Hi all
Why on earth would you want to cleanse a computer AFTER it's been infected -- any AV worth the name should not allow the AV in the first place (Real time protection).~~~
Because people sometimes do what they are told while installing stuff:
AV-Test labs attempts to simulate this during the "repair" test.
jimbo45 said:
.......1) If an AFTER the event / batch report flags your computer as having got an infection - pray tell me how do you know EXACTLY WHEN it became infected and WHAT HAS IT DONE TO YOUR COMPUTER SINCE......
That is not for the end user to know, that is something that can be approximated in a lab with imperfect pre-infections scans and subjective (even less perfect) post-infection scans (sort of like SFC does).
jimbo45 said:
....only Real time protection is any good....
...and if it is turned off while installing stuff? [I'm not commenting on the wisdom of doing so, merely stating that lots of vendors and support staff instruct users to do this.]
jimbo45 said:
....there isn't yet ANY such thing as a 100% secure AV program.....
Would you agree that there are some AV tools that are better than others? How is a user supposed to pick one?
Last edited by UsernameIssues; 20 Jan 2013 at 16:38.
Reason: typo
......These days attacks include things like "drive by infections" and all sorts of things we probably don't know about. User behaviour is also a necessary component in providing satisfactory protection -- and this requires a completely different set of skills to analyse than the pure "technical solution" which can be managed by the geeks in the AV company.
A big company like Ms can analyse 1000's of "bog standard users" etc, and probably has decent behavorial scientists at its disposal so is able to devise some sort of heuristic method for predicting a users pattern and dynamically providing a way of preventing infection.......
I've not thought about heuristics as encompassing what the user might do - I've always thought of it as what an infection might do (e.g. the same file/hash being sprinkled all over the hard drive). Thanks for expanding my definition. Have you come across any articles that mention AV tools' heuristics as covering the behavior of the end user? If so, I would like to read them.
I also look at this matter in a non anti virus expert because I'm surly not one.
1. Microsoft got into the anti virus business which cost tons of money with no prospect of making money by doing so. Why?
2. Microsoft backup and updates their anti virus program installed on a legal operating system for many years Free. Their for no pop up to buy something. Why?
3. Microsoft monitors there operating system customers to analyze what is needed. Why?
4. Microsoft had to know that they were bucking up against all the big brand anti virus companies and they still carried on with MSE. Why?
5. Microsoft had to have the understanding that all the big brand anti virus companies and their friends would be hammering on MSE for ever. They still continue with MSE. Why?
6. With all the free anti virus programs out there why is MSE such a threat to the big brand anti virus companies. Big brand companies and their friends keep telling millions and millions of people all over the world that MSE is not good. Why?
----------------------
Things most of us know.
1.I think most of us no that no security program is perfect. That is why many of us use a layered protection plan. This method is not 100% perfect either but it does improve the owner operator of a computer better odds of safe computing.
2. Most of us know that the way one uses the computer is very important to security.
3. Most of us know using Utorrent's and P2P is one of the best ways of getting infected. Many still do such things and no anti virus is going to stop the influx of infection. Why would a anti virus creator even try to protect such use of a computer? I wouldn't. We know what 99% of Utorrents are used for.
4. Most of us know that Microsoft knows its operating systems code better than anybody. Which gives them a heads up on security. We call them Windows 7 or 8 Updates along with MSE/Defenders Updates.
----------------------------
I do believe that Microsoft does recover some of the money and time for MSE and Defender by using the information they gather from their commercial business (Enterprise) paid for security programs. The information gathered filters down into MSE/Defender. There for helping with the cost of MSE and Windows 8 Defender.
I would like to say again, I'm no expert. These are just questions and thoughts that I have.
Computer Type: PC/Desktop System Manufacturer/Model Number: Home made Desktop OS: Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64 CPU: Intel i7-6800K @ 4.3 Motherboard: ASUS X-99 Deluxe II Memory: Corsair Platinum 16 gig @2400 Graphics Card: EVGA GTX 1070 OC Monitor(s) Displays: Asus 27" LED LCD/VE278Q Screen Resolution: 1920-1080 or 1280-720 HDMI Keyboard: Das 4 Professional Mouse: Logitech M705/MX Anywhere 2-S PSU: EVGA Platium 1200W Case: Phanteks Luxe Tempered Glass 8 fans/ one radiator Cooling: XSPC/ Water Cooled CPU Hard Drives: INTEL SSD 730-240 Gb Sata 3.0/ Internet Speed: 100 mbits Browser: I.E. 11 default/Firefox/ ISP Time Warner Cable/Spectrum Antivirus: Microsoft Security Essentials/ Malwarebytes Premium 3.0/ SAS Other Info: LG BluRay Burner/
Sound system-KLipsch-THX/
Icy Dock ssd Hot Swap bays.
Good summary, Layback. I've always said that MS would protect their OS's like the company's survival depends upon it, and it does.
The Security seminars at Global MVP Summit were the most fascinating of all as we learned how they spend literally unlimited amounts of money to track infections like global weather fronts.
They are under siege by the paid AV's so Mr. Norton can buy his annual Rolls from the suckers who shell out for his preinstalled bloatware, and Mr. MucAfee can run AMuc around the world murdering people like his AV murders OS's. It shows up in the fixed "ratings" with the huge banner ads for the paid AV's on the same page.
MS is to be commended for creating a good, free AV program. The impetus is most likely that Windows is highly susceptible to infection, and MS takes the heat for that. So they said "Let's provide a good, free alternative that will protect our customers, and take some of the heat of us as well". They also go after the bot and spam networks as well, and have had major impacts, although they are soon replaced by more of the same.
They took that further with Windows 8, built it right in to the OS, and turned on by default, getting updates through windows update. Gets all those slugs who can't be bothered/don't know any better/don't care covered with sufficient protection. I'm not going to say it is the ulterior motive that drives them, it really doesn't matter as this free AV program is there, whatever the reason. If they keep it up to snuff, and it protects as it should, and plays well with the OS, as it should, it's all good.
Yeah they gave comodo 2012 the same rating as mse, they recommend to use avg instead lol. I really dislike avg, and won't use that. I cleaned a system with windows defender offline which is from Microsoft last week and it removed some ransomware off a pc that had fake police alerts about having to pay a fine.
I know that one. I got it a work. The guy that came out to remove it had a tough time.
Computer Type: PC/Desktop System Manufacturer/Model Number: Custom Build OS: Windows 7 Home Premium 32-Bit - Build 7600 SP1 CPU: Intel Core i3-2120 3.30Ghz Motherboard: Asus P8Z68-V LX Intel Z68 Socket H2 ATX Memory: Kingston 4 GB DDR3 1333 mhz Graphics Card: AMD Radeon HD6670 Sound Card: Sound Blaster Audigy SE 24-Bit Monitor(s) Displays: Asus VE228 Screen Resolution: 1440 X 900 Keyboard: Microsoft Natural 4000 Mouse: Microsoft Custom Optical 3000 PSU: Corsair CX600M == 600 Watt Case: NZXT Apollo - Silver with Clear Side Panel Cooling: Three 120 mm Fans Hard Drives: OCZ Vertex 3 120 GB Sata 3 SSD ==
Kingston SH103/S3 120 G Hyper X 120 GB SSD ==
Western Digital 500 GB Caviar Green 7200 RPM == Internet Speed: AT&T Fiber Optic Wireless Network Browser: Chrome Antivirus: Microsoft Security Essentials Other Info: 120 mm Blue LED Fan -- Three Blue LED Lazer Light Sticks
Just to build MSE into Win8 they had to rename it Defender which has ridden along for two OS's now and therefore is grandfathered in under anti-trust laws around the world. Even then they are under siege by anti-trust lawsuits for daring to take some food off the plates of the thousand-pound bloatmonsters.
Personally, Im more focused on keeping this secure and preventing an infection from happening.
In regards to how well the remove infections, I really don't care too much. So long as they do good at preventing and real time detection/blocking.
The reason is, if I ever do get infected, it doesn't matter if the Av can remove it or not. Im going to roll back to a system image prior to the infection taking place anyway.
Perhaps Im wrong in my line of thinking, but thats what I would do.
Computer Type: PC/Desktop System Manufacturer/Model Number: Home made Desktop OS: Windows 10 Pro. 64/ version 1709 Windows 7 Pro/64 CPU: Intel i7-6800K @ 4.3 Motherboard: ASUS X-99 Deluxe II Memory: Corsair Platinum 16 gig @2400 Graphics Card: EVGA GTX 1070 OC Monitor(s) Displays: Asus 27" LED LCD/VE278Q Screen Resolution: 1920-1080 or 1280-720 HDMI Keyboard: Das 4 Professional Mouse: Logitech M705/MX Anywhere 2-S PSU: EVGA Platium 1200W Case: Phanteks Luxe Tempered Glass 8 fans/ one radiator Cooling: XSPC/ Water Cooled CPU Hard Drives: INTEL SSD 730-240 Gb Sata 3.0/ Internet Speed: 100 mbits Browser: I.E. 11 default/Firefox/ ISP Time Warner Cable/Spectrum Antivirus: Microsoft Security Essentials/ Malwarebytes Premium 3.0/ SAS Other Info: LG BluRay Burner/
Sound system-KLipsch-THX/
Icy Dock ssd Hot Swap bays.