Tutorial Anti-Virus & Malware = Myths and Facts

Hello everyone,

Since I joined this great community, I have been engaged in many interesting topic's, heated discussions and most of them I enjoyed very much.
During those conversations I did have the privilege to get to know some of you and what I did notice is that there are some who are technically very skilled and have a wealth of info to share, and there you got those who do not know much and base their skills and opinions upon what the masses publish on the internet.
And then you got those people who are called wannabe experts....

There are some really great guides written on the internet, and there is so much knowledge out there that its perfectly understandable if one does not know which is right & wrong, true or plausible.
Because like it or not there are millions of webpages and blogs out there written by so called wannabe experts.
And in my line of work I come across so many people that based their options upon these information sources.

Does that mean that all those webpages and blogs are totally baseless and wrong?
No not at all, some of them actually do have some valid info.
However most of this info is one sided, incorrect or seemingly altered to fill a blog post.
Note that most of these blogs do not have ANY relation to the industry itself and thus by no means represent its standards.

I am by no means going to pass judgment, and I am not going to claim that I know it all, and neither am I going to portray myself as the ultimate UBER expert.
Because I am not in the position to pass judgment, and neither am I mister know it all.
And I am not going to spend the next 30 minutes writing this HUGE topic with the aim to bullshit you and ruin my reputation. So you might wanna give me a break here as I am going to say some controversial and to some even sensational comments based upon my 15+ years of professional experience in the computer industry.
And based upon that experience I hope you will give me a fair shot in explaining some basic things about security software.

Allow me to explain some according to my knowledge.

1:
This test says that, this report say this.
Who gives the best protection?
Who has the highest detection rate?
Who is the best?
Who has the best removal options?


Testing security software is a integral part of the industry and it serves a basic function which provides security developers with a external baseline and way to test their product outside their own protected environment using various techniques and methodologies.

So these tests are usually a indication for the developers and costumers about what to expect from a product at that particular point in time.
Often if a security developer reviews the report they make macro changes into their product to solve issues and to fine tune their end product.

That being said those tests can cloud your judgment and give you a false indication about a antivirus program, if you do not understand how, what and where.
Some say look program X has 99% detection rate...(Yell JUMP jump HYPER hyper) so program X must be the best out there and all others suck.
People that's BS at best...

Some say I have used this product for years and never did have a virus. Really?
Sure whatever makes you feel comfortable....
Fact is most home users are like sheep, they move in the direction all other sheeps move.
That sounds really disrespectful but its the truth.

Imagine if one person says: Uber Antivirus is the best
Some say: Whatever sure.
If 100000 persons say: Uber Antivirus is the best
Some say: I got to try that.
If 1 million people say: Uber Antivirus is the best.
Then suddenly its the biggest discovery since penicillin.

Imagine 1 million people equals 1 million unique idea's and opinions.
Put them in one room, have them talk for 5 minutes then suddenly you got 1 million people and 1 common idea and opinion.

Does that make a product good or bad? Hell no people.... wake up.
Companies like: ESET, Kaspersky, Symantec, TrendMicro, Mcafee and others spend millions of dollars in research, testing and development... Do you really think they are as bad as some of the tests indicate? Or do you really think that they are as bad as some members claim?

example: Mister X used Sophos and due to a friend he tested Malwarebytes, and guess what?
Malwarebytes found 12 malicious files.
So Mister X comes here on the forum and writes a topic: Sophos sucks & Malwarebytes Rocks.

What Mister X did not tell you is that he ignored basic practices, that he did not follow clear written protocols and that he is using keygens, cracks, torrents and a pirated windows which he downloaded from link: http://iamhackingyou-but-youfailto-realizeit.com and that he did not update his PC and config since the stone age.

There you got one sheep planting a opinion on a huge forum like this one.
Now as you probably guessed Mister X is not the only one breaking every rule...
There are millions across the internet.

And then suddenly Sophos has become the nightmare program of the century.
Truth is that you did not allow Sopshos to protect you in the way they intended.
Or did they do all the above things? I do not think so.
Rules and guide's & protocols are there for a reason.
If you fail to plan you plan to fail its THAT simple.

When push comes to shove it really does not matter if you use Sophos, ESET, Mcafee, Symantec, Bitdefender, Trentmicro, Panda, F-Secure and others, they all will protect you and they all will be capable enough to deal with past, present and even future based dangers.

Test results are NOT written in stone and they are just a indication.
Also each program works in their own unique way, some have a kick ass scanner and some have a better removal module..
A Antivirus package cannot be judged just by its detection, one should judge it over the entire spectrum of its capabilities. On top of that basic practices and protocols should be applied or ANY AV will be rendered useless.
(PS did you just click on the above link? you serious? omg... FAIL.)

Most people do not realize that the antivirus industry has various agreements that guarantee a baseline level of protection which has been formally agreed in the industry.
So pick any of the above names and you will be fine.

Also the comparison between Internet Security Solutions Versus Dedicated tools is comparing a donkey versus a duck.
For example how on earth can you compare NIS and Mbam?
Malwarebytes is a dedicated tool, while NIS is a: Jack of all trades, master of none!!
Just realize that there are so many programs out there, and each one does have its own tools and options.
But they are all different and have their own ways, but at the same time they are very much the same.
They all want to protect you and they all try to offer just that.
The hard part is understanding how these programs are going to protect you, and more importantly what you need to do to make sure that a program can perform optimally.

And a test report or a simple review based upon some new malware is not going to do that for you.
 
Last edited:
D

Deleted member 178

you have to notice that some companies using dual-engines (one in-house and one borrowed) do it mostly for financial reasons, their infrastructures are small and they can't hire external (higher skilled) developers , so they do a partnership with another company , using their engine until they can rid of it when they attains the necessary skills to do their own.
 

Nico@FMA

Level 27
May 11, 2013
1,689
you have to notice that some companies using dual-engines (one in-house and one borrowed) do it mostly for financial reasons, their infrastructures are small and they can't hire external (higher skilled) developers , so they do a partnership with another company , using their engine until they can rid of it when they attains the necessary skills to do their own.

Yes I totally forgot about that.
Thanks for pointing that out.
 
  • Like
Reactions: MalwareDetective

Nikos751

Level 17
Verified
Feb 1, 2013
910
n.nvt, Umbra, now I use privatefirewall (hips on) with avira free. Do you say that this protection is lower than by using norton, Eset or kaspersky IS for example? Also, both products are said not to be buggy.
 

Nico@FMA

Level 27
May 11, 2013
1,689
n.nvt, now I use privatefirewall (hips on) with avira free. Do you say that this protection is lower than by using norton or kaspersky IS for example? Also, both products are said not to be buggy.

That really depend on what level of security you seek and require.
But private firewall is a ok product and Avira is not bad either.
Norton is a home product line and they are less tuned for security then for example Symantec which is their very sophisticated business line.
Kaspersky KIS is also a home tuned product as their enterprise versions are way more effective and more sophisticated then their home products.

Personally I would say that the products you have paired up would be more or less close to the average home security product and probably sufficient to your needs.
In terms of raw security and my extensive knowledge about Symantec products (Due to the fact I use it at work and at home)
I would say that it the only product that can clearly match Symantec Endpoint Protection is Sophos Endpoint Protection.
The gap between other rivals is way to big. But this is pure based upon their business line and specific towards endpoint and enterprise solutions.

Now I do know that Kaspersky is VERY solid and does provide some really good security software packages, and the same can be said about Norton and their home products, so if I do the math here and look at the results then I would say yes the level of security given by Norton and Kaspersky is more comprehensive and more sophisticated then PF + Avira.
But one needs to understand that both Kaspersky and Norton do not shine on specific fronts but they shine across the whole spectrum of their package.
So individual tools might be less powerful then your combo, but as a combined package it provided way more protection.
That said private firewall can be tweaked as they have a lot of functions so I am sure you can raise the firewall protection level a pretty bit.
But with default settings its not that powerful compared to KAV and Norton build in Firewalls (Taking into account the whole package)
But at the end of the day if it works for you then stick with it.
Do not fix, if its not broken.

I hope this explains.
 
Last edited:

Littlebits

Retired Staff
May 3, 2011
3,902
In my opinion, there is no proof that paid security software can protect users any better than free security software.
Paid security software does have more protection features but users can get infected just as well. Paid security software also has a lot of bloatware and unnecessary features. Paid security software is also more likely to have more false positive detections of safe files.

In the past, I have had some customers with more infections using a paid security suite over other customers just using using free AV.

All security software can do is protect users who care, are cautious and want to learn. It doesn't make much difference which security setup they use. From my experience, I could say that I have not found one product which would protect all users better than the rest.

Some of my customers can just use Microsoft and never get infections while others will pay for Bitdefender Internet Security, Norton Internet Security, Eset Smart security and other paid software and their system is running over with several hundred infections.

Which proves to me that user actions plays the largest factor when it comes to protecting a system.

You can choose to either use paid security software or free security software and if you are not a cautious user, you will still get infected.

So the choice is up to you, would you rather pay for a software and still get infected or just use a free software?
If you did get infected just using a free software at least you can say, I didn't have to pay to get an infection.

Thanks. :D
 

Koroke San

Level 29
Verified
Jan 22, 2014
1,806
In my opinion, there is no proof that paid security software can protect users any better than free security software.
Paid security software does have more protection features but users can get infected just as well. Paid security software also has a lot of bloatware and unnecessary features. Paid security software is also more likely to have more false positive detections of safe files.

Thanks. :D

Can i use ESS with window defender? I searched in google & knows that WD is not a fully antivirus.
 
  • Like
Reactions: venustus

venustus

Level 58
Verified
Trusted
Content Creator
Dec 30, 2012
4,745
Can i use ESS with window defender? I searched in google & knows that WD is not a fully antivirus.

Microsoft Windows Defender is a program that comes enabled by default with Windows Vista, Windows 7 and Windows 8.

  • Windows Vista/7: All ESET products are completely compatible with Microsoft Windows Defender. Windows Defender does not contain any antivirus functionality, so you will not need to uninstall or disable Microsoft Windows Defender when installing your ESET security product.
  • Windows 8: If you receive a "Detection of installed security software" notification while installing ESET on Windows 8, disable Windows Defender before you continue the installation process. To do so, follow the steps below:
http://kb.eset.com/esetkb/index?page=content&id=SOLN2390
 
  • Like
Reactions: Koroke San

Koroke San

Level 29
Verified
Jan 22, 2014
1,806
Microsoft Windows Defender is a program that comes enabled by default with Windows Vista, Windows 7 and Windows 8.

  • Windows Vista/7: All ESET products are completely compatible with Microsoft Windows Defender. Windows Defender does not contain any antivirus functionality, so you will not need to uninstall or disable Microsoft Windows Defender when installing your ESET security product.
  • Windows 8: If you receive a "Detection of installed security software" notification while installing ESET on Windows 8, disable Windows Defender before you continue the installation process. To do so, follow the steps below:
http://kb.eset.com/esetkb/index?page=content&id=SOLN2390
thanks :3 so do u recommended me to use WD with ESS :D?
 
  • Like
Reactions: venustus

Littlebits

Retired Staff
May 3, 2011
3,902
Call me biased, but I would recommend Eset on it's own;):)

I will have to agree, Windows Defender on Windows 8/8.1 is a full anti-malware product unlike Windows Defender on previous Windows which just basically just anti-spyware product which was replaced by Microsoft Security Essentials.

Usually when you hear members talk about Windows Defender they are referring to the anti-malware product included with Windows 8/8.1.

Thanks. :D
 

Nikos751

Level 17
Verified
Feb 1, 2013
910
The reason I did the question about mu setup was for education reasons. So, littlebits and n.nvt have opposite opinions.
It seems that paid products are less buggy, have better removal capabilities, and provide further features than just detect/remove malware for example backup and more. About prevention and detection I have difficulty believing paid offer more. However I am not a professional and that's why I ask you.

Are engines in home paid av's less effective than those of enterprize products? Are emergency updates faster & more accurate in enterprize products? I really want to know that.
 

Nico@FMA

Level 27
May 11, 2013
1,689
The reason I did the question about mu setup was for education reasons. So, littlebits and n.nvt have opposite opinions.
It seems that paid products are less buggy, have better removal capabilities, and provide further features than just detect/remove malware for example backup and more. About prevention and detection I have difficulty believing paid offer more. However I am not a professional and that's why I ask you.

Are engines in home paid av's less effective than those of enterprize products? Are emergency updates faster & more accurate in enterprize products? I really want to know that.

Actually littlebits and me have exactly the same view, and everything I said is spot on and everything he said is spot on.
Now I am not going to explain again the same thing as I did explain before, but both free and paid will keep you save and protect you and both are doing a comparable job in doing so.

But when it comes to highly advanced malware and very deep infections (I am talking industry money wise where millions of dollars in terms of data loss is at stake) there a paid antivirus specially major brands like Sophos and Symantec, Kaspersky offer onsite and very dedicated and very sophisticated technical expertise to undo the damage and to control data loss and guarantee continuity and there is one example where free antivirus just cannot keep up. But also the tools available within paid software is just way more sophisticated and very well rounded. So judging paid AV just by if it can protect you more is not accurate you really have to judge it across its whole package and the entire spectrum of the tools they make available for you.

But for you as a home user protection A versus protection B is not going to make much difference.
 
Last edited:

Nikos751

Level 17
Verified
Feb 1, 2013
910
Actually littlebits and me have exactly the same view, and everything I said is spot on and everything he said is spot on.
Now I am not going to explain again the same thing as I did explain before, but both free and paid will keep you save and protect you and both are doing a comparable job in doing so.

But when it comes to highly advanced malware and very deep infections (I am talking industry money wise where millions of dollars in terms of data loss is at stake) there a paid antivirus specially major brands like Sophos and Symantec, Kaspersky offer onsite and very dedicated and very sophisticated technical expertise to undo the damage and to control data loss and guarantee continuity and there is one example where free antivirus just cannot keep up.

But for you as a home user protection A versus protection B is not going to make much difference.
I maybe misunderstood but I caught the whole meaning. About deep infections, I understand it as mostly is a matter of removal (If you mean this). About highly advanced malware, what do you mean? Do you refer to malware different from all those things come to millions of home PC's?
What I wanted to compare, was only the application and it's tools capabilities, not the whole service quality with further support etc that a vendor may or may not offer. Maybe it was a fault of mine not to make this clear.
 
  • Like
Reactions: Nico@FMA

Nico@FMA

Level 27
May 11, 2013
1,689
I maybe misunderstood but I caught the whole meaning. About deep infections, I understand it as mostly is a matter of removal (If you mean this). About highly advanced malware, what do you mean? Do you refer to malware different from all those things come to millions of home PC's?

In one of my other guides (Your mouse click matters) I made a serious effort to explain things regarding viruses and user behavior versus protection.
I suggest you take some time and read it. This will give you a full reply on most of your questions regarding this.
Its a very good read and if you pair it up with what I wrote here then you see what I am trying to point out.
 
Last edited:
  • Like
Reactions: Nikos751

Nico@FMA

Level 27
May 11, 2013
1,689
I maybe misunderstood but I caught the whole meaning. About deep infections, I understand it as mostly is a matter of removal (If you mean this). About highly advanced malware, what do you mean? Do you refer to malware different from all those things come to millions of home PC's?
What I wanted to compare, was only the application and it's tools capabilities, not the whole service quality with further support etc that a vendor may or may not offer. Maybe it was a fault of mine not to make this clear.

Before I forget, its a double edged sword, as free antivirus does offer you a minimal up to average level of protection.
And even tho littlebits is totally correct I must say that those infections he is talking about are more user behavior errors.
Afteral most of these people fail to stick to common sense and online practices.
I am sure you do know Symantec Security Response right? For this example I took Trojan banker as a example:
http://www.symantec.com/security_response/writeup.jsp?docid=2011-052405-0550-99

You will see that Symantec does classify it as LOW risk.
But do you have any idea how many people did class this Trojan as a true menace?

Remember Trojan Netsky? it made world wide news as one of the most dangerous Trojans on the planet (From a user point of view.)
it was still classed as a LOW risk up to its most dangerous version medium risk.

Now when I am talking about medium / high risk malware then you will see that getting infected by those is a bit more complicated, as it does usually require weaknesses within your OS, Network, Firewall, Individual software, injection and hacking attempts to plant these viruses.
Or you just allow the file as it was hidden within a seemingly legit program.

Now where free antivirus very much has a problem with detecting, removing and undoing the damage caused by these types of malware.
But then again these malware are not just infections on their own, they are planted so there is a whole chain of events which traditional free antivirus cannot deal with.
And the average paid solution has just a bit more tools and is just a bit more sophisticated to deal with these dangers, both in detection, removal and cleaning up / undo the damage.

I know its not entirely accurate what I just said, because it would require another 5 books to explain it in detail but the general sense is spot on within the short reply.
 

moonshine

Level 7
Verified
Apr 19, 2011
1,265
Is it too late for me to hop in and share my opinions? :(

Kidding aside, whether free or paid, as long as it's made to keep your system clean and safe, WILL WORK as long as you KNOW WHAT YOU'RE DOING. I have tried a whole lot of products over the years and none of them have failed to protect me since I KNOW WHAT I'M DOING. Like I've said before,

It's all a matter of preference.
 

Nico@FMA

Level 27
May 11, 2013
1,689
Is it too late for me to hop in and share my opinions? :(

Kidding aside, whether free or paid, as long as it's made to keep your system clean and safe, WILL WORK as long as you KNOW WHAT YOU'RE DOING. I have tried a whole lot of products over the years and none of them have failed to protect me since I KNOW WHAT I'M DOING. Like I've said before,

It's all a matter of preference.

correct;)
 
  • Like
Reactions: Ana_Filiz
Top