If the mission statement of this place is to provide information, then I think it would be good idea to include security apps like these in the recommendations.
Even if you ultimately end up recommending people not do something does not mean it is not a recommendation. It also does not mean it is not helpful for people to know why it is the case, and to let people make their own decisions. Everything we do is about trade-offs — what we are willing to give up in order to gain something else — and this is different for every person.
In any case, thanks for all the discourse I have followed here for a while without making an account.
You should read the T&C of these products you’ll find they collect a lot of data to “protect the user”, just like McAfee which has some rather dubious and broad language in it. There’s no surprise that these large VPN companies are entering virus scanner space. Antivirus companies have been trying to enter the VPN space. The reality is you really don’t need either.
What did you end up using? I was thinking of buying a Malwarebytes subscription, and went to read its privacy policy. The part that stuck out to me was:
We may disclose personal information to government agencies, law enforcement officials, and private parties as we, in our sole discretion, believe necessary: (1) to satisfy or comply with any applicable law, regulation or legal process; (2) to respond to lawful requests, including subpoenas, warrants or court orders; (3) to protect our property, rights and safety and the rights, property and safety of third parties or the public in general; and (4) to prevent or stop activity we consider to be illegal or unethical.
In certain situations, Malwarebytes may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
“Prevent or stop” activity sounds deeply problematic. It was what led me to check in the forum here to see if there were any recommendations. I couldn’t really find any. If someone has them, please share.
Going by the Privacy Policy I think G-Data is a solid way to go.
I will either leave my Windows 11 Laptop with Defender or get G-Data. Haven’t decided about Internet Security or total security.
The true always solution.
Common sense and Defender. If you really need another AV
use Malwarebytes as a “second thought” scanning AV, Don’t let it run in the background and generally just rely on defender for the real time protection.
But use this method alongside VirusTotal for files you can scan within the size limit:
edit: Rather you can just use something like:
(alongside those if you want) instead of Malwarebytes [But still with Virustotal], this gets the software and optionally can run it on a vm/sandbox isolated from everything else and can check for behavior and malware here.
When you are using Virustotal, you are literally uploading your files to their servers for “researchers” (anyone subscribed to their service) to see and analyze.
I am a bit confused as to the issue here? Whatever you upload to virustotal is, in theory, a file you don’t trust and most likely does not originate from you. If it is malicious, you should want others to know about it.
Or is it just the risk of human error that concerns you (ie uploading a file you did not intend to upload)?
Can you provide an example of something that, you might think is malicious but also has sensitive info? I guess I am having trouble imaganing the scenario.
Then in that case use defender/Malwarebytes method.
However, I don’t get it, you’re not say scanning an internal application say an application made from the programmers at the company or something and outside of documents, it makes sense to include Virtustotal but if you can.
Also most of the companies who have established trust with another company don’t have to worry about documents needing to be scanned for malware or other things.
I don’t see how scanning a software for malware or a company you have never established with for malware would be a bad thing even if it means there are sensitive info about it. In any case I agree with @Parish255
I also just don’t see a scenario outside of a new company trust establishment and documents you don’t trust but even then.