Originally posted by Azza ☠:

Let me clarify.

I am an IT Security Expert.

BitDefender, MalwareBytes Premium, and Kaspersky are all application control, rather than just anti-virus definition based software. Detection rates of 99% and with that increased performance. They can unlock ransomware, etc. Checks for third party security holes to warn you into patching, have a firewall, anti-spam, anti-phishing, adblocker, and safepay isolated web-browsing, etc.

BitDefender goes as far as checking your email hasn't leaked upon the darkweb and will warn you about that, so you know to change your passwords, block your credit card, etc, if it's ever hacked, phished, or a website you got breached and currently for sale on the black markets.

A free version of that is available online to manually run: https://haveibeenpwned.com/

If you wanted to paid for a subscription, those features will make it highly worthwhile. You have peace of mind, full control and knowledge over your PC.

Kaspersky is linked to Russia, so some people might be wary of that. However, it's actually located in Sweden and operated by a holding company in the United Kingdom. Has a three step opt-in prompt into it's Cloud Network, otherwise works upon servers in your own country. It was one of the best anti-virus detectors. They had even managed to piss off the US Government, by detecting their NSA (government spying) virus injected into hard drive firmware, which others couldn't detect. They ended up with NSA documents/files sent to them for testing, when realised what it was, deleted them. Yet USA raided the Kaspersky employees anyways illegally, in which the staff open their own house doors and showed them all the source code, etc. It was fully tested and checked. US Government still banned it anyways without any proof of linkage found to Russia, just on the off chance that Putin twists them into privacy leakage.

As for Avast, I mentioned it would be a nag, but it's still one of the best and well known free ones available. I also mentioned to use SpyBot Free edition as a manual run only, to cover that detection range, yet not slow down the PC with a double up of anti-virus scanners.

Windows Defender isn't a complete anti-virus scanner and was never designed to be. It was created to drop out well-known virus definitions and remove those. It does that well, but can be bypassed. The idea was for it to prevent mass spreading malware and botnets. Previously users without any protection had millions of PCs infected into a botnet. They didn't even know about it, yet it was used to DDOS attack or proxy hack websites, governments and Microsoft, etc. With that Defender, Microsoft releases a wave of virus definition updates to just wipe it out.

Huge wall of text but I'ma keep it short. Seems that everyone's an IT expert today. I hope you know that you have to study at least 8 terms to get a bachelor and to call yourself an official IT expert.
Win Defender + Malwarebytes Free is all that you need. The detection rate of Win Defender is as good as any other 3rd antivirus scanner you've mentioned above and MB does the job if your PC is infected.
3rd party antivirus corps used to make billions since years on clueless and average PC users but they are fortunately dying out.

There is really no need to slow down a PC with Adware like Avast. There is a reason why even Malwarebytes classifies Avast such. lmao

Originally posted by Medication:

Huge wall of text but I'ma keep it short. Seems that everyone's an IT expert today. I hope you know that you have to study at least 8 terms to get a bachelor and to call yourself an official IT expert.
Win Defender + Malwarebytes Free is all that you need. The detection rate of Win Defender is as good as any other 3rd antivirus scanner you've mentioned above and MB does the job if your PC is infected.
3rd party antivirus corps used to make billions since years on clueless and average PC users but they are fortunately dying out.

There is really no need to slow down a PC with Adware like Avast. There is a reason why even Malwarebytes classifies Avast such. lmao

The title of IT Security Expert sounds odd, but "expert" just means in a range of topics. Others titles focus deeper into certain areas, so more the expert in a certain field. Contracted out via a company, it will depend on the client to what I'm actually working upon.

I have a Bachelor of Computer Systems and Certified Ethical Hacker (CEH) Certification.

Flipping my life around as a hacker wasting talent and skills. Now I do Bug Bounties upon HackerOne and Scam-bait as a hobby, etc. Grown some moral and ethical values, enjoy helping out others, and get paid better I could of retired now yet still work just for the enjoyment and passion of it.

I honestly don't like Avast that much myself either so can see were you are coming from and slightly agree with you point of view. I would much rather paid for a quality product to see what's occurring on my system. However, saying that, it's a lot better to go for a known free version, rather than trying to find a cracked anti-virus or operating system, as many of those would be backdoor spyware themselves.

If not that, you would be better off with nothing. Yet a lot of the time won't know when you are infected at all. Malware has shifted a lot from being something destructive into stealth snooping, and now ransomware. By the time you are infected, it's commonly too late.

Also note, Win 11 was created with TPM 2.0 hardware isolation for it's booting process. That's critical and the reason they had to design a new OS, when Win 10 was originally meant to be the last version (product turned into a service, with OS builds and versions). All previous versions of Microsoft OS were found to have an exploit which allows malware to rootkit inbetween the boot stage and OS, to avoid detection. Isolating that stage in hardware avoids that and same deal with the isolating of memory. That reduces old malware down by 76%, then an anti-virus on top can still detect the rest. It's a much more secure environment, but only if you have the hardware requirements. There's no point bypassing that requirement and should just stick with Win 10 or some other OS like Linux instead.

Originally posted by Medication:

Seems that everyone's an IT expert today.

Truth.

I've been building PC's since 1994, I'm not an "expert" but I'd wager my experience against anyone fresh out of school 100%. Life experience goes a long way.

Originally posted by TeamGunstar:

Originally posted by Medication:

Seems that everyone's an IT expert today.

Truth.

I've been building PC's since 1994, I'm not an "expert" but I'd wager my experience against anyone fresh out of school 100%. Life experience goes a long way.

It's a goofy job title.

Specialists are professionals who are experts in their field.

While Experts are professionals who have a range of experience over multiple fields.

Therefore a specialist is more of an actual "expert" in one topic, than an expert title is. Yet it's the provided job titles. There are others like Technician or Analyst, etc.

https://www.gradar.com/en/job-architecture/job-titles

Expert goes up to Sr. Expert (once you have had enough work experience, skills and start training others) and then Principial Expert as well (you would normally need to do your Masters degree and have a min 8 years in the field).

Originally posted by Azza ☠:

Originally posted by TeamGunstar:

Truth.

I've been building PC's since 1994, I'm not an "expert" but I'd wager my experience against anyone fresh out of school 100%. Life experience goes a long way.

It's a goofy job title.

Specialists are professionals who are experts in their field.

While Experts are professionals who have a range of experience over multiple fields.

Therefore a specialist is more of an actual "expert" in one topic, than an expert title is. Yet it's the provided job titles. There are others like Technician or Analyst, etc.

https://www.gradar.com/en/job-architecture/job-titles

Expert goes up to Sr. Expert and then Principial Expert as well.

Yeah I wasn't trying to downplay your experience bro, I'm sure anyone that spends their free time around the Hardware Forum on Steam of all places, either knows a thing or two or are here to learn.

I'll admit I have a full on bias against Antivirus software, I can't count the amount of times a PC is having issues and removing it solves it.

Originally posted by Azza ☠:

Originally posted by Medication:

Huge wall of text but I'ma keep it short. Seems that everyone's an IT expert today. I hope you know that you have to study at least 8 terms to get a bachelor and to call yourself an official IT expert.
Win Defender + Malwarebytes Free is all that you need. The detection rate of Win Defender is as good as any other 3rd antivirus scanner you've mentioned above and MB does the job if your PC is infected.
3rd party antivirus corps used to make billions since years on clueless and average PC users but they are fortunately dying out.

There is really no need to slow down a PC with Adware like Avast. There is a reason why even Malwarebytes classifies Avast such. lmao

The title of IT Security Expert sounds odd, but "expert" just means in a range of topics. Others titles focus deeper into certain areas, so more the expert in a certain field. Contracted out via a company, it will depend on the client to what I'm actually working upon.

I have a Bachelor of Computer Systems and Certified Ethical Hacker (CEH) Certification.

Flipping my life around as a hacker wasting talent and skills. Now I do Bug Bounties upon HackerOne and Scam-bait as a hobby, etc. Grown some moral and ethical values, enjoy helping out others, and get paid better I could of retired now yet still work just for the enjoyment and passion of it.

I honestly don't like Avast that much myself either so can see were you are coming from and slightly agree with you point of view. I would much rather paid for a quality product to see what's occurring on my system. However, saying that, it's a lot better to go for a known free version, rather than trying to find a cracked anti-virus or operating system, as many of those would be backdoor spyware themselves.

If not that, you would be better off with nothing. Yet a lot of the time won't know when you are infected at all. Malware has shifted a lot from being something destructive into stealth snooping, and now ransomware. By the time you are infected, it's commonly too late.

Also note, Win 11 was created with TPM 2.0 hardware isolation for it's[sic] booting process. That's critical and the reason they had to design a new OS, when Win 10 was originally meant to be the last version (product turned into a service, with OS builds and versions). All previous versions of Microsoft OS were found to have an exploit which allows malware to rootkit inbetween the boot stage and OS, to avoid detection. Isolating that stage in hardware avoids that and same deal with the isolating of memory. That reduces old malware down by 76%, then an anti-virus on top can still detect the rest. It's a much more secure environment, but only if you have the hardware requirements. There's no point bypassing that requirement and should just stick with Win 10 or some other OS like Linux instead.

Windows 11 only added TPM as a requirement as a matter of policy. The foundation for TPM boot validation has its roots all the way back in Windows Vista, and even in Windows 11 using the TPM to validate the boot process is still opt-in, requiring you to encrypt your startup drive with BitLocker or Device Encryption to tie the TPM boot validation to the drive's encryption key.

All Windows 11 did was check for the presence of a TPM 2.0 and other hardware specifications during setup, and its security features, both TPM and virtualization based, are on par with Windows 10 v2004.

The TPM doesn't provide any isolation unless you count the protection of cryptographic secrets within its silicon to be isolation.

The protection against rogue bootloaders is performed by Secure Boot, which has been around since Windows 8, where the firmware verifies the digital signature of the bootloader prior to running it. Windows Boot Manager continues the chain of trust by verifying the signatures of the kernel and drivers it loads. TPM 2.0 may come into play at this stage if BitLocker is enabled, completing the evaluation of the boot environment by verifying the BCD entries have not been tampered with before allowing the boot drive to be unlocked.

Originally posted by Crashed:

Originally posted by Azza ☠:

The title of IT Security Expert sounds odd, but "expert" just means in a range of topics. Others titles focus deeper into certain areas, so more the expert in a certain field. Contracted out via a company, it will depend on the client to what I'm actually working upon.

I have a Bachelor of Computer Systems and Certified Ethical Hacker (CEH) Certification.

Flipping my life around as a hacker wasting talent and skills. Now I do Bug Bounties upon HackerOne and Scam-bait as a hobby, etc. Grown some moral and ethical values, enjoy helping out others, and get paid better I could of retired now yet still work just for the enjoyment and passion of it.

I honestly don't like Avast that much myself either so can see were you are coming from and slightly agree with you point of view. I would much rather paid for a quality product to see what's occurring on my system. However, saying that, it's a lot better to go for a known free version, rather than trying to find a cracked anti-virus or operating system, as many of those would be backdoor spyware themselves.

If not that, you would be better off with nothing. Yet a lot of the time won't know when you are infected at all. Malware has shifted a lot from being something destructive into stealth snooping, and now ransomware. By the time you are infected, it's commonly too late.

Also note, Win 11 was created with TPM 2.0 hardware isolation for it's[sic] booting process. That's critical and the reason they had to design a new OS, when Win 10 was originally meant to be the last version (product turned into a service, with OS builds and versions). All previous versions of Microsoft OS were found to have an exploit which allows malware to rootkit inbetween the boot stage and OS, to avoid detection. Isolating that stage in hardware avoids that and same deal with the isolating of memory. That reduces old malware down by 76%, then an anti-virus on top can still detect the rest. It's a much more secure environment, but only if you have the hardware requirements. There's no point bypassing that requirement and should just stick with Win 10 or some other OS like Linux instead.

Windows 11 only added TPM as a requirement as a matter of policy. The foundation for TPM boot validation has its roots all the way back in Windows Vista, and even in Windows 11 using the TPM to validate the boot process is still opt-in, requiring you to encrypt your startup drive with BitLocker or Device Encryption to tie the TPM boot validation to the drive's encryption key.

All Windows 11 did was check for the presence of a TPM 2.0 and other hardware specifications during setup, and its security features, both TPM and virtualization based, are on par with Windows 10 v2004.

There's is a redesigned boot stage allowing all of that to go into the TPM 2.0 hardware isolation, which Win 10 and previous OS won't be able to perform.

Yes, I agree it's also related to Bitlocker and online Cloud Networking. Since Covid hit with country lockdowns, many employees started working remotely from home to link into their work environment. Win 11 allows for a stolen laptop to be even blocked from access that work environment being hacked and access from it as well. It's quite ideal for those working at home and companies to upgrade their systems to support.

Core Isolation > Memory Integrity, is another optional feature you can turn on or off, which isolates the memory.

Do you have any documentation on this new boot stage? Also Memory Isolation is in Windows 10 too and is still optional in 11 because it can conflict with some drivers.

Originally posted by Medication:

Huge wall of text but I'ma keep it short. Seems that everyone's an IT expert today. I hope you know that you have to study at least 8 terms to get a bachelor and to call yourself an official IT expert.

I don't want to be mean or come across as picking on you but one can give the info without sounding like everything is crap except what one prefers.

One thing that's better than claiming expertise in some subject is having an unbiased mind. Yes Avast had/has privacy issues but it's a capable software. So is Norton, despite the performance hits and the crypto. One can always read up on it elsewhere and demo it.

If someone has a paid license for something and asks if it's compatible, well simply answer the question. Let the readers decide--give them some credit.

The LAST time i used Norton they had gotten better than they were before, been quite a while though.

But MB is a definite must, even if you just have it installed to scan every now and then while not being run in the background.

If anything, test gaming performance with and without Norton to see if its worth having over MB.