Resources‎ > ‎

AntiMalware

What anti-virus should I use?
Pick one.  ONE.  Keep it up to date.  Use it.  It shouldn't involve that much time in your life.

A lot of us in channel use either MSE (Windows 7) or the built in Windows Defender (Windows 8/8.1/10).  We find it works just fine for our use cases combined with following the basic security practices.  That said, many people have strong opinions and like to argue them in channel.  It's fine.  People tend to gravitate towards solutions that work for them and stick with them.  If they have an issue with a product, they tend to never use a solution/brand again and sometimes strongly advocate against them.  We're not a sales channel and which AV solution is 'better' is a complex thing depending on a lot of variables and oft times opinions.  Asking random people on an IRC channel for 'the best' won't get you 'the best', it will get you the choice people made for their own needs/reasons.

Short answer, decide on your needs and pick one.  Combine this with other best practices for your system. 

Here are a few comparison resources:
Older articles
If you watch the standings over time, you'll see that various products climb and fall in the ratings. And that the test organizations often do not agree on product rankings. This is because "security" is not an absolute. We choose what is most important to us and we decide what levels of risk and protection we are comfortable with. 

Removing malware

The first question you have to ask yourself when attempting to remove malware from an installed system is: "How will I know when it is all gone?" And the simple answer to this question is - you cannot. 

All you can ever be sure of is that the most visible symptoms have been removed, and that your AV scanner doesn't find anything. But your AV scanner's failure to find malware does not mean that no malware is there. Additionally, removing malware will likely not rollback any changes that malware made to your system.

For these reasons, we feel that if you have evidence showing the malware has gained privileged access to system resources (EG the C:\Windows or C:\Program Files folders), you should strongly prefer wiping the infected system, rebuilding it from trusted installers, restoring your (malware scanned) data from backup, and employing better secure computing practices in the future.

That said, here are some malware cleaning resources.


Comments