What are Reddit's favorite Anti-Virus Apps?
AV-TEST
AV-Comparatives.org
Hybrid-Analysis.com
VirusTotal
Malwr
Clam AntiVirus
ClamXav
HouseCall
ClamWin
Lookout Mobile Security
AFWall+
AVG Rescue CD
Kaspersky Rescue Disk
Comodo Internet Security
Microsoft Defender
360 Total Security
ESET NOD32 Antivirus
Avira AntiVir Rescue System
Immunet FREE Antivirus
Kaspersky Virus Removal Tool
ESET Online Scanner
aswMBR
Sophos Endpoint Protection
ZoneAlarm Firewall
AVG AntiVirus
VoodooShield
ZoneAlarm Antivirus
SecureAPlus
ThreatFire
VFEmail
Clam Sentinel
Comodo Cleaning Essentials
ClamTk
COMODO Antivirus
Dr.Web LiveDisk
Symantec Endpoint Protection
AVZ Antiviral Toolkit
SMADAV
AVG Internet Security
Ad-Aware Free Antivirus+
Avira Mobile Security
ActiveScan
USB Disk Security
SHADE Sandbox
Webroot SecureAnywhere Antivirus
CacheGuard-OS
Reason Antivirus
Avast Mobile Security
McAfee Security Scan Plus
Top Reddit reviews mentioning Anti-Virus Apps:
I honestly don't pay much attention to this stuff and have just now noticed Norton is my AV. Why is it bad?
Edit: Someone linked this. Looks like Norton is one of the top picks. Almost a perfect rating. In fact if I change it to Windows 7 - it is perfect.
This is a perfect example of Reddit, OP knows quite a lot about AV and most of the people know very little so his message becomes accepted as truth.
After almost 20 years in the AV industry I can tell that the list is not bad, but it's nowhere near accurate. Especially the protection level estimates are not very accurate. http://www.av-comparatives.org and https://www.av-test.org/en/ are good starting points to form your own opinion.
If you'd like to get an invite to a beta group for an AV, mostly production quality, often better since we can fix bugs faster, drop me a PM. You can also go to beta.f-secure.com and apply directly, but it might take a while to get in unless you PM me.
To be fair Windows Defender has typically scored very low in anti-virus certifications the last few years. As you can see on AV-Comparatives last annual test (page 9), Windows Defender did worse across the board than even McAfee.
A few years back Microsoft had this to say (emphasis mine):
> "We’re providing all of that data and information to our partners so they can do at least as well as we are," she said. "The natural progression is that we will always be on the bottom of these tests. And honestly, if we are doing our job correctly, that’s what will happen."
> She added that Microsoft wants "everyone to do better than us because we know that makes it harder for the bad guys".
Yeah, this post is humorous but Defender is actually a great choice for users who understand what they are clicking on.
Source: https://www.av-comparatives.org/tests/real-world-protection-test-february-june-2018/
Wait OP!
This thread is about to be bombarded with anecdotal experiences and subjective feelings and “Well, I’ve always been happy with...”
Don’t accept that mostly-useless information. We actually have very detailed benchmarks for antivirus and there’s no point in relying on anecdotes for antivirus in 2018.
https://www.av-comparatives.org/comparatives-reviews/
You’ll be most interested in Performance. And yes, Defender is one of the worst for performance. Microsoft did a lot of good stuff, but very little for performance.
I think the author doesn't understand what hybrid-analysis is doing when you send it a javascript file.
If you look at the analysis details, their virtual machine is starting up a copy of WScript.exe to interpret the javascript code. The analysis is then based on watching the WScript process to see what is accessed. This means that whatever WScript does by default will show up in the report, and as it turns out, every item the author has marked as a concern is just the default behavior when starting up the script engine.
This can be verified by analyzing a dummy javascript file and seeing what it reports. My upload of
function(hello, world) { } wasn't large enough for it to trip the heuristic of finding shellcode, but pretty much every other item was hit. Blindly trusting automated analysis can lead you down incorrect paths.
Also, does it seem likely that the government has coerced cloudflare in to hosting a backdoored version of a javascript library? Furthermore, does it seem likely that they would burn a zeroday exploit against a javascript engine allowing a sandbox escape strong enough to even run shellcode in the first place?
You are confusing anti malware and anti virus. They are two different things. And both arguably vital. Plus your advice is a little off. Although windows av has improved, better (and still free) AV is available. I'd recommend Avast, but research your own if you prefer, lots of independent comparisons.
According to AV-Comparatives June 2015 real-world protection results (pdf) Kaspersky and Bitdefender are #2 and #3 of the best performing antivirus software currently available with 99.8% and 99.7% detection rates respectively. Avast isn't doing too bad with 98.8% at #9. I'd hardly call that "failing miserably". In AV-test.org comparison both Kaspersky and Bitdefender got a perfect score.
The reason why Spyshelter and Comodo do so well in OP's tests is because they warn about practically everything, they have huge amounts of false positives (for example comodo has been known to give several warnings upon opening notepad). An unexperienced user has no way of knowing what is actually malware and what is not, which easily leads you to click "allow" on everything by default.
The one security suite that is actually failing miserably is Windows Defender, which came dead last in both tests.
clamav is a pretty decent alternative.
There are less threats focused at linux so as long as you stick with the sensible defaults provided by the distribution and don't download anything silly you should be fine.
Sorry for hijacking your comment but I just wanted to warn people really quick that in the chat on the clip a guy is spamming some suspicious links.
This is his profile: https://overrustlelogs.net/stalk?channel=pokelawls&nick=amokachi3
One of the links ending in "w4k" is one of the first messages in the clip chat, please be careful to not click it.
Update: I had it scanned here: https://www.hybrid-analysis.com/sample/f86b43be34db7118460b78b6b4764393f2ff15dd8743bb18af6167e0f764115e/5be9f3737ca3e101ce45a1d5
Doesn't look too bad, probably just an attempt to generate some ad revenue.
>der braucht extra Schutz,
Nö. Im aktuellen Test bekommt der Windows Defender volle Punktzahl bei der Schutzwirkung. Abzüge gab es lediglich bei der Performance und Usability.
Defender has also been consistently ranked dead last by AVTest, which doesn't rely on advertiser money like PC Mag.
It just doesn't detect as much malware as other AV products.
I got a message on Steam of a .scr file (which is really a virus, diguised as a screensaver). I saved it, and opened it in dotPeek (a C# decompiler) which allowed me to see the (pseudo)source code. The strings are intact, which allowed me to see this.
For a full analysis go here: https://malwr.com/analysis/MWU1NzE5MTgyN2RlNGYwNDllMDhjOTlkOGE5MzdjMTY/
Communicated with those same two domains from the forum post (gubuh.com and goquc.com) and it turned out to be a RAT/NJRAT :Z
MS seem to be aware of the problem, so if you have telemetry on and Avast/AVG installed, MS should be able to delay 1803 upgrades.
Before people start preaching Windows Defender for all use cases, outside of this (admittedly, pretty bad) edge case, 3rd party AVs still seem to have superior numbers. Better protection, better performance and less false positives.
Main upsides of Windows Defender are:
- guaranteed compatibility with feature upgrades
- not having a paid version to advertise
- having the biggest userbase (more data for cloud protection).
https://www.av-comparatives.org/tests/real-world-protection-test-april-2018-factsheet/
https://www.av-comparatives.org/tests/performance-test-april-2018/
Also, this is a post about a news article about posts from this subreddit. We've come full circle.
Another thing is whenever you download ANYTHING, not just pirated media, you should scan it first with an antivirus that you trust before you open or execute it. It's a good habit to put into practice so that you don't accidentally end up having to reformat your whole computer because you didn't bother. This includes stuff from Google, Microsoft, Mozilla, etc.
Also, http://www.virustotal.com/ is a very handy website for exactly this sort of thing.
Source? Everyone always says this but no one actually provides evidence.
(i use ESET fyi)
EDIT:
from below
The links are all the same.
File detection: https://www.av-comparatives.org/wp-content/uploads/2016/10/avc_fdt_201609_en.pdf
Windows Defender is dead last. However, context is kind of important since dead last still only means one percent were missed, with the best being only a tenth of that. That's 99% versus 99.9%.
Can't be bothered going through the rest. Point is that calling it "hot garbage" is, at best, disingenuous.
I use Kasperky Internet Security 2015, which your list said impacts performance badly. The second site /u/jusu linked literally gave it an award for being the best consumer antivirus for not impacting performance. And from personal experience, I have it running right now and it's using 0% CPU and less than 100 MB of RAM. As for detection, the same site gives it top marks. Finally, I have not noticed particularly long updates. It does frequently tell me that it had trouble updating, and I have to go in and manually press the "get updates" button, whereupon it updates and doesn't give me any more trouble. All of this for $4 per PC protected per year. Throw in some common sense and you've got an all-around excellent security solution.
Evo ako nekog zanima, attached fajlovi su identični, oba su sa r00 ekstenzijom koju otvara WinRAR ako je instaliran, ali su kompresovani ACE arhiverom koji je stari format i često se koristi da se izbegne AntiVirus jer ga retko šta otvara, i ja sam se namučih da ga na linuxu otvorim mamicu mu.
Kad se otvori nema PDFa nego SCR fajl, znači Windows Screensaver, koji se često koristi za trojance, backdoor, malware, itd. Ako se pokrene pravi neko sranje, analizom na virustotal, većina antivirusa bi ga našlo i sprečilo pokretanje:
i detaljnija analiza ovde https://www.hybrid-analysis.com/sample/53bb3b98296181baf4827da2c066e94ff596beb80df895b5040447abf54dd375
čini mi se da krade kredencijale za sve i svašta, ali ne provaljujem još šta radi dalje sa njima, verovatno ih šalje negde.
Eh, only stating that he needs to be able to substantiate his claim as what he is saying is rather flat and can be read as hearsay. (E: Ok, hearsay might not be the right word for it, but I hope that it gets my opinion across.)
AV-Test does alright with its criteria, but AV-Compare I feel does a more thorough comparison (even though it might not be the most current at times).
Whether or not the AVs in question are better than MS' is a slightly different discussion.
But you are right, MS' does have the highest performance hit (p10) while having one of the lowest detection rates. So that does takes my post from scholarly advise to calling him out I suppose.
Finally, someone here is using actual data instead of opinions. Here's another independent testing company.
https://www.av-test.org/en/antivirus/home-windows/windows-7/
While there are a number of strong performers, and everyone has their favorite. One thing for certain is that Windows Defender and MSE rank dead last in protection. Check the previous tests and you will see this is a consistent result.
Note: If you use Windows 8 or XP, click on the relevant link to see testing results for your version of Windows.
Time to re-read https://www.reddit.com/r/steam/wiki/secureyouraccount as a checklist to see if you missed a step. Also while users have their preference, all AV/AM are not equal and you better go with 5 star ones.
Actually, Windows Defender was pretty good 2-3 years ago, but has really fallen behind.
It's dead last here:
https://www.av-test.org/en/antivirus/privat-windows/
And I'm sure if you google for other tests, the results will be similar.
It's absolutely a malicious file. Here is the link so the sandbox report for the executable linked inside the js file.
Hello, how is 2005 treating you?
Norton these days is a better AV than what it used to be. It used to be a resource hogging bitch that wasn't good in detecting anything.
See https://www.av-test.org/en/antivirus/home-windows/ and http://chart.av-comparatives.org/chart1.php.
AV-comparitives ^(PDF) found Microsoft to do about as well as any third party vendor. They last released a report this August.
According to the independent org, AV Comparitives, it's actually pretty mediocre where security is concerned. Of the AV solutions they tested it had the second worst rate for preventing vulnerabilities, with a block rate of 98.4% where all but ESET and Total Defense hard 99+%. Their performance testing does agree that ESET is lightweight on end user devices though.
https://www.av-comparatives.org/tests/real-world-protection-test-february-may-2019/ https://www.av-comparatives.org/tests/performance-test-april-2019/
Windows Defender has made a lot of progress over the years. Microsoft improved its usability and track record on dealing with Zero-day threats. Also, System Center Endpoint Protection (Microsoft's Enterprise Anti-Virus) uses the same technology, so your basically getting enterprise support for free.
Read a couple of independent AV reviewers - https://www.av-test.org/en/ for instance. They will say which is good at what etc.
I personally think 360, Avira are pretty good.
I wouldn't recommend no AV; well those who say they don't have any AV installed and claim they never had a virus... well. If you're a malware designer would you wanna be obvious to the user?
As it's been sort of a weekly topic around BAP:
No big deal. For one, every respectable AV suite (including Windows Defender) has a very high detection rate. More importantly, keeping your software updated, in particular your web browser and OS, comprises nearly the totality of protection you need. It's not just AV companies that are concerned about security, but all the people and companies that make your individual software programs and websites you see. Ensuring your protection keeps their reputation intact. Active AV protection mostly just gets in their way trying to maintain their own security solutions, not to mention degrades your machine's performance. Add common sense and you're exceeding unlikely to ever get infected.
Windows Defender is fine in the sense that it's built into the OS, which means security solutions implemented by everyone the world over are already accounting for its presence (as opposed to third-party AV software), and most of its performance penalty is in shuffling files around: if you're not copying files around between drives constantly, you should barely notice it.
You absolutely still want an AV handy to manually scan downloadables.
Literally from Lookout's website:
>a “virus” is a program that replicates itself by attaching to another program. Hackers often used this method to spread their nefarious work, and virus became a popular term to refer to all types of malicious software (malware) on computers. In the case of smartphones, to date we have not seen malware that replicate itself like a PC virus can, and specifically on Android this does not exist, so technically there are no Android viruses.
We already have clamav. Ideally we won't have to worry about viruses though. GNU/Linux has lots of sandboxing solutions and if we can get it to the point that sandboxing "just works" then you can run any virus you want and barring any rare sandboxing escapes you should be fine as it'll only be able to trash the sandbox and read any files/folders you've given it access to. We also have AppArmor and SELinux which can literally stop would-be 0days in their tracks.
You realize that Security Essentials gets ranked at the bottom of the heap in protection by far. It's so far outside the norm (0.5 stars), that it ranks a full 2.5 stars behind the next closest protection from "Threat Track", and 4 stars below a popular virus protection. Security Essentials is god awful.
And before you claim how fast it is, it's slower than many other virus protection apps as well, and is somewhere around average.
https://www.av-test.org/en/antivirus/home-windows/windows-7/
And on Windows 8 the performance is even worse than Windows 7.
Shout out to the wonderful AV-Comparatives that has long been the source of knowledge on AV results and performance. Here's their most recent Real-World Protection Test: https://www.av-comparatives.org/wp-content/uploads/2017/07/avc_prot_2017a_en.pdf
Top honors to the highest ranking ones this period:
- Bitdefender
- Panda
- Tencent
- Kaspersky Lab
- Symantec
- VIPRE
- Avast
- AVG
- AVIRA
Many of these are free products and not from a known cyber-attacking country like Russia (or the US).
Solved by using Hiren's BootCD:http://www.hirensbootcd.org/download/
Has a "BIOS Master Password Generator Collection of password generator tools to reset BIOS Power on Password / Admin password on Dell, Fujitsu Siemens, Compaq, Hewlett Packard, Phoenix and Samsung Laptops"
NOTE: I tried copying off the exe file of the tool from usb stick but my AV promptly removed it, stating it is a trojan horse.
Virustotal result: http://www.virustotal.com/file-scan/report.html?id=7a12455f194d01ec2f73c64413596b8f2554bf2150f2183ae67b5e4b93db0e7b-1299320224
From what I gather the executable is packed in a way to make decompilation difficult, this particular packing sets of a large number of Antivirus applications, including the one used at work, it is a false positive.
[](/solved)
Why would you assume that a core Windows program that's now getting tons of updates and easily competes with paid antiviruses (according to av-test.org) would be garbage forever? It's not perfect, but at least they started working on it.
And a Google search backs up my observations.
And do you have a better solution–as a professional–to finding out whether an anti-virus program has detected a virus than checking it's logs?
I struggle to think of one, but I may not be as capable as you are... Lol
Putin: "Use Kaspersky antivirus, it has the lowest false positives rate." /s
Yes, Malwarebytes is solid. This guy is wrong. You absolutely should use anti-malware if you aren't very knowledgeable with computers, Windows Defender is not as good as the better ones out there like Avast, BitDefender or Malwarebytes.
Yes, they are annoying and if you know what you are doing and security isn't a huge deal for you, then you can get away without using them. But just being smart still won't leave you fully protected.
I am a programmer and I'll tell you there are tons of threats that someone doing everything right might encounter and Windows Defender won't spot. I don't use them personally with full-time protection, but I have it installed.
One of the issues with these newer web-based Node.js/npm applications out there is they use dozens, if not hundreds of outside dependencies, which themselves use dozens more and are constantly updating. If anywhere in that dependency chain gets injected with malware, everything using it could get infected as well (which I suspect might be what's happening in this case).
Just uninstall the virus..
Windows built in anti-virus is as good as any commercial option:
https://www.av-test.org/en/antivirus/home-windows/
And without ads that most "free" AV packages, and without being a CPU hog.
MSE/Defender works but is far from a "top performing" antivirus. It usually lands between the bottom and middle of the industry for catch and false positive rates. The main benefit I see is being included in windows, having a small footprint, and not bothering users too often compared to some other antiviruses.
Here's one of many sources to support the mid-tier catch rates (check page 8): https://www.av-comparatives.org/wp-content/uploads/2017/07/avc_prot_2017a_en.pdf
The management also relies on SCCM and Intune, which while not a dealbreaker does add to complexity to get the management features of other antiviruses.
kheprisetup appears to be dropped by various installers (possibly from questionable download sites...):
File-Cat.Goes.Fishing.v11.13.2019_31819.msi
Mario-Superstar-Baseball_8212.msi
Mari.7z_25622.msi
DUSK.v1.7.24.rar_10788.msi
Spotify_56798.msi
If only one software picked it up on Virustotal, then it's very very very unlikely to an actual virus. It's a false positive in that case.
In general, if it's not detected as a virus, it would at least be detected to be a encrypted/compressed exe, which is mostly flagged as suspicious or generic.
If you want an even more in depth analysis than VirusTotal, try hybrid-analysis , although most of its technical.
As far as protection goes its tied for 1st place with the other big names, overall it's ranked I think at #7 due to performance, it slows apps down. https://www.av-test.org/en/antivirus/home-windows/
It is literally one of the highest rated AV.
Their labs are (were) crucial in virus testing.
I understand this is changed because of their connection to the government. But it doesn't rewrite history. People used them because the product was good.
It used to be good. Quoting from its wikipedia page:
>It secured AV-TEST certification on October 2009, having demonstrated its ability to eliminate all widely encountered malware.
But then declined in quality:
>it lost the certificate on October 2012, having shown a constant decline in protection and repair scores. In June 2013, MSE achieved the lowest possible protection score, zero.
The newest tests from AV-Test.org ranks it the lowest with a score of 0.5/6.0 in protection. (Windows Defender in their tests as that is the equivalent of MSE for Windows 8 and up).
The one case where I'll accept AV software on Linux is where the system regularly exchanges files with Windows and macOS clients like file servers or mail servers. Otherwise, it's mostly pointless on desktop if you exercise common sense and stick to the repos. That said, if I need an antivirus program on Linux, I reach for ClamAV.
Sauce: {Seishun Buta Yarou wa Bunny Girl Senpai no Yume wo Minai} /u/Roboragi
[Template](/r/MemeEconomy/comments/9zj1q6/meme_format_with_a_lot_of_potential_invest/ea9inq8/)
ClamAV is tried and tested, use it on most of our RHEL and CentOS boxes
Edit: if the box is used for data transfer, ClamAV is a good tool to ensure that data is clean, i.e an internal SFTP server used my employees may also be used by them for personal reasons (maybe they are not meant too but there is no technical restriction on this), Having some sort of AV would at least stop them using that for storage of malicious files.
As with all AV it will need a degree of human intervention to stop it identifying false-positives, MS .dll’s are a favourite to get blocked in error.
It's not that it is incomplete, it is outdated advice from 5 years ago.
Today you will get compromised just by trying to read your local newspaper that had malicious javascript embedded into ads (happened here. Twice.) If it's not your local newspaper it's the WSJ, or pandora, or any of the number of sites that let anyone embed whatever code they want in their pages as part of advertisements.
I've seen people get compromised by drive by java exploits after clicking on the top result from a google search. The idea that people are safe if they just don't download things is completely false.
Oh, and even reddit has had this problem
Here is the virus total link from that event. 5 out of 41 anti-virus programs detected it.
NO
Seriously, people keep reccomending Windows defender but it is horrible when it comes to protection.
It regularily scores 0,5/6 over at av-test.org, people should not use it.
Also some general advise on AVs, when people say "I've never had a virus" that basically means "My AV never found a virus". This isn't the 90's where malware was all flashy and you got a small bomb on your PC, a trojan or a rootkit will make sure that you'll not notice it for example.
(Sorry for the bolding but this is a serious issue).
Edit: And as per usual that gets downvoted..
https://www.av-comparatives.org/tests/real-world-protection-test-february-march-2019-factsheet/
Honestly, it's a waste of money. PS, the line graph in this composite is referring to false positives, not anti-virus effectiveness.
I'm here before the inevitable flood of brainlets thinking they're smart and saying to use Windows Defender, or even worse, Le Common Sense 2018 xDdd.
Windows Defender has the worst performance impact.
It also has relatively high false positives and is vulnerable to any malware that runs as administrator as it doesn't have a proper self defence module. Before you say some shit like just don't run shit as admin, think about installers. CCleaner once was compromised and had a malware infected installer on their official site. Obviously you'd run that as administrator as it's expected and trusted.
If you want a good, free option, use Bitdefender or pirate Avast (it's stupidly simple and completely safe to do). If you're looking for something paid, get Kaspersky or Emsisoft.
> I've had Windows defender off for about 4 years or so
Turn it back on ;)
Windows Defender is one of the best AVs out there (it's come a LONG way since the early implementations), and it can automatically scan and prevent lots of stuff. You can explicitly scan if you suspect something, but in general, everything downloaded automatically gets flagged for extra scrutiny these days anyways.
https://www.techspot.com/news/81396-windows-defender-ranked-joint-best-antivirus-program.html
https://www.av-test.org/en/antivirus/home-windows/ - for the latest ratings
There were a few other independent rankings too that it topped around the same time, but I forget those.
Recently it looks like there's been some AdWords buys by a bunch of people looking to make a buck selling Norton and BitDefender - but if you look at the arguments against, a bunch of it is nonsense...
Have you tried it recently? Antivirus testing companies give it an almost perfect score. After having bad experiences with avg, kaspersky, and bitdefender I tried Norton and have been generally happy with it for a little over a year now. It has a pretty shitty reputation as well but besides the toolbar plugins it bugs you about its pretty slim, fast, and effective.
Source https://www.av-test.org/en/antivirus/home-windows/windows-8/
Edit For the record Im only wondering. I haven't used mcafee in over a decade, so I have no bias either way.
It consistently ranks last in real world protection tests. I would not rely on it.
https://www.av-comparatives.org/wp-content/uploads/2016/10/avc_factsheet2016_09.pdf
Avast or Avira are 2 free alternatives that offer much better detection rates. Why take the risk?
there is a german company called av-test. they do frequent tests of all better known AV applications. you could check out there current ranking. https://www.av-test.org/en/compare-manufacturer-results/
greets from magdeburg, Germany. the home of av-test :P
I've heard that from other consultants too; but it is genuinely my experience. I deal mostly with the domestic side, so perhaps it's a difference of environments; maybe Microsoft focuses on business-grade threats.
In any case, I've certainly found it to be a thing. I often expose a clean virtual machine image to novel viruses I find in the wild, to test anti-virus capabilities; more often than not Defender misses them.
Edit: Nope, even in business environments it sucks. I suppose arguments that it doesn't are either anecdotal or bias.
https://www.av-comparatives.org does in-depth analysis of different AV softwares. Some that consistently perform well in lab testing are; Avast, AVG, AVIRA, Bitdefender, ESET, Kaspersky Lab and Panda. There are others, and different ones perform better in different scenarios. Windows defender generally underperforms most other third-party software.
There are people who claim that AVs aren't necessary if you actively monitor your browsing and don't compromise yourself which is true to a degree, but that assumes you make virtually no compromises to the security of your machine or mistakes in regards to browsing and connection habits.
Ideally you do your best to maintain the integrity of your operating environment through secure practices (security policies, firewall configuration, system and network monitoring, supplementary software, safe browsing habits and etc.) and Antivirus software helps to filter whatever gets through the cracks. Most people skip the first part, so the AV plays a more critical role.
Here you can see an extended report from the infected file: https://www.hybrid-analysis.com/sample/e4a57be9a6e1f7d8c6e9cf8eecc04ee51624e6d0874932a667f2cdbafb61d222?environmentId=120#special-strings
Connects to:
47.104.134.234:3333
Login string:
{"id":1,"jsonrpc":"2.0","method":"login","params":{"login":"WmtVJYtVVhRhK3dgnerGn5Ufu8CAwUvcgPQM6EbX9sdAEDXRW2sV3pifsaYqmKNW48C8EUbAEUqr8JeXkRkwR9WA135TuuR2U","pass":"x","agent":"bdcam/4.1.1371 (Windows NT 6.1) libuv/1.15.0 gcc/7.3.0"}}
The best option is to delete McAfee and use windows defender instead. Windows defender got full points in the most recent test by av-test here. I use windows defender and never had a problem with malware, or the output folder being deleted.
It can come in with any attack vector, not just shady sites/material. Especially since it's the worst at detecting viruses
https://www.av-test.org/en/antivirus/home-windows/windows-10/
MSE catches almost nothing. It's basic and does not offer many options. MSE is a joke
You wanted a source? Here is one: http://www.howtogeek.com/173291/goodbye-microsoft-security-essentials-microsoft-now-recommends-you-use-a-third-party-antivirus/
And here is a ranking of AV solutions: https://www.av-test.org/en/antivirus/home-windows/windows-7/august-2015/
You can look at a comparison here. The free built in AV from Microsoft had a fair placing with 99.5% protection, but got dragged down because of "user dependent" problems. They were tied in second place for number of compromises, which are infections that the AV never caught. User dependent means that the user will be warned, but still allowed to install after clicking "install anyway" or something similar. There are several antiviruses that place better even though the have more infections that are not caught at all because of this.
My opinion: As long as you don't think you know better than your AV, just use the free one from Microsoft.
This is a false positive.
Whenever you want check something like this, also check a known innocuous file. I exported a png from photoshop consisting of a single magenta fill. Using malwr, I scanned it and got the same two signature matches: https://malwr.com/analysis/ZGUwZjcwYzY2YTZmNDk3MWFhOTEwNmM2NmQ5NGVhNGU/
Note that these are SIGNATURE matches. Clearly something is triggering this, but I'm not sure what. No part of those values shown under "signs" actually appear in the files.
Note that none of the strawmen files that I've seen(including the large jpg mentioned) actually contain "strings that are used in other pieces of malware."
Edit-before-I-even-posted:
I created a file, filled it with ascii gibberish, named it gibberish.exe and uploaded it to malwr. Here's the full contents of the gibberish file:
fasfaf;sdfkh'hdignipasgiasdgipasdghighighighivmse[pm8uvtopawr8tvo;srm,
here's the scan result:
https://malwr.com/analysis/Mzk5N2NjODQ5MDhkNGM1ZTk4YzkxNzEwNjJlM2MzM2Y/
Either their virtual machine used for scanning has a virus on it, or their software is misconfigured.
Surprise Ransomware. Se instala via TeamViewer.
Really? According to this report by AV-Test (an independent security agency) Windows Defender is still just as effective as its competitors. The advantage of Windows Defender in my opinion is that it doesn't slow your computer down or mess with the network settings, as I've seen some antivirus programs do during my job as IT support at my university.
Independent testing of AV products show most detect 99%+ of KNOWN malware. It's the 0-day that is much more difficult. https://www.av-test.org/en/antivirus/home-windows/
Most users will be running into known malware, if they run into anything.
I completely agree with you about Noscript and add to it the importance of running an adblocker because Ads are well known to serve malware to otherwise safe sites.
Either way it's not a competent enough antivirus to be used on its own. In every performance review, Windows Defender had the poorest protection of all other tested AVs out there, both free and paid.
I haven't been keeping up with AV news lately, but a while back I read a test where essentials came out as the best of the free AVs.
Windows 10 Anti-virus is Windows Defender ( based on Microsoft Security Essentials). check the latest tests for how well it does. https://www.av-test.org/en/antivirus/business-windows-client/
Careful guy, you don't have to use McAfee, but Defender has consistently ranked dead last in third party tests, by a wide margin, in malware detection.
Ya, that's not always the case here on reddit. This is one of the replies on the OP:
>This is a perfect example of Reddit, OP knows quite a lot about AV and most of the people know very little so his message becomes accepted as truth. After almost 20 years in the AV industry I can tell that the list is not bad, but it's nowhere near accurate. Especially the protection level estimates are not very accurate. http://www.av-comparatives.org[1] and https://www.av-test.org/en/[2] are good starting points to form your own opinion. If you'd like to get an invite to a beta group for an AV, mostly production quality, often better since we can fix bugs faster, drop me a PM. You can also go to beta.f-secure.com and apply directly, but it might take a while to get in unless you PM me.
ClamXav has been around for a long time, is free and is frequently updated.
While some people love to point out that you don't really need anti-virus to protect your Macs, it's good practice to run it anyways to prevent accidentally spreading anything to Windows machines on your company's network.
I've used them all, and the thing is they all change over time, not just that, but each has it's own sets of strengths and weaknesses, so I honestly suggest instead of asking here you read AV Comparitives. You also need to keep in mind what kind of regulatory compliance you might fall under, HIPAA, PCI, etc.
That being said, due to some recent issues with questions about foreign spy infiltration of AV vendors like Kaspersky, I would suggest favoring same country vendor, eg, USA vendor if you are in the USA.
I would also suggest considering MBAM business in your list, not a pure traditional AV replacement, but a more practical approach to protection.
Those combined with a HIDS like OSSEC and a bit of hardening with EMET 5.5 should give a good baseline defense.
Windows Defender has a detection rate of 99,3% in the most recent test and scores full points in usability, performance and protection which is pretty good for a free product.
Really not familiar with it. I don't think MSE is available in Windows 10, there is only Windows Defender.
Avira tests well against other AV. Windows Defender doesn't do well in the protection category, not just on that site but I've seen it mentioned elsewhere too.
As far as I know, MSE has gone downhill lately. Try Avast, AVG, or Bitdefender.
https://www.av-test.org/en/antivirus/home-windows/windows-7/
Av-test agrees with me.
EDIT: And then milkofthedog comes in with a quality post. Also yes, props to anything Sophos. They have a good Android AV, too.
Personally I live with just Windows Defender and a manually triggered MalwareBytes scan every week or 2.
I'm quite cautious and I don't really do anything risky so am probably less likely to get a virus than some. I might consider a separate AV if I displayed more risky behaviour (torrenting and such like) as Windows Defender apparently has a poor detection rate these days in some tests, e.g.,
https://www.virusbtn.com/vb100/latest_comparative/index
https://www.av-test.org/en/antivirus/home-windows/
Avira Pro, BitDefender and Kaspersky seem to win overall in that last link (although that's form Win 8/8.1 not 10)
That used to be the case, yes. It was so bad that AV Comparatives dropped it from their reports for a while. That's been fixed for quite a while now:
AV Comparatives does a regular tool-review/analysis here: https://www.av-comparatives.org/mac-security-reviews/
> "I'm currently running a Macbook Pro with El Capitan"
If it's capable of running Sierra.. you should update it. Major releases of macOS contains lots of security fixes. NOT updating and expecting 3rd party products to protect you is a little faulty logic.
As others have said.... scanning with Malwarebytes is a good start. "CCleaner for OSX" is also good (although it's not an Anti-infection tool.. it's just a Disk/Temp cleaner.. but still a good idea)
Many of the large vendors offer free scanning tools. I'd look at ESET, Sophos, ClamXav, BitDefender, Comodo, Mcafee (Intel),
Malware will often arrive as a weaponised Word or PDF document, as opposed to an executable binary such as an EXE file.
It's often worth reviewing your SPAM folder or creating a dedicated email address with which to sign up for lots of junk. You'll soon get a load of samples coming in.
I'd also recommend checking out the likes of Malwr to download and review samples.
And as a extra precaution, analyse samples in a virtual machine to Prevent accidental infection of your own machine. I'd personally suggest REMnux which is a Linux district specially designed for malware analysis.
Good luck!
You're really overthinking this. Just create a Linux Live CD, boot from that while having your HDD disconnected and then plug the drive in. Use some virus scanner from Linux to make sure it's not infected.
Normalerweise reicht der Windows Defender. Windows hat hier in letzter Zeit deutlich aufgeholt. Ansonsten finde ich diesen Link sehr hilfreich:
https://www.av-test.org/de/antivirus/privat-windows/
Nachtrag: Das Für und Wider muss jeder für sich selbst abwägen. Ansonsten ergänzend als Denkanstoß:
I don't understand why people constantly recommend defender when it's consistently rated by 3rd party testers as one of the worse AVs for protection. The only real benefit that Defender has is that it is invisible to the user.
Was wondering if it really was that bad. Was kinda shocked to see that the protection score it got was 0.5/6.0 on AV-test.org. But on closer look it still has 80-90% detection rate, so at the very least it's better than not having anything installed or having an expired antivirus program that will stop updating the virus definitions...
With all due respect, that's not an empirical source.
These 2 sources says otherwise:
https://www.av-test.org/en/compare-manufacturer-results/ http://www.av-comparatives.org/wp-content/uploads/2015/07/avc_prot_2015a_en.pdf (look under Summary Result).
I have little first-hand experience working with Macs but this is the first thing that popped into my head. It's the Mac version of ClamAV. It doesn't have the bells and whistles of most AV software, but I've had very good experiences using it on Windows and Linux.
Incidentally, trying to Google for good Mac antivirus brings up a ton of MacRumor forum posts where people still claim the Macs are immune to malware. Never listen to those tools.
- Repost.
- Hotel.
- av-test.org antivirus test results
- av-comparatives.org antivirus test results
- Trivago.
According to AV Comparatives it's good...
https://www.av-comparatives.org/enterprise/comparison/
We don't have the Defender ATP that comes with the higher end M365 licenses so I can't say from experience.
I'd avoid Avast if I were you, I was a long term user but after finding out about them selling user data I quickly moved on. Do a quick google search and you'll see it's been pretty well reported now.
https://www.av-comparatives.org/tests/real-world-protection-test-july-october-2020/
Microsoft Defender is as capable as any other antivirus solution, so that would be my suggestion as it is free.
Is this AV popular anywhere? Doesn't seem to even be tested by AV comparatives monthly testing. If they can't even pass that test, it shouldn't be trusted by anyone ever.
This test against Symantec isn't exactly them shooting for the stars either. PDF
Ignore specific recommendation, often people recommend what is easy to use.
Make up your own mind, there are two sites that assess security software:
No. It's a rumour spread by the west so you use American made anti-malware programs so that they can access your data.
Here's the truth - even if Russia had put a backdoor into Kaspersky it'd be no different than literally every big name American anti-virus. Your data (unfortunately) is being passed on and used constantly whether you like it or not.
At the end of the day Kaspersky has scored the highest consistently on performance, reliability and security. It's joint first with Bitdefender with VIPRE coming in second Source.
I wish I was being paid for this but I'm not so here's my genuine, personal 'review' - Kaspersky has almost never slowed down my PC even when doing things such as full scans and other shit like that. It's constantly found threats almost instantly whenever they're on my PC (although that is rarely because of Common Sense^TM). The ONE time I've ever had a severe virus on my PC it completely took control, reverted the changes done to files, fixed everything and then restarted with a detailed report of what happened.
The downsides of Kaspersky? It's Russian - scary. Except it's not but I can't tell you how to live your life. The actual downside? Large Windows updates can cause incompatibilities and ultimately a few BSOD's. The blue screens are not bad at all though and do not harm your PC - it's Windows response to finding an important, low-level driver that it feels is broken or could cause damage. Although I admit there shouldn't be BSOD's at all and that's absolutely Kaspersky's fault for not fixing issues before updates are pushed through to W10. Other than that it can sometimes be annoying to use the UI but I can't name much else.
Consider uploading the pdf to https://www.virustotal.com/ or https://www.hybrid-analysis.com/. These sites will analyze the file for you or run the file in a sandbox to determine if the file contains malicious indicators or has been flagged by AV products.
Absolutely, i used dynamic analysis provided by an online sandbox called Hybrid Analysis. It will take an executable and run it in a virtual environment and watch what it does and simulate a basic user. It will then spit a report out. Here is the report that i used to provide this advice. It might not make the most sense to you but i'd be happy to go into a little more detail if you would like?
Honestly I don't know much about the network side of things. We have 2 network guys and 3 systems guys (I'm one of those), and I handle mostly the servers and clients. Pretty sure we are doing port mirroring for our domain controllers for Microsoft's Advanced Threat Analytics (ATA), but it wasn't ATA that alerted us to the virus. We have a lot of things in place to detect intrusion, and what got us to notice was Configuration Manager (Endpoint Protection) alerting us that it found a virus, and our IDS appliance notified us about that PC reaching out to botnets. For forensics we were looking at our Websense appliance for where it was going, and our Juniper firewall as to what went in/out based on packet sniffing. We use Splunk to aggregate all of our logs for easier searching, and I used the Event Viewer on the local machine to figure out timestamps of when everything occurred. I then used a website online to analyze the virus (https://www.hybrid-analysis.com/) and then read thru the virus's code to determine what it was trying to do. We as a team spent about 2-3 hours on it where network was figuring out where it went, systems locked down 2016 macros from internet originating documents in a GPO rolled out thru an emergency change, I did as much forensics as I could, and our help desk reimaged the PC.
You don't really need an anti-virus on Ubuntu so long as you pull software from Canonical's repositories. However if you do plan to download a lot of pre-compiled software from third party source, running something like ClamAV can't hurt.
As far as speakers go, VMWare should handle everything for you. It's when you run Linux directly on unsupported hardware that you get these problems.
Lastly, cheers to you OP. Hope you enjoy yourself.