Guide | How To Anti-Virus & Malware = Myths and Facts

[Deleted member 178]

You dont need any antivirus for linux. Linux dont have any virus. Only update the system with official updates

in fact you have 48 known malwares but they all need root access so you will be prompted (normally) so if you are not dumb, you should not be infected.

 

[Witchsmeller Pursuivant]

I would agree with you that running two main anti-virus applications is asking for trouble. I tried it many years ago and my system crashed, it became unusable. I had to reformat and install the OS again.

As for the quality of free anti-virus and other security applications; I have been using the free edition of Avast Anti-virus with ZoneAlarm free firewall, SUPERAntiSpyware free edition, Zemana AntiLogger free edition and Malwarebyte Anti-Exploit free edition for a year now, and my PC is malware free. I also use Hitman once every month. I am very pleased with the protection that Avast and ZoneAlarm offer.

 

[tallorder]

2: Choose your Antivirus how to?
There are a lot of factors to take into account when you’re trying to select the best antivirus solution for your needs. With the security of your data, digital identity and financial transactions at stake, it’s worthwhile investing some time in assessing each antivirus product.

Furthermore, if you make extensive use of the Internet, email, messaging and other web services, it’s important to consider a solution that includes Internet security software and technologies that can make your online activities much safer.

Criteria to help you get the best virus protection:
Unfortunately, not all antivirus products provide a reliable, usable solution that delivers an adequate level of protection against malware. When measured against the following criteria, even the market’s top 10 antivirus solutions may achieve very different scores:

•Reliability
Even the most thorough antivirus solution can prove to be absolutely useless if it conflicts with other software that’s running in your computer. If these conflicts lead to a malfunction or temporary suspension in the antivirus protection processes, that could leave you vulnerable.
•Usability
If the day-to-day operation of an antivirus solution requires special skills, it may be impractical for many users. Any antivirus product that is awkward to use, asks the user complex questions or needs the user to make difficult decisions, is likely to increase the chances of ‘operator errors’. In some cases, if the antivirus software is too difficult to run, the user may simply disable it.
•Comprehensive protection
An antivirus solution should deliver constant protection for all computer domains, all types of files and all network elements that could be subject to attack by a computer virus or other malware. The program should be able to detect malicious code and also protect all channels or entry points to the computer — including email, the Internet, FTP and more.
•Quality of protection
Antivirus solutions need to be able to operate in an aggressive environment that is constantly changing with new computer viruses, worms and Trojan viruses that can be much more complex than previously known malware, and may include new ways of avoiding the actions of antivirus programs.
Quality of protection partly depends on the following:
Effectiveness of malware detection processes
Frequency and regularity of updates
Ability to remove infections from the computer
Efficiency in delivering computer protection – without significant impact on the computer’s performance

•Free Antivirus or Premium
1: It will never happen to me.
2: I won’t click on anything I don’t recognize.
3: Only uneducated computer users get viruses.
4: I don’t need to pay for antivirus software.
5: Free antivirus is better and cheaper then premium one.
Do any of these statements sound familiar? As we’re all aware, we live in an ever-changing world in regards to technology. Ask yourself, do you keep up with the latest cyber-security threats and viruses? If not, don’t worry, Its my job to stay updated. I personally recommend to use a robust antivirus that will keep your computer protected from the latest viruses and cyber-security threats.
You may be thinking that a free antivirus is a good, cost-effective solution. Unfortunately, it isn’t. Think for a moment, what motivation does a company have for offering a good free antivirus product? Many of the companies that offer free antivirus products also offer a paid version. Which version do you think is the most up-to-date? Which version do you think is the most efficient at keeping your computer safe? The paid version. Many free antivirus software include advertisements. Many times these advertisements are often the cause of infections in the first place! By purchasing a good antivirus upfront you are essentially achieving a baseline protection and system hardening. Lets say you disregard my advice and use a free antivirus; if you become infected, the cost to clean the virus has cost you at least 1 and a half times the amount the paid antivirus would have cost on the front end.

Obviously I am not talking about some annoying little Trojan, I am talking about a real virus.
How many people come here on the forum asking for malware removal even tho they have a free antivirus running?
Remember the example about Mister X?
Also did you know that most free antivirus gather surfing habits? anonymous statistic's and other information about your pc? Keep in mind there is no such thing as free.
I am not saying that Free antivirus should be avoided, no I am saying free antivirus is MUCH better then NO protection at all.

Here let me give some more examples.
Paid-for security software

• Paid-for software provides an high grade all-round antivirus, antispyware and firewall solution accessed through a single interface.
• Individual components are automatically updated at the same time so you get protection against the latest threats.
• Most security suites come with multi-user licenses so you can install the same protection on two or more computers in your home.
• Many include useful extras, such as performance management or backup and recovery tools that can help you restore your computer in the event of a disaster.
• Paid-for security suites provide expert customer and technical support.
• Higher detection and removal capabilities.
• Sophisticated intrusion detection and identity protection.
• Emergency updates and vulnerability updates.
• Advanced dedicated removal tools and patches.
• Compatible with virtually any software including custom software.

Paid-for security software cons

• Security suites can be expensive – usually around 30-50 Euro, and you’ll also face ongoing costs usually in the form of an annual subscription in order to receive updates after the initial period of protection is over (usually a year).
• You may not always need all the options a security suite provides and, therefore, you may be doubling up in some areas or paying for protection you won’t use.

Free security software pros

• It’s possible to reasonable protect your computer by using separate free antivirus, antispyware, antispam and firewall programs in tandem.
• You choose only the tools you need. If you already use a built-in firewall and antispyware program, then you may only need to install an antivirus program rather than pay for an entire security suite.
• Free antivirus software means you can try different tools to find one that suits without worrying about wasting money.

Free security software cons

• Free antivirus software provides only a minimum level of protection and lacks the extra features of paid-for software.
• You’ll have to keep each individual program updated to ensure you’re protected against most of the latest threats.
• Most free security software programs are trial versions of paid-for packages and may have time limits for how long you can use them.
• Free antivirus software is typically single-user so you’ll need to download, install and manage a separate version on all your computers.
• You’ll get limited technical support. Most free antivirus programs only have online support.
• Less advanced removal capabilities.
• Less advanced detection capabilities.
• Less advanced vulnerability protection.
• Less sophisticated overall protection.
• More false positives and more data corruption due less advanced removal options (leaving remnants)
• Free antivirus software conflicts more and has less usability and compatibility, next to performance issues.

Just a few differences out of the top of my head.
I am sure that some exceptions can be made and that I missed one or 2 things.
But lets say this paid antivirus does cost money and they are not cheap, but if take into account what you get in return across the whole spectrum then its a rather small investment which buys you the 3 most important things for a company:

• Solid security & performance.
• Continuity & Data loss protection.
• Compatibility & Flexibility.

So to get back at what I was saying within the industry it is a cold HARD fact that free antivirus regardless their claims and testing results just do not have the level of sophistication and protection that a premium package does.
And there is not a soul on the planet that can convince me otherwise because facts are facts.
So many magazines and blogs write great articles and most of them are theoretical correct, but in the real world things are VERY different.

* Do note that: Avast, Malwarebytes, Avira, AVG, Bitdefender and Comodo as free versions are pretty darn good, they have the same scanning modules as their premium versions BUT their performance and overall protection is no where near their premium packages.
Otherwise why would they offer you a premium package if the free one is just as good.
Or do you really think you only pay to have access to technical and costumer support?

•Conclusion
Your technical expertise and knowhow are perhaps the biggest factors in choosing the best software for your needs.
And last but not least the specific configuration your pc has and its present state is a HUGE factor.

That said again a VB test report is not going to make that choice for you. In fact based upon the detection percentages and reviews it might even push you towards a WRONG antivirus brand.
End of part 2

That really is , in a nutshell, the greater part of my problems today:

Your technical expertise and knowhow are perhaps the biggest factors in choosing the best software for your needs.
And last but not least the specific configuration your pc has and its present state is a HUGE factor."

Because of the limitations of this computer, I am unable to run ..this..with ..that..due to slowing the machine, lack of knowledge as to how to configure a protection program... such as using Emsisoft AV to behavior monitor, and not run constantly, where it would conflict with McAfee on here....

I look carefully at suggestions put up on MT: who put them up, on what computer configuration, works with ...? what else, or doesn't work with...?, and more: Do I want to use that advice or suggestion or not? I may not. Sometimes I just realize I still lack the ability still to use some parts of a program, and not all of it.

I do wish that there was an area of MT similar to Malware Removal, where my computer could be worked with and configured, not because it is infected, so it (hopefully) WON'T be infected!! Right now, I am choosing as carefully as possible, to not crash this system, and doing trial and error downloads and removals if it doesn't work well (with this computer)- or with my ability to utilize the program. I would be MORE than tickled to pay for such help, but then, look at all the learning I might miss!, as well as learning to be responsible for my own mess!

 

[WinXPert]

Reading POST 1 of them text walls. Will read 'em all.

 

[T3chnopsycho]

Very insightful post (gonna read the one from Umbra you mentioned as well).

Especially the part about running multiple Anti Virus Programs simultaneously was new to me. I always went along the thought of "The more the better". Guess I'll have to keep that in mind from now on.

Thanks a lot for the interesting post!

T3chnopsycho

 

[tina whittington]

3 Can I run multiple Antivirus programs?
In most cases, it is not possible to run two antivirus programs simultaneously on a single computer.
Even though users may be tempted to try to implement what they might regard as ‘dual protection’
There are good reasons why trying to operate two different antivirus products will normally cause difficulties sooner or later.
Giving the antivirus scanner access to critical data is a MUST and having multiple programs injecting their code into your kernel is going to cause trouble.
For effective antivirus detection that protects against computer viruses, worms, Trojan viruses and more the antivirus software has to be allowed to penetrate to a suitable level within the computer... deep into the system kernel.
This is because the antivirus product needs to intercept system events, deep within the computer.
The intercepted data is then passed to the antivirus engine for analysis so the antivirus scanner can scan intercepted files, network packets and other critical data.

If there are two antivirus programs running on a single computer, they will each try to install interceptors into the same part of the system kernel. This is likely to result in conflicts between the antivirus monitors probably with one of the following consequences:
One of the two antivirus programs will fail to intercept system events.
One of the two antivirus programs might activate self-defense modus and consider the rival antivirus as corrupt or hostile.
Each antivirus program’s attempts to install parallel interceptors will cause the entire computer system to crash or they disable rival interceptors.
Registry corruption, Data loss, Service interruption, firmware corruption up to even permanent root damage.
These are HARD facts.

There is a exception to the rule: Malwarebytes can act as a passive On-Demand scanner and thus achieve a dual protection status, while respecting the integrity of the active main antivirus solution.

I have seen MANY members claiming that they are actually mixing different programs, but within the industry I can tell you I would lose my job right on the spot if I would try to run 2 antivirus programs (In Resident Active Modus) on our systems.

So let me make this VERY clear: You can run Malwarebytes in passive mode next to your active internet security package, however this is not recommended.
If you would run both in active mode you will see a wide range of problems going to come your way, as I explained above.

That being said the difference between Internet Security and a standalone tool are HUGE.
But they can mix if you use a proper configuration again this is not recommended unless you know what you are doing.
So bottom line:Your Internet Security = ACTIVE and Malwarebytes (Or similar tool) = PASSIVE.
This way you can mix between the rules and get away with it.
But realize that your Internet Security can do it all, so there is no need for another program.
But if you do insist then you accept the risk that it might backfire.
However tools like Mbam (Passive mode) and other standalone programs like Mcafee stinger can serve as a second line of passive protection (On-Demand)

In regards to running Multiple Internet Security programs say: Mcafee + Norton 360 + Kaspersky.
Doing this is so stupid and so dumb... you might as well throw your pc in the water.
You will not gain anything, and you will render your pc useless.

If I am taking the Industry as a standard (Which I do) then if anyone is claiming otherwise is going against what real experts say.
Or do you really think that the System administrator and security specialist of a huge company can get away with data loss when they find out that they mixed all kinds of security software?

That's why I keep saying Internet Security and Antimalware protection is a serious business and should be regarded as such.
For you on your home pc it really does not matter if you have to reinstall windows 15 times a year, what you got to lose? a few songs a few movies some banking details...
Let add a price tag to it. Say 100 dollar every time in data loss.
If I would do such a thing at my work, 1 hour of system & network downtime costs over 250k per server.
I would love to see how my boss is going to react when this happens due to my fault.

But if you want to mix programs... go for it, but do accept the risks.

I hope this explains why I sometimes come across like a bastard, but I did not intent to make you feel bad. You may not like my guide and you may not agree to what I wrote, but that does not make it any less true.
Virtually everyone who works within the industry will agree to what I wrote here.
Sure you doubt that right?
Well ask around on the forum, and ask yourself why this topic has been made a sticky?
Or ask a senior staff member to validate this topic.
Again my aim is not you feel bad, but my aim is to make you think and learn.
I am just trying to educate those who do not know or think they know.

PS: Umbra Polaris did write a seriously great topic I suggest that if you did spend the time to read my topic, that you honor his topic with some time as well, because the info is SPOT ON.

So if you got questions or comments please post a reply.
Cheers

sorry I am a complete technophobe I cant even work out how to post a comment. I just wanted to say thanks very much for the info I don't know anything about different antivirus products and both my laptops have run out so ive been looking for free ones because im skint as hell at mo, I realised when I tried to install one that they want access to everything and can pass info on but its all very confusing especially when you have a brain like mine which switches to sleep mode when im needing it to learn this stuff. thanks for all your advise and for writing it in a manner even I can understand, tinax

 

[Juanantho]

Very good read! Thank you for your effort. It's appreciated!

 

[Wihat]

I've just bookmark this page. What a great tips here.

 

[safe1st]

Very good! @Nico@FMA
thank you

 

[kodesilo]

excellent!!!!!!!!!!!

 

[c4ndym4n]

Wow, very nice post!!! I was looking exactly for this!

 

[imad81]

totaly agree with you ,
thanks man

 

[ahity]

i read post 1.. watch this post to read them all later
its interesting post, thank you for sharing

 

[Orion]

’t need to pay for antivirus software.

• Free antivirus software provides only a minimum level of protection and lacks the extra features of paid-for software.

Which free AV are you talking about? Most popular free AV's have just as much as protection as paid and sometimes even better.Like someone is going to hack me if i don't run some other firewall except windows and spy on my family pics

I am sure malware writers have better things to do.Big example here: Comodo IS,Avast!

 

[ravi prakash saini]

I am sure malware writers have better things to do.Big example here: Comodo IS,Avast!

you are right malware writers have better things to do what if they decide to do those better things through your system

 

[Orion]

you are right malware writers have better things to do what if they decide to do those better things through your system

1/3 made me reply....First off I would ask you to kindly tune it down fellow indian.

You just missed the entire point the malware writers won't bother to hack a normal joe user they aren't the NSA or CIA.Of course if you are in a IT enviroment it works differently because then you maybe the target.

Speaking about doing it through a normal joe's system they need to get past all the other protection modules in win8 and ahead assuming you use the latest windows as most users do.They can't run bitcoin miners and other stuff unless the user and the security programs allow them to.But again if you have a up-to date system clears off any rare chances of this happening^^^

I don't understand the myths with free av programs especially with indians who keep thinking free is not as good as paid.

You want to hack my system and spy on me.Goodluck I have nothing so precious on it!

 

[ravi prakash saini]

1/3 made me reply....First off I would ask you to kindly tune it down indian.

You just missed the entire point the malware writers won't bother to hack a normal joe user they aren't the NSA or CIA.Of course if you are in a IT enviroment it works differently because then you maybe the target.

Speaking about doing it through a normal joe's system they need to get past all the other protection modules in Windows 8 and ahead assuming you use the latest windows.

I don't understand the myths with free av programs especially with indians who keep thinking free is not as good as paid.

Zombie (computer science) - Wikipedia

 

[Orion]

In computer science, a zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse programIn computer science

So you are completely taking the words off wiki? Why am I not impressed? In order for the hacker to gain access to the system there is has to be some malicious program on your system for the attacker to continue infecting other systems.

Same with wannacry and how it initially started,once a computer is infected with the malware possibly from mail attachments it auto infects other systems.Its literally not profitable for regular malware writers to infect or spy on regular user's computers.There was a time when rootkits used to get bank account details but that time is gone.Also consider other situations with win8.1 or 10.

Also did I mention I am indian too and I have spent time into infosec since my teens.

 

[Malware Person]

man! this is a nice guide. keep it up, man! everybody should read this guide. its awesome!

 

[Orion]

Also to add malware writers do target home users too atleast the regular malware does but when it comes to bigger outbreaks home users are barely the target.

Malware writers know spying won't get them anything so they steal and lock files to get money out.Do people really think that wannacry writers were dumb enough not to download the entire eternalblue package and start spying on the SMB's.Thats not how it works! They used SMB vulnerability to auto infect other systems on the same network.

They could have just done it from eternalblue package without spreading via mails initially but then the Agencies could track them so that's why I guess they didn't go that way.