On Mon, 18 Mar 2019 22:44:23 -0000, Mayayana wrote:

"Commander Kinsey" wrote

| So-called
| zero-days -- malware that's not yet known -- can get
| past AV. It was designed for a different time, when there
| were just a few bugs and the file could be identified.
|
| A different time?!

When AV first came out it updated "definitions" once
per month. There was a file of a couple of MB that
contained byte patterns to identify known virii. I think
there were something like 30K known bugs. It worked
well. Today there are millions and the definitions are
updated multiple times daily. It's a tremendous resource
hog, yet many attacks won't be using a bug that's in
their definitions.

And many attacks are complex. I was reading that
the most common now is spam. I'm guessing that's
mostly spam that gets people to click a link and then
run a 0-day. Like you did with your PDF. Luckily it
probably didn't install malware. I run no sych risk
because I'd never click that link with script enabled.
And I know what to look for more than most people.

If you don't mind the bloat

It uses about the same as an mp3 player. 1% of my CPU.

then AV can be helpful insofar
as it watches for suspicious activity. I install it for friends.
It's better than nothing. But it's not nearly as good as
being careful. Of course you'd have to be a moron and
incredibly dumb to use AV, and even dumber to use MB,
but maybe you're one of those halfwit teacher types?

Funny how I've never been infected, yet both of AVG and MB have flagged up things and removed them.