How sure are you about your AV ?

[RejZoR]

avast! (and AVG)
AVIRA
Kaspersky
Bitdefender

These companies employ some of the most talented security engineers. I would and I do leave my systems secured by any of these listed companies.

 

[NationsAnarchy]

avast! (and AVG)
AVIRA
Kaspersky
Bitdefender

These companies employ some of the most talented security engineers. I would and I do leave my systems secured by any of these listed companies.

This.
End of story.

Plus the link from OP's first post seems a bit "fishy".

 

[Ebo]

I use F-secure full internet security and have done it for years, it works and gets the job done, Im happy.

 

[RejZoR]

According to these folks, only 3 AV programs were capable of protecting your system against the ETERNALBLUE exploit installing the DOUBLEPULSAR backdoor.

Read it all here: https://www.mrg-effitas.com/eternalblue-vs-internet-security-suites-and-nextgen-protections/

The "only 3 AV's were able to protect" statement is incorrect. What MRG's document is stating is specific blocking of the exploit component.

AV-Comparatives did the comparison on the binary side and the results there were basically "only 3 AV's didn't detect it (on binary level)". Out of which I know for ESET that it missed the binary but did detect the exploit mechanism. Haven't checked the others.

This is where I can point out the general hatred or dislike of cloud functionality, but it was exactly what made early protection possible.

Back in February 2017, early variants of WannaCry were spreading around. Cloud systems picked them up and processed them through similarity search algorithms. Fast forward to the recent incident and most of companies already had "white cells" ready in ther protection systems to combat all new variant which had similar ancestor in the past.

I think the fatal flaw of WannaCry was that they used a known variant and just modified it. It's why binary was so widely detected by pretty much everyone.

 

[FordGT90Concept]

Not buying that article. It seems to assume our computers are still vulnerable to the exploit. If you keep Windows updated, there's nothing to protect. Microsoft pushed out the patch in March.

It sounds to me like they tested the worm and the payload. The worm creates a kernel-level vulnerability which, if remains open, means any future virus could exploit it. Some antiviruses protect against the current known worms but that doesn't mean a future virus won't exploit it far more effectively than the current flavor they're protecting against. The tunnel, fundamentally, has to be closed.

I haven't read up much on it but if we're talking about NSA-level worms, they create new holes the moment the infection takes hold. Patching the original vulnerability will not plug all the other holes the worm created. NSA even used compromised Verisign security certificates to authenticate itself so not even security certificates can be trusted.


I think the only way to truly secure a system is to get adopt a complete deny-all policy with allow exceptions. Problem is that has to happen not only in firewalls, but in software, kernel, and firmware too. Truly makes me wish Microsoft finished Singularity. A completely managed environment is about the only way to almost eliminate malware.

 

[RejZoR]

Default deny doesn't work. Reason, when something isn't known, it's assumed it's bad (but isn't necessarily actually bad). But user needs to run it. Who is the authority to define if it's really bad or not? The user. And we know how that goes...

 

[cornemuse]

"how-sure-are-you-about-your-av"

Well, given that it is in the best interests of ALL av companies that hackers/who-ever continue to come up with newer & more insidious virus'/malware progs, I am a bit suspicious of all of them, , , ,

-c-

 

[RejZoR]

If you're trying to bring up the "AV companies are doing it" conspiracy theories, I can tell you, with the amount of baddies out there, they have their hands so full with work they don't have time to make things like this themselves.

 

[Bill_Bright]

Most of us here know there are no absolutes, but there are people less adept at computers that believe there are absolutes and that they start with m$ because of of windows, and because of that thought process everything that happens is also, defacto, m$'s fault.

Being less adept at computers is acceptable and understandable - not everyone wants to be computer/networking/security experts, nor should they have to be.

But there are many, including regulars on this site and other tech support sites who should know better, but blame Microsoft anyway, just because they are biased against the company, or Bill Gates, "corporate greed" or even the US.

And security is a primary example. The bad guys put us here, not Microsoft. And users failing to keep their systems updated and then were click happy were at fault, not Microsoft. But who relentlessly gets blamed?

RAM fails and creates a BSOD - it must be Windows' fault.

My email is missing. Windows did it. My 15 year old laser printer doesn't work with W10. It is Microsoft's fault! No it isn't! The printer maker failed to provide current drivers.

There's a regular poster at another site right now who blames W10 for the decline in sales of VR headsets. He claimed, "So much for Creators' Update of the much hyped Hololens and VR technology. This is what happens when Microsoft introduces new features in Windows without improving what's already there".

Huh???

I mean, go ahead and blame Microsoft when due. There's lots of legitimate fodder for that. But get real!

If you're trying to bring up the "AV companies are doing it" conspiracy theories, I can tell you, with the amount of baddies out there, they have their hands so full with work they don't have time to make things like this themselves.

avast! (and AVG)
AVIRA
Kaspersky
Bitdefender

I agree 100% when talking about the grunt labor in those companies - that is, the hard working developers doing the actual work.

But the fact is, only Microsoft as the real incentive to stop the bad guys. Why? Because Microsoft will be blamed anyway! That's why MSE/WD are free! Microsoft makes no money off those products but has every incentive for them to work - to avoid misguided bad publicity by all those biased MS bashers.

But the executives and shareholders at Avast!, AVG, AVIRA, Kaspersky, Bitdefenders and the others have zero incentive to stop the bad guys. None at all! If they stopped the bad guys, that would put them out of business and they know it.

So do you put your trust in a company that really does want to stop the bad guys? Or do you put your trust in a company that thrives when the bad guys thrives and depends on the bad guys thriving? I vote for the former.

 

[RejZoR]

If you seriously believe that any company can stop ALL criminals who are writing scams, malicious software, exploits etc, you couldn't possibly be more wrong.
It's all about 2 things. Money and market share/monopoly.

Malware is huge business. So, there won't be any shortage of people eager to earn some money. And monopoly position, when company achieves that, they'll have problem with targeting. If you have a monopoly in one country, baddies will only target your product, if you share the market with others, they have harder time penetrating that and in the end, users are actually more protected.

So, everyone saying uh oh Windows Defender is awesome, everyone use it. That'll collapse the herd immunity so to speak. It's literally NOT a good thing. Despite all capability and tech, Windows Defender is incredibly primitive program. It's way too passive and it kinda works well with signatures for known stuff, but for outbreaks like the last one WannaCry and similar, you need reactive system, the ones that protect you from unpredictable things. And all the companies/products I've mentioned above have this. They have highly reactive products and that's what I prefer to rely on.

Only way Microsoft could for the most part eliminate malware is totally lock down the system to their stupid UWE or whatever they call Win10 apps and go the way of MacOS/iOS. I've heard glimpses of MS heading that way, but frankly, it's the future I don't like or want. The charm of Windows is that it's a closed sourced system that is hugely open to the users. When you close the thing down it'll become some limited capability launcher for apps and that'll just be total crap. I don't want it and even if that means I'm "forced" to use antiviruses or care about security myself.

 

[Bill_Bright]

If you seriously believe that any company can stop ALL criminals who are writing scams, malicious software, exploits etc, you couldn't possibly be more wrong.
It's all about 2 things. Money and market share/monopoly.

Who the heck suggested that? I sure didn't. Please don't twist what people say. That's just not cool.

I NEVER said any company, or even suggested Microsoft "can" stop anything. I said they are the only company that truly has the incentive to "want" to stop the bad guys. Microsoft is the only company that develops anti-malware solutions for home consumers that benefits by ridding the world of malware. They don't make any money on MSE/WD and they don't use the free MSE/WD to promote any pro/paid versions like all your favorites do. They are not in the anti-malware software business to make money.

None of the other companies benefit or have the true incentive to stop the bad guys for that will put them out of business.

So, everyone saying uh oh Windows Defender is awesome, everyone use it.

Come on! There you go again. No body said that. If you want to debate maturely, stop with the "alternative facts" please!

Who said WD was awesome? Not me. Never. I have said it is a "decent" solution, "more than adequate", "capable". I even agreed with others that it is the "baseline" solution. But guess what? Baseline does not mean bad. You don't need to drive around in an Abrams tank to be safe. You do need a properly maintained and updated car, and most importantly, you need to drive defensively.

It's way too passive and it kinda works well with signatures for known stuff, but for outbreaks like the last one WannaCry and similar, you need reactive system, the ones that protect you from unpredictable things. And all the companies/products I've mentioned above have this. They have highly reactive products and that's what I prefer to rely on.

Demonstrating it is clear you don't know how WD works, or even your own suggested products. Yes, WD uses signature files, but it also uses behavior analysis. And BTW, both techniques (signature files and behavior analysis) are "reactive" technologies but the fact they know what to look for also makes them "proactive" - a good thing. And exactly what your programs do too.

And for the record, Windows Defender detects and removes WannaCrypt which you would know if you did just a tiny bit of homework before bashing.

I've heard glimpses of MS heading that way

And again, it is clear you don't know how things are. Homework!!! While not expected soon, it is very likely Windows will go open source in the not too distant future.

Let me Google that for you.

Frankly, your rant just illustrated my point about some folks being biased against Microsoft. Others in this thread have made a point about not using an anti-malware solution at all. Do you pounce on them? No - even though their admission is actually a testament to how secure Windows by itself is. And how they don't need your fancy, profit seeking solutions.

 

[Beastie]

Frankly, I'm not over confident of any line of defence.

So I use Avira, Malwarebytes, always update Windows security updates and have Adblock and Noscript on by default.

 

[Bill_Bright]

Frankly, I'm not over confident of any line of defence.

A wise precaution, IMO. And definitely not a paranoid one either. It would be unwise to assume any of us are smarter than the bad guys.

 

[Dethroy]

Might be worth a read...

http://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html?m=1

 

[RejZoR]

Oh my god dude, Bill, you're reading into things that aren't there and twisting it through some sort of your alternate reality. If you really understood any of this, you'd know that even if any company had the incentive to stop it all (and trust me, they do), they cannot EVER achieve that even with best efforts. Bloody Linux is crowdsource developed by basically entire world and it can still be exploited and hacked. But, be my guest saying AV companies just "aren't trying hard enough".

Stop quoting and interpreting individual sentences and read the whole damn paragraph. You're again reading into things that aren't even there. For god sake, I can't even respond to this horrible mess.

And about the Microsoft's direction, I have my very insider sources that told me what direction MS is heading. Making Windows open source will fix exactly absolutely nothing. But if you believe something being open source miraculously solves everything, you're even more delusional than I thought you are.

 

[FordGT90Concept]

Default deny doesn't work. Reason, when something isn't known, it's assumed it's bad (but isn't necessarily actually bad). But user needs to run it. Who is the authority to define if it's really bad or not? The user. And we know how that goes...

Which is why I said a completely managed computer is really the only solution. Everything is walled off (no cross-memory nor cross-thread access), everything has to be signed twice (once by the publisher/manufacturer and once by Microsoft), the hardware firewall only lets through traffic from sources that have both valid certificates, and so on. The problem is that doing it would be so restrictive that no one would want to use it. Where performance is more important than security, it wouldn't be a good idea to use at all because managed platforms have a significant performance penalty.

Might be worth a read...

http://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html?m=1

So true. Microsoft should have gotten into the anti-malware business the moment it became a thing. They waited too long. Relying on third party software to secure an operating system is asinine.

 

[RejZoR]

Oh boy, I guess my part about antimalware monopoly flew over everyone's heads because being outraged over me supposedly implying something was more offensive than what I was explaining with that sentence...

 

[Bill_Bright]

Oh my god dude, Bill, you're reading into things that aren't there

No. I quoted you. You said it. Nothing twisted, unlike you when you replied to me with this comment:

If you seriously believe that any company can stop ALL criminals who are writing scam

So no use trying to pretend you said something that flew over everyone's head. You are not that clever.

Microsoft should have gotten into the anti-malware business the moment it became a thing.

They wanted to. They tried! They had planned to put AV code in XP 16 years ago - before the explosion of malware on the Internet.

But Norton, McAfee, TrendMicro, CA and the others whined and cried "Monopoly" to Congress and the EU claiming it was their job to rid the world of viruses (we see how well that worked!). And they cried that Microsoft was trying to rule the world - they were, but not the point.

Congress and the EU heard "monopoly" and that was it. They threatened to break up Microsoft if MS didn't stop their plans. This is when MS was ordered to allow alternative browsers too. But again, there was no incentive for those companies to rid the world of malware so the bad guys proliferated unabated.

And all our elected officials refused to fund law enforcement the essential resources to counter the bad guys too. Neither did the UN.

Microsoft actually might have had a chance to nip it in the bud back then - if allowed. Now it is too late.

Notice how Congress and the EU have been mum about WD in W8 and W10? That's because they know they mess up before.

 

[RejZoR]

How the fricking hell am i even suppose to reply to your quoting clusterfuck? Quote on quote on quote blaming me for making shit up even though it's you who said it initially. I'm not playing this stupid game.

I'll just say it again in one sentence. You got it wrong and you got it wrong on so many levels it's not even possible to reply back.

 

[DeathtoGnomes]

No. I quoted you. You said it. Nothing twisted, unlike you when you replied to me with this comment:So no use trying to pretend you said something that flew over everyone's head. You are not that clever.

They wanted to. They tried! They had planned to put AV code in XP 16 years ago - before the explosion of malware on the Internet.

But Norton, McAfee, TrendMicro, CA and the others whined and cried "Monopoly" to Congress and the EU claiming it was their job to rid the world of viruses (we see how well that worked!). And they cried that Microsoft was trying to rule the world - they were, but not the point.

Congress and the EU heard "monopoly" and that was it. They threatened to break up Microsoft if MS didn't stop their plans. This is when MS was ordered to allow alternative browsers too. But again, there was no incentive for those companies to rid the world of malware so the bad guys proliferated unabated.

And all our elected officials refused to fund law enforcement the essential resources to counter the bad guys too. Neither did the UN.

Microsoft actually might have had a chance to nip it in the bud back then - if allowed. Now it is too late.

Notice how Congress and the EU have been mum about WD in W8 and W10? That's because they know they mess up before.

Wow, there was so much more to that anti-trust cry then just the anti virus part. m$ blocked other programs from running and/or from running correctly, Netscape ring a bell?. There was so much more than just the "issue" with internet explorer, m$ is still adding programs that users dont want and preventing users from uninstalling them. OneDrive ( and its iterations) is the most recent prime example, go ahead try to uninstall it like any other program. You had/have to edit the registry to disable it. To me, this puts that in the malware category. The bottom line is that B.Gates did not want to play with others, look what he did to his "friends" at Apple.

And please stop mixing bashing m$ with complaining about them. Its a fine line and hard to stay on the right side.

Might be worth a read...

http://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html?m=1

a few decades ago, the popular opinion and a few facts, was that A/v was doing more harm than good and usually was to blame for win95/98 constant breaking. No one listened. And here we are, very few A/V are worth their salt, hoping M$ will "fix their holes" faster than we can complain about them.

 

[erocker]

Havent used an a/v for at least 10 years. More hassle the they' re worth.

 

[FordGT90Concept]

OneDrive ( and its iterations) is the most recent prime example, go ahead try to uninstall it like any other program.

You can easily uninstall it in Creators Update via Programs and Features. It only installs from that specific user though.

What I hate is how Windows 10 adds shortcuts to your start menu for Windows Store software (Candy Crush, Facebook, some racing game, don't remember the others) and then, within an hour, it starts downloading them regardless if you unpinned them from the start menu. It's Microsoft pushing the bloat now instead of OEMs. That said, once they start downloading, you can uninstall them. Waste of bandwidth and pisses me off.

Havent used an a/v for at least 10 years. More hassle the they' re worth.

I'm in the same boat.

 

[Final_Fighter]

Havent used an a/v for at least 10 years. More hassle the they' re worth.

i found that some AVs are almost like a virus themselves. annoying and always asking me for something thats not important. some free solutions are even like ransomware.

i've gone on now ~5 years just using MSRT, browser pugins ghostery and ADP. sometimes use ADWCleaner from malwarebytes. reading threw everything i am about to install and monitoring my network connections.

 

[RejZoR]

Havent used an a/v for at least 10 years. More hassle the they' re worth.

WannaCry sure showed how that "I'm Mr. Smart Guy, I don't click things I don't know" has worked out... And what is that hassle? A false positive every few years?

 

[Kursah]

Not sure if anyone read this, but Windows 7 accounted for the most affected OS from the WannaCry outbreak. Windows 7 x64 being the bulk of Windows 7 versions that was hit.