Protection vs Cleaning

I am confused about the video Melih made Protection vs Virus Cleaning. I used Kaspersky for 2yrs and it protected my PC, when I installed it I had a trojan and it removed it and my laptop was fine. So, it protected my laptop from several email viruses and various dangerous website (it blocked), so how can it be true?

And NO I do not want to start a riot!!!

How can what be true?

It sounds to me like Kaspersky cleaned a piece of malware which your previous anti-malware product failed to protect you from. Kaspersky then went on to protect your computer by using signatures to detect dangerous programs.

Although this is a form of protection which has been used for a long time, Melih’s argument is that it is more suited to cleaning than protection. The reason for this is that it’s possible for a product protecting users with signatures to not have a signature for a piece of malware. Thus, the malware is allowed onto the computer and can do whatever it wants until that product detects the malware with a signature. It then cleans it and claims that it protected your computer.

However, true protection would mean that malware cannot get a foothold on your computer in the first place. If a security product adequately protects your computer there should not be a need for cleaning.

What Melih was trying to say is that the AV itself is not efficient today for the protection because there is a lot of malware around which is not being detected. Having just an AV is like playing a Russian roulette it’s all down to luck if you will get infected or not. Comodo offers a full suite protection not just an AV. AV vendors started adding the extra protection now but some still heavily rely on the detection which is a risk by itself.

Ahhh I see, Kaspersky now have a HIPS and you can select is downloads should be low restricted, high restricted or untrusted - untrusted will not allow anything to run. This guy PC Security Channel My PC Security Configuration(windows 8) - YouTube said that Comodo is poor he now uses windows defender, is he correct, or just does not know what he is on about?

It appears he’s just talking about the detection rate. He still uses Comodo Firewall. I believe that for Windows 8, Windows Defender has the same detection as MSE. Does anyone know for sure if that’s true?

From what I understand he is talking about the AV component of CIS versus Windows Defender. Which one is best I can’t answer, it’s basically the module that detects viruses by signatures and then cleans them.
So I don’t think he means that Comodo or the suit it self is bad, but rather that the AV component doesn’t measure up Windows Defender, according to him. I don’t know how well the AV of CIS work against the AV of Windows Defender though.

Edit: Chiron was faster…

I don’t know about detection rate but from what I have understood, Windows Defender in Windows 8 is basically MSE but renamed. While I was using it, it both looked and worked as MSE, except for the names.
Edit: I think it would be weird if they had different detection rates since they both come from Microsoft, it’s like Comodo would release V6 for Windows 7 and then V6 for Windows 8 and V6 for Windows 8 had worse detection rate or something, just doesn’t add up in my opinion.

Yeah I tried Kaspersky HIPS they are very good and from what I know Kaspersky might introduce Default Deny protection in the future just like Comodo. Windows Defender is not sufficient enough to protect you at all.

He also mentions that Comodo is now going towards just using virtulisation in-terms-of running a virus fully virtualised and not using HIP’s is that true?

Yes Chiron you are correct, Kaspersky removed the Trojan (but Melih said antivirus products are no good in cleaning an infected PC) but Kaspersky deleted it - it all confuses me!!!

Well it certainly looks like Comodo is heading for Virtualization, at least if you compare CIS 5.12 to CIS 6. Though CIS still uses some HIPS inside the virtualization, so some things will be automatically blocked, you won’t get any alerts for these though.

I have watched the video you are talking about, however I can’t remember what is said in it. I have always gotten the impression that Melih is “selling the product”, I don’t know why but it’s just an impression I’ve gotten from when he posts, might have something to do with the way he writes. I’m absolutely not saying that Melih is like that, it’s just an impression that I have, reminds me of sales men.

No, the idea is that antivirus products are good at cleaning an infected computer. The issue is that it’s better to use security applications that prevent the infection from occurring in the first place.

Yes it seems to be true - good sales men can sell anything e.g., oil to Saudi Arabia