I really thought antivirus software was helpful and was naively reporting samples of malwares I found on my machine to one of the vendor I trusted. Things like that went on for years until one day I found something suspicious on my machine again: self-extracted other binaries, stealthily registered auto-start on boot, listening on some port, contacting some servers etc.. The most important thing was that I did not install it not it was a part of anything I accidentally installed. So I reported again and well to my surprise, they told me nah, it's not malicious. Huh? Their response raised a bigger question mark in my head as I already spent hours trying and managed to disable it from my system and I was pretty sure it actually was malicious. I wasn't sure what was going on then, so I replied that I was not comfortable with the sample, could you test again etc. without providing evidences I found deliberately. And the feedback from them was: we've tested it and it was not malicious.
Okay, so I was convinced that: either they were lousy enough and unable to figure out what was going on or it was created by them. The behaviors were so obvious and thus it's very unlikely the could not find it out, I was inclined to believe they were the one created it.
So I immediately uninstalled their products from all my machines and now the very first thing I do when I receive a new machine is to remove pre-installed antivirus software and disable the damn Windows Defender. M$ now makes it really hard to disable Windows Defender completely...
So I immediately uninstalled their products from all my machines and now the very first thing I do when I receive a new machine is to remove pre-installed antivirus software and disable the damn Windows Defender. M$ now makes it really hard to disable Windows Defender completely...