Ask ExeTools: Best Antivirus & AntiMalware 2017

[SKiLLa]

All the major hacks and Advanced Persistent Threats (APT) stats show that AV solutions don't work; sure it might flag a really really well-known malware family in your mailbox or dubious website; but any 0day variant will - by definition - not be detected; even heuristics won't help much for bigger campaigns (malware developers test as well you know )

It's also shockingly easy to take any random well known malware family and make it undetectable; it's even - probably the easiest - part of the OSCE exam.

Then add the fact that for performance reasons it will not even detect really old malware anymore and performance-impact is still noticable; I can't recommend ANY (locally installed) antivirus/malware solution to start with.

Even very expensive enterprise ones still have false positives and true negatives and thus using AV-solutions can actually give a false sense of security; you're not as secure as you think your are.

Have it on the mailserver doesn't really hurt; but for local stuff, just do your updates, use a restricted account and the OS built-in firewall (assuming recent OSes, not talking WinXP here). For playing with untrusted downloads just use a VM with optionally Sandboxie within that VM and rollback to your snapshot afterwards, just to be sure.

For non-tech savy people / "end users", just scare them to death to never ever click any fake updates, download or bill they got sent by e-mail and install the AV that got first place in a big AV test for this Quarter (like: best effort for the given moment).