the church to prepare the projection. There isn't a virus protection installed. We surfed the web, to go to our mail. But I've visited many other sites.

We once installed AVG to check whether we would have a virus, but after complete scan only cookies were found (which aren't a threat). So, you can definetely use windows without protection. You just need to know what to do, and what not to do.

p.s. we always install the updates. sp3 was a hassle because auto-update wont install it.

bringing this up again, but as IT at work, our most common source of viruses are mistypings on common websites. One oops and poof!

 

[Gav Mack]

Yup, AVG would be my recommendation and has a good reputation as the best free anti-virus as far as I'm aware

AVG has got monumentally slower and bloated version 8 onwards, I use Avast Home which is much leaner and has boot time AV checking. It's a bit more fiddly having to register on their website for them to email you a key which has to be renewed annually. Avira also is a better option than AVG.

For Malware I'd install Malwarebytes for regular scanning and the venerable Spybot Search and Destroy which despite looking like an app wrote 15 years ago has free real time protection built in and plus imministation - an IP blocklist for malware sites.

Add keeping your Flash Player, Acrobat reader and Java up to date and you should be fine.

Service Packs have the same problem on Macs and Windows, I never download the slimline installer from Windows or Apple Update. I always download the full (combo) program.

 

[stainlessliquid]

Though this is commonly where items are found, even "reputable" sites CAN transmit diseases.

Case and point, MMORPG.com which is a reputable site and does not contain anything 'dodgy' was the target of an attack. Someone, somehow got a banner uploaded either via hacking the site (which is what they reported) or by other means and that banner was able to infect hundreds if not more users that visited the site. Probably half of those users had the above mentality, others probably just didn't have any spyware/etc tool running to catch the trojan and others that did have it were alerted and MMORPG.com shutdown to cleanse. The users that weren't aware they were infected ended up having their video game accounts hacked as the trojan that was transmitted was a keylogger.

Now this is just ONE example of a normal non-warez site being the carrier of a trojan/spyware/whatever. Granted the users that visit that site were the target audience for the particular trojan the mentality of "I don't download pr0n or warez so I'm fine" is just stupid and careless.

True, your probably safe 90% of the time, but without a condom eventually you'll catch something even from someone who 'claims' to be a virgin.

When running Windows on ANY platform you should have some sort of protection regardless. Spyware/Adaware are good tools. You may not get an 'active' item, but you may end up a carrier to infect other people.

I doubt a 'keylogger' running in a virtual window, once the virtual window does not have focus, will be able to pick up keystrokes in the host, but if you have any of your Mac folders mapped as drives they can at least be 'read' by a program without your permission.

I once wrote a proof of concept for our security team where I executed a program that would go out on our network, look for all network shares (especially C$/D$ admin shares) and map them, index them, save the contents to a text file and post that contents to a web site. It caused our network team to re-evaluate our security. This is what can happen if you share any drives or map (reconnect at logon type drives) any drives from your Mac partition. We even went to class on how to 'hack' websites and how easy it was to do to upload a file, replace a file/banner, deface an html page, and sql inject to pull CC numbers and personal info.

If it was that easy, hackers are even better at it and can easily attack a 'reputable site' and replace a banner with a malicious one, as with the MMORPG.com example.

Be careful and remember to always carry protection in the windows world.

(damn caught me monologing)

You dont need virus protection to know that you should NEVER install ANYTHING from a website that you didnt intentionally go to in order to install something (like going to adobe.com to install flash). It just takes some common sense to avoid trojans, if you didnt ask for the download then why the hell would you download it? Just dont do it, even if its from a trusted site or even if the file is perfectly safe. Banner services get hacked a lot, it just takes some common sense to know that installing something random is never a good thing to do.

If you are always aware of what you are installing and you keep windows up to date then there is little need for anti virus software. And while not malicious or virus-like, people get a lot of adware and useless toolbar crap that bogs down their machine by not paying attention to the options when installing trustworthy programs, a lot of them might have a checkbox during the installation that asks if you want to install some toolbar to help pay for development... DONT.

 

[Gav Mack]

You dont need virus protection to know that you should NEVER install ANYTHING from a website that you didnt intentionally go to in order to install something (like going to adobe.com to install flash). It just takes some common sense to avoid trojans, if you didnt ask for the download then why the hell would you download it? Just dont do it, even if its from a trusted site or even if the file is perfectly safe. Banner services get hacked a lot, it just takes some common sense to know that installing something random is never a good thing to do.

If you are always aware of what you are installing and you keep windows up to date then there is little need for anti virus software. And while not malicious or virus-like, people get a lot of adware and useless toolbar crap that bogs down their machine by not paying attention to the options when installing trustworthy programs, a lot of them might have a checkbox during the installation that asks if you want to install some toolbar to help pay for development... DONT.

That might have been sound advice until the malware coders started producing zero day exploit code well ahead of Microsoft patching it. If you are crazy enough to risk it setting up two user accounts - administrator and using a limited account for browsing is an absolute necessity.

 

[contitego]

The chances of them jumping are extremely unlikely and I don't think its ever happened or been documented. Data on separate partitions should be safe - Let alone on different operating systems. If you don't use XP for anything dodgy, and your smart enough not to open e-mails with viruses, then there is generally no need for virus protection... As far as I'm aware.

But if you download illegal software, music, or videos & visit disreputable sites then you should invest in good protection.

[disclaimer]I am in no way an informed person or an expert on the subject.[/disclaimer]

Two different file sysems. NTFS can NOT be written to in OS-X. It can only be read.

 

[MacDawg]

Two different file sysems. NTFS can NOT be written to in OS-X. It can only be read.

NTFS-3G will allow OS X to read/write to NTFS (Windows)

Woof, Woof - Dawg

 

[Stridder44]

I've been using Microsoft Security Essentials recently (Microsoft's new AV program, which is still in beta) and it has worked fantastically. Avira is fantastic, but when this is released for Vista/7 I will definitely switch. It's insanely lightweight and unobtrusive. Runs like Windows Defender. It's gotten very good reviews from AV testers as well.

A link on MSE for anyone interested: http://www.addictivetips.com/windows-tips/microsoft-security-essentials-review-with-screenshots/