Recommend me comprehensive anti-virus software

Axon wrote:
souldaddy wrote:

OS X?

Ars has some paid and free recommendations for all three major OS's (What is the plural?).

The number one suggestion for Mac OS X?

System Preferences Panel

Number two?

The Open Firmware utility

Wait, what about viruses?

Yes, viruses, trojans, worms, and their ilk are few and far between right now. But with Apple's market share growing much faster than the rest of the market, at some point, the bad guys may realize that there's a large and relatively untapped market. Should that day come, you'll want to be prepared.

They go on to suggest ClamAV, even though there is no real need for it yet. They do suggest some other cool apps for keeping track of what goes on while you are away from your computer.

Personally, I've never used any anti-virus programs since I bought my first Mac five years ago. I have three now, and still no problems.

Don't shoot the messenger :). I'm actually writing this on my Mac which runs around the internet as naked as the day it was born so I'm with you on that one. Just trying to be nice :).

But seriously, what is the plural of OS?

*waits for the day that people decide to start writing viruses for macs...

It's not that it can't be done... It's just that people are too lazy to do it, b/c they'll affect more people writing malicious PC code. I have always loved that Mac bullet point. No better way to get people to create viruses for your system than telling them that your system is safer than the competition.

Yeah, don't put any big faith in the Mac's security level. When I was first learning OS X, I was absolutely appalled by some of the design decisions; at the time, it was possible to dump all the encrypted passwords on the system with the nidump utility, even running as the nobody user, which was one of the stupidest ideas I've ever seen. Much of OS X's design is from NeXT, and much of that is from WAY before security became such an issue.

I trust Linux the most, because each installation is often quite unique; there are so many programs available that the chances of you having the same configuration as very many other Linux users is fairly low. OS X I think of as unproven, and I strongly suspect there's a LOT of bad bugs lurking for the hackers to exploit. And Windows, well.... we all know about Windows. Microsoft retrofitting security to XP is like trying to make cheesecloth waterproof with lots and lots of scotch tape. Vista is probably better, but we'll see how it goes.

I've always been amazed at how many people will tell me with a straight face, "I don't run anything on my Windows 'whatever' box and I've never had a problem!" I usually just reply, "Organized criminals in Russia and China thank you for your contribution."

I see a OS X ending up in that camp some day.

LilCodger wrote:

I've always been amazed at how many people will tell me with a straight face, "I don't run anything on my Windows 'whatever' box and I've never had a problem!" I usually just reply, "Organized criminals in Russia and China thank you for your contribution."

Indeed... people believe that if they don't see a problem, they don't have viruses on their system. They forget that the purpose of these viruses is to serve their masters without being spotted. They will hide themselves, throttle their bandwidth and CPU use to remain on the down-low, auto-update themselves...

LilCodger wrote:

I've always been amazed at how many people will tell me with a straight face, "I don't run anything on my Windows 'whatever' box and I've never had a problem!" I usually just reply, "Organized criminals in Russia and China thank you for your contribution."

I don't run anything on my Windows box except for a manual HouseCall scan about once a month and I've had no problems for years. That said, being a professional technician, I know how to avoid stuff like that. If an "average user" ever says that, they should be smacked upside the head. But you can very easily run no security software on a Windows PC and get no infections if you know what you're doing.

kilroy0097 wrote:

Have they changed from your previous ones almost a year ago?

Yes.

I've replaced AVG with Avast, although AVG and AntiVir are equally valid options.

Everyone should have the free version of PC Tools ThreatFire, which is a heuristics-based malware defender.

Then, I use Windows Defender for definition-based anti-malware.

Those three free apps have performed extremely well on various tests, including Maximum PC's.

Kaspersky is great if you're willing to pay for a single premium solution. It's not necessary to get good protection (the above combo will perform very well), but the convenience may be worth the money for some people.

Parallax Abstraction wrote:

If an "average user" ever says that, they should be smacked upside the head. But you can very easily run no security software on a Windows PC and get no infections if you know what you're doing.

What if someone you know "emailed" you a JPEG file with a buffer overrun which would activate the moment it shows up in your Outlook preview window, before this vulnerability was officially patched by Microsoft ?

What if you accidentally forget a CD or a floppy which happens to have a bootsector virus before rebooting your machine, which will then attempt to boot from it ?

What if your PC isn't the only one behind the router (i.e. in cafeteria with another infected laptop connected via wi-fi), and is attacked by a zero-hour exploit that way ?

What if you run an infected Powerpoint presentation or some other means which have not yet been exploited (and patched) ? What if you get infiltrated via the latest Flash Player exploit ?

Humans are fallible. Not having an antivirus requires one to be extremely Spartan/isolationist in everything they do, which takes away the fun of using the computer in the first place.

I don't run anything on my Windows box except for a manual HouseCall scan about once a month and I've had no problems for years.

I've gone on about this before, but the most comprehensive (and thus, widespread) viruses nowadays can make themselves undetectable by standalone scanners despite being in their signature database. I've encountered this several times. Once you let it execute, you lose.

LilCodger wrote:

I've always been amazed at how many people will tell me with a straight face, "I don't run anything on my Windows 'whatever' box and I've never had a problem!" I usually just reply, "Organized criminals in Russia and China thank you for your contribution."

On par with people who think that virus scans and "deletions" make them safe again, I would say.

KingGorilla wrote:
LilCodger wrote:

I've always been amazed at how many people will tell me with a straight face, "I don't run anything on my Windows 'whatever' box and I've never had a problem!" I usually just reply, "Organized criminals in Russia and China thank you for your contribution."

On par with people who think that virus scans and "deletions" make them safe again, I would say.

For most of the Windows viruses, you can still clean them. Most of the writers still stink.

The root kits are getting better all the time though, so those days are admittedly coming to a close.

shihonage wrote:

The funny thing about F-Prot that its so buggy now, it doesn't completely uninstall itself. On three separate machines I uninstalled it and it decided to leave "FProttray" running (without system tray icon or any functionality) as a startup process, and also left a reference inside Outlook toward running its Email scan engine which has been deleted.

I still can't get rid of that Outlook error message no matter what I do.

Shot in the dark here, but it can't hurt to check.
In Outlook:
Go to Tools, Options. Go to the Other Tab. Click the Advanced Options button. Click the Add-In Manager... button at the bottom. Look for an item with F-Prot in its title, and uncheck it if it's there. OK your way out, and you should cease getting the F-Prot error message when you start Outlook.

Older versions of Symantec AV Corporate used to leave stuff in Outlook like this. Hope this works for ya.

Okay I am leaning toward NOD32 now. Kaspersky has shown on several occasions to be lagging behind. In particular, while visiting this brilliant example of Russian social engineering - http://miss-runet.net/?a=125550 (the page is harmless unless you click somewhere and let it download the executable msetup.exe), Kaspersky let the file by as harmless even with heuristics at MAX while NOD immediately detected it as a variation of something.

Proactive protection, heuristics are very very important to me. Kaspersky lags like hell with heuristics set at MAX in realtime scanner, too. Maybe it's time for me to get off Kaspersky and get married to NOD.

Welcome to the fold shiho. Enjoy the warm embrace.

Ok that statement doesn't make it sound too appealing.

Firefox (at least FF3) blocks that page's download before it can even be offered to the user.

Hmm, NOD is sounding better and better.

Quick question: does NOD require an annual "subscription", or is it an install-and-forget program like AVG?

Um... never thought I'd say this but maybe it's time to go back to Norton AV. It seems they're cleaning up their act pretty seriously.

Three AV tools had perfect scores, catching all active and inactive rootkits as well as removing all of them: Norton Antivirus 2008 15.0.0.58; Panda Security Antivirus 2008 3.00.00; and F-Secure Anti-Virus 2008 6.80.2610.0.

One of the oldest antiviruses in existence strikes again ! I always had a soft spot for Norton, because it used to be good throughout DOS, Win3.1 and Windows 95 days.

Well sure .. Norton works.. Anything that locks down a computer to the point of making it more difficult to get things done and uses as much resources as it usually does had better work.

shihonage wrote:

Um... never thought I'd say this but maybe it's time to go back to Norton AV. It seems they're cleaning up their act pretty seriously.

Three AV tools had perfect scores, catching all active and inactive rootkits as well as removing all of them: Norton Antivirus 2008 15.0.0.58; Panda Security Antivirus 2008 3.00.00; and F-Secure Anti-Virus 2008 6.80.2610.0.

One of the oldest antiviruses in existence strikes again ! I always had a soft spot for Norton, because it used to be good throughout DOS, Win3.1 and Windows 95 days.

They're finally getting around to technically leveraging one of their buyouts ... Veritas.

Veritas co-wrote the logical disk management system for Windows, and are really good at kernel level stuff. I was pleasantly surprised by their presentation for their new corporate product. We didn't end up buying it due to monetary issues, but it did look much better than their traditional product.

Norton's going to have several years of solid performance before I'll ever consider selling it again. So many years of garbage and frustration... I installed the 2008 at Geek Squad a few times and I didn't find it that much better than previous years though it was a bit less bloated.

Arise!
I had been using avast, but I found that it did a piss-poor job of removing a Win32 Rootkit that my gf picked up on a particularly promiscuous USB key. Given that I'm fairly certain those things travel to dirty computers, I want to upgrade the resident protection a notch and am willing to pay for a better solution than avast.
Are people still liking NOD32? Their price for a 3 computer 3 year sub seemed pretty reasonable.
One question - with NOD, can I disable bits and pieces of the resident protection temporarily if I have to, without stopping the entire program? One thing I liked about avast was the ability to enable and disable different pieces.

I'm still using NOD32 and still love it. Plus, it's still one of the only AVs I've heard of in recent times that protects WinXP x64 (I know, I know-- time for an upgrade, but still...). Still no problems, have yet to contract a virus that NOD32 hasn't caught immediately.

As far as disabling features, what do you need to disable it for? I've found that NOD32 runs rather quietly in the background, never interferes with Maya, Photoshop, ZBrush, games-- any major app I use regularly. But it does have a convenient right-click menu in the taskbar that quickly allows you to disable the AV without rebooting or jumping through hoops, should you need to.

Good to know. Can I set it to scan USB keys as soon as they are put into the computer? They're my biggest scare right now in terms of threat.
I'm off to get the free trial.

Now that I don't know. But you can turn off MS's autorun/ autoplay and that should keep anything from installing without your notice. Then you can right click the drive and scan it for anything malicious before opening it. I would recommend that, as you won't have to rely so much on anything else to protect your computer

My company recently switched our loyalty from Kaspersky to NOD32 and we love it. It's the only AV product on the market right now to get the Advanced+ rating from AV Comparatives which is their highest mark and it is incredibly light and fast. Dysplastic, if you use the trial version and like it, let me know. I can get you a license key for it at our wholesale price which is a lot less than you'll find it anywhere else (including from ESET directly.) Come to think of it, I can get inexpensive keys for any Goodjer with a credit card. If anyone wants a key, PM me.

My dad stands by Trend Micro which seems to get the job done. I got nothing much more to say than that.

I can't stand newer Trend Micro releases. The older versions were good and used to be what I recommended but the new versions are incredibly bloated (i.e. taking 45 seconds to initialize on a Cure 2 Duo with 2GB RAM under XP) and they were getting some of the lowest AV Comparatives scores, though their product was not included in their most recent testing. I find that rather strange considering every major player (and some new ones I've never heard of) are present here. If Trend excluded themselves from the study, that's not a good sign. That's my experience of course and your mileage may vary but that's what I've seen lately.

The latest AV Comparatives report is up and the results are quite a shift. Whereas the last time, only NOD32 received their highest Advanced+ accuracy rating, it now shares that with Kaspersky, McAfee (this one really shocked me) and Norton (also shocking). Their latest performance report is returning a 404 error but was also done last October which means it isn't current with the versions tested for accuracy. I'm glad to see more products stepping up to the plate and getting their accuracy up.

I run Trend Micro, because this is what came bundled with my Dell desktop (which itself, in turn, was procured thanks to an insane EPP deal that came along just at the right moment). The annual subscription actually expires in a couple of weeks, and I am going to try NOD32 instead.

TM did its job so far, catching stuff ranging from an infected SD card from my dad's camera to adware my kid was running into at nickelodeon.com (!) to various drive-by stuff on a handful of Russian websites that my wife reads.

What I don't like about TM is the sluggishness already mentioned by PA, and the extreme inflexibility of the UI. For example, if it informs you about 20 different shady cookies, you have to highlight and click "Delete" for each every damn one of them.