What is a good free antivirus protection program? Is AVG a good free program?

Discussion in 'Virus Information' started by John (Zi Rong) Low, Dec 27, 2005.

  1. John (Zi Rong) Low

    Leythos Guest

    If you were experienced enough you would have provided more information

    To say that your swap file use increases significantly is a sign that
    you don't have enough RAM. As you've not indicated how much RAM you
    have, it was a good call that you don't have enough RAM.

    I've installed NAT 2004, 2005, 2006 on several machines in the last few
    years, when properly setup (the computers) there was no noticeable
    impact on performance that users could detect. Most of those machines
    were running Windows XP with 256MB RAM, which I consider the minimum for
    XP in most settings, 512MB seems to be the middle ground for
    Leythos, Dec 31, 2005
    1. Advertisements

  2. On Sat, 31 Dec 2005 03:32:59 GMT, "Phil Weldon"
    Nope - not until we know:

    1) Whether this is corporate or consumer "Norton"
    2) Whether the settings were as default, and what they were
    3) What the system spec was

    It may be a case of "Norton AV won't slow you down as long as you have
    an extra 512M RAM lying around to support the load; RAM is cheap" etc.
    Don't pay malware vendors - boycott Sony
    cquirke (MVP Windows shell/user), Jan 1, 2006
    1. Advertisements

  3. John (Zi Rong) Low

    Leythos Guest

    Since the "Norton" version is the Home/Consumer version, and the
    Symantec is the Corporate, when I stated Norton AV 2006, it implies
    Home/Consumer version - which it was - the 5 pack to be specific.
    Several Systems as follows:

    All systems were formatted/installed from scratch, MS Office 2003
    Professional Installed. All updates from Windows Update.


    Windows 2000 Prof SP4
    Windows XP Prof SP2
    P3/966mhz/256MB RAM
    P4/3.2ghz/512MB RAM
    Both systems responded the same after the initial startup - meaning that
    one the system was booted, loggeded in, and had time to complete loading
    the background apps, there was no detectable difference between the
    systems running with/without Norton 2006 AV.
    Leythos, Jan 1, 2006
  4. John (Zi Rong) Low

    Charlie Tame Guest

    That's a clean install, wait until Norton has "Found and Corrected" a few
    things :)
    Charlie Tame, Jan 1, 2006
  5. John (Zi Rong) Low

    Leythos Guest

    I hate to tell you this, but we've got clients (small offices) that run
    NAV (not Symantec) on their machines, 2006 to be the latest, and have
    not experienced ANY problems with Performance or Viruses. I personally,
    with all the clients I manage and their network, have never found a
    performance hit with Norton or Symantec AV products - please remember,
    I'm ONLY talking about AV, not NIS, NPFW, or their suites.

    As a provider of IT solutions, we test and keep copies of the top 10
    apps in our testing center, and we run them once every couple months
    against what we consider a basic set of tests, or as new versions come
    out and clients question the products. So far, I've never found a reason
    to not use Symantec Corporate AV software, and not found any real
    reasons to switch from Norton on the low end side.
    Leythos, Jan 1, 2006
  6. No, I meant the NAV settings...
    Any of the P3 running XP? That would be a good test.
    Did starting up take longer?
    Did you try switching between OE user identities?

    The second was a point of pain with NAV 2005. It could be they've
    clued up and optimized NAV, much as Adobe (Acrobat) Reader claimed to
    have done from 6.xx to 7.xx; nice work if so.

    I'd still avoid NAV, in view of post-"uninstall" remnants and DRM.

    Don't pay malware vendors - boycott Sony
    cquirke (MVP Windows shell/user), Jan 1, 2006
  7. John (Zi Rong) Low

    Leythos Guest

    Default, only the AUTOMATIC Startup Scan was removed if added by the
    default install.
    Yes, both systems were running XP and 2000.
    Yes, and I fully expected it too - when you add something that inserts
    itself into the load it's going to take longer.
    We don't use Outlook Express, only Outlook 2000/2003 or Thunderbird, so
    switching was simple.
    LOL, I don't think that Adobe Acrobat 7 is faster than 5 was, in fact,
    it's had a lot of problems. I also don't think that NAV 2006 is faster
    than NAV 2003 was, but it also does a LOT more than 2003 did.

    It was interesting to see that I could VNC from machine to machine from
    the LAN, but when I tried a remote (from outside the lan) VNC to any
    machine, NAV 2006 blocked it until I selected to PERMIT it. Nice
    addition, but I would have rather controlled that in the Firewall - I
    was unaware that NAV2006 included that level of protection.
    To each his own :)
    Leythos, Jan 1, 2006
  8. John (Zi Rong) Low

    Leythos Guest

    Leythos, Jan 2, 2006
  9. John (Zi Rong) Low

    Leythos Guest

    NNTP-Posting-Host: ppp-69-237-53-123.dsl.bkfd14.pacbell.net

    Please note that PCBUTTS1 is the poster of the above message (the BS
    part) using my NickName "Leythos". He posts from the above host, which
    you can validate in the Usenet headers, since Microsoft deletes his
    posts from their servers due to his lack of ethics, his theft of others
    code, and his violations of their Usenet standards.

    PCBUTTS1 does not post help unless he can cut/paste it or pilfer it from
    another person.
    Leythos, Jan 2, 2006
  10. John (Zi Rong) Low

    Charlie Tame Guest

    Exactly my point. You have already detailed the lengths you go to to carry
    out regular maintenance, you don't rely on Norton software to mess about
    with disk drives, the registry or other systems stuff and in fact you keep
    the machines relatively clean even without it. I suspect you also address
    "Squeaky wheels" before the actually drop off. You also don't have Norton
    "Optimizing" one way and some other stuff "Optimizing" a different way. In
    short you use Norton, you don't have it using you. Most home users that come
    unstuck probably do so from relying on Norton's snake oil protection. From
    my limited experience with the corporate edition I agree, it is a totally
    different animal, but it is none the less deplorable that the same company's
    conduct toward other paying users is so poor.

    Charlie Tame, Jan 2, 2006
  11. John (Zi Rong) Low

    Leythos Guest

    But the point is that Norton AV works fine when running on a system that
    is maintained, that is somewhat maintained. Any application that works
    at the level of an AV product is bound (and most do) to have problems
    once a system is screwed-up by bad drivers, bad updates, bad software,
    not to mention viruses and other malware.

    I've not found where Norton AV running on my Mothers and Mother in-law's
    computers have caused them any problems - and they've been running
    Windows XP for more than a year without me doing anything to their
    Leythos, Jan 2, 2006
  12. John (Zi Rong) Low

    Charlie Tame Guest

    Same goes for my wife with W2000, but she doesn't meddle with a lot and
    would not use the "Tools" Norton supplies if they were there. The problem
    seems to be that it's really fragile if it actually gets used. Installed as
    Eye Candy I'm sure it's fine.

    Charlie Tame, Jan 2, 2006
  13. OK. Does it scan all file types, or just ones it expects to be risky?
    Well, that's one of the "bloat" factors; let's not gloss over that.
    Is the adverse impact of NAV 2006 greater thabn other av?

    Another bloat factor is memory useage, in the pure sense, rather than
    how well it works with recommended amounts of memory. Testing on XP
    with 128M RAM would be a good metric there. That's not only relevant
    to such systems, but a better predictor for systems with "enough" RAM
    that have other underfootware or foreground-app bloat factors.
    Cool. I and mine generally use Eudora rather than OE etc. and the way
    this stores attachments obviates the need for mail scanning heroics.
    The issue with changing identities in OE was so severe that the user
    elected to abandon the NAV they paid for and use AVG instead.
    OK. Sometimesa reputation for bloatedness can persist after the
    bloating trend is stopped, allowing better performance as hardware
    catches up. I found this to be the case with MS Office, with Office
    2000 as the last "yuk" waypoint. There was a time that MS Office
    raised the hardware bar significantly higher than the OS of the time;
    I think that is less the case these days.

    Acrobat Reader 6.xx was a pig, after 5.xx; I don't expect 7.xx to be
    as light as 5.xx but if it's better than than 6.xx, that's good. My
    mileage suggests that it is so, even with the sneaky "run the bloaty
    stuff at OS startup" feature ripped out.

    Also, Adobe finally got there act together on point-version
    distribution. With the 7.0.1-3 updates (mandated by exploitable
    defects), you had to first download 7.0.0 and then serially apply the
    updates. When 7.0.5 came out, it was; install 7.0.0 then 7.0.5, you
    can skip the .1-3 at least. Right now, you can download 7.0.5 as the
    complete package as nature intended, plus (from ActiveX-killing
    Firefox) you can download the whole thing without passing through some
    ghastly "live-install" stub or proprietary downloader.

    So it seems that dumb-ass vendors *can* learn old tricks (i.e. the
    same tricks everyone else got right from the time the earth cooled).
    Well, let's discuss each of these in turn.

    It's well-known that Norton uninstallation is a PITA; in fact it can
    be very difficult to getr your installation back clean after it's been
    "Nortoned". I logged one such case; first I did the "front door"
    uninstallation methods (Add/Remove etc.) and it woulldn't uninstall
    unless I waved the CD at it. Then it left a ton of junk, so I
    downloaded and ran the post-uninstall cleanup tool from their web
    site. This still left a ton of junk in the registry, in fact I had to
    manually search and kill more stuff than the tool had cleared.

    I've heard folks seriously suggest a need to "just" wipe and rebuild
    to get rid of Norton. Now I know there are folks that suggest "just"
    wipe and rebuild whenever a gnat farts in the vicinity; these aren't
    the usual gang of idiots, but folks who I respect at the tech level.

    Now the loss of an installation is something I see as a Grade-A
    disaster; basically the outcome that maintenance tools such as av are
    there to prevent. Any software that precipitates this crisis is unfit
    for use, and certainly not worth paying for.

    So when it comes to (re-)evaluating core software, this issue needs to
    be tested. Can its uninstaller wipe its own butt at last?

    DRM concerns are two-fold. First, a vandor who is prepared to damage
    your interests on the assumption that you may be damaging theirs - and
    to automate this, as well - is not a vandor I want to depend on, much
    less support through any sort of payment. The trust isn't there.

    Second, and especially with an antivirus, there are specific practical
    considerations. Malware is software that adds unwanted functionality
    by stealth, and it's ironic to choose an anti-malware product that
    does exactly this. There are two practicalities:

    1) Increased (exploitable?) fragility

    Once there is a poison-pill payload built into the product, this can
    be triggered by malware - just smash up something that triggers the
    DRM logic to assume the license terms are being broken.

    2) Complicated manual malware management

    You may have to go after something "by hand", either because it's too
    new for the av to detect, or the av doesn't consider it malware, as is
    the case for much commercial malware and many bots.

    When you do, you will have to ask; is this unexpected intrusion into
    the system's integration or file set a part of the malware I'm after,
    or the av's DRM? If I leave this, will I leave the malware in place?
    If I kill this, will I find my av has died?

    Finally, we come to whether the putative better efficacy is worth the
    hassles and/or extra cost.

    I saw a study of commercial malware (cm) scanners that indicated the
    difference between using a compitent free product and the best fee
    product was smaller than using a compitent free product and two
    compitent free products. IOW, better results were obtained using two
    free scanners vs. one best-of-breed feeware scanner.

    This has long been the case with AdAware and Spybot; just about any PC
    infected with multiple cm will have some that are detected by one and
    not the other, and vice versa. Adding MSAS Beta as a backstop often
    brings to light a few more that both missed - but I'd never assume
    MSAS would catch everything that AdAware and Spybot caught.

    When it comes to interventional (clean-up) scanning, I'm finding the
    same applies to av. AntiVir 6 detects the most stuff, especially bots
    and droppers, but I would not assume that it finds everything that
    F-Prot, McAfee, SysClean andeven Stinger would find.

    So rather than chase the prefect av, I'd reduce dependence on av as
    far as possible, then corral all incoming material through a subtree
    that can be manually scanned via additional on-demand av, such as
    BitDefender, AntiVir in manual mode, SysClean, etc.

    The other drawback of feeware av is that it dies once a year. All the
    extra malware the feeware scanner may have caught in the last 12
    months, may be outweighed by the amount of stuff that can walk in
    between the time the av refuses to update, and management gets their
    act together to renew or replace the expired product.

    In my market, the only value I'd find compelling enough to pay for,
    would be a vendor-supported formal scanning and cleaning facility,
    such as encapsulated as Avast for Bart. Many av had "rescue" scanners
    that ran from off-HD DOS boot, but this isn't enough in an age of NTFS
    and HDs over 137G in capacity.

    Don't pay malware vendors - boycott Sony
    cquirke (MVP Windows shell/user), Jan 2, 2006
  14. John (Zi Rong) Low

    Leythos Guest

    The default IS ALL FILES, in the OLD DAYS it was defaulted to specific
    files, they learned their lesson many years ago and the default is ALL
    You could say that about many things, the more you load at startup the
    longer startup takes - since this is true with EVERY application like
    it, NAV is no better/worse, non-issue.
    Wrong, Windows XP needs 128 just for itself, anyone using Windows XP
    with 128MB of RAM is not doing anything with the computer or just
    doesn't really care that the machine is SLOW. 192MB is the real Minimum,
    256MB if you don't want to hit the swap file on boot, and 512MB if you
    leave all the eye-candy enabled and want to do anything with MS Office

    So, anyone testing on 128MB of RAM will find that ALL AV real-time
    scanners that provide quality protection will be a problem.
    I've never seen NAV (or any other) cause a problem with OE or Outlook
    while doing real-time email scanning. I know that it's caused problems
    for people (based on Usenet reports), but I've never seen it.
    Sorry, while I've seen the reports myself, I've not experienced it in
    the 28+ years I've been using computers (yea, norton was not around back
    then). Norton has always uninstalled on every system without a problem,
    same for Symantec - talking ONLY of AV products.
    I've not had this experience, and we've got 1500+ systems running
    Symantec Corp or NAV (2003+) on them.
    Norton AV and Symantec AV seem to remove the application just fine for
    us. While I don't really care if they leave traces in the Registry, I
    have not found any uninstall to fail yet.
    Sorry, Symantec/Norton have not caused any problems with the kiddies
    that use P2P apps, not caused any other problems with their AV products
    that I know of, so I don't see the DRM issue at all.

    If you want to worry about DRM, check the new laws that are specific to
    HDTV Signal Retransmission.
    Well, I've not seen Symantec / Norton Add anything unwanted to my
    systems, please be specific about what you have that you didn't want.
    While I understand your concerns, I don't see how this applies to Norton
    AV, it works on a marginally maintained system, works well, and is as
    good as any of the others, better in most all cases, and is easy to
    understand and use.

    I can make this statement - I've never had a system running a Updated
    version of Norton AV or Symantec AV that was compromised. I can not make
    that statement about McAfee or AVG as I've had machines compromised
    while running those products with updated definitions.
    Leythos, Jan 2, 2006
  15. John (Zi Rong) Low

    Charlie Tame Guest

    Whilst I do not question your observations (and already gave my view on why
    I think you see what you see) I have to say that my own more limited
    observations are in almost absolute conflict. I have not seen an ordinary
    user machine with NAV on it that hasn't suffered infection (That's usually
    why I get to see them after all so I am not saying all do get infected).
    Same goes for McAfee, and the chief reason for this seems to be repeated
    update failures which confuse the user. Where the user has been advised (by
    someone else) to try reinstalling the usual result is all hell breaking
    loose with bits left over, bits working and absolutely nothing one can rely
    on. Most assuredly part of this is user ignorance (and I mean that in the
    nice way) but the same users have far fewer problems and bug me much less
    when the free AVG is installed and just left to get on with it.

    I agree with your assessment of the corporate version based on my similarly
    limited experience with it, so please do not consider this discussion to be
    an attempt to "Win" some argument, it is simply interesting that what works
    for you seems to let so many others down. I can only offer my opinion just
    as you do :)

    Charlie Tame, Jan 3, 2006
  16. John (Zi Rong) Low

    Leythos Guest

    I agree, it's always good to see what others experience so that I can
    second guess my own experiences and see what the difference is so that I
    can learn about what may come or not.
    Leythos, Jan 3, 2006
  17. Yes; "it CAN'T be a virus, we have NORTON AV" is a standing joke here.
    That's in keeping with Leythos' assertion, in that these weren't
    updated versions of the av in question.

    More to the point is the chicken-and-egg question: Were these PCs
    infected because they were not updated, or could these PCs not be
    updated because they were infected?

    The latter is a common presentation - often, resident av on an
    otherwise at-risk system functions like a canary in a coal mine; you
    know you are in trouble because it falls over and dies.
    Re-installing what - the av, or the OS?

    A malware that knocks out an av's ability to update itself, is
    unlikely to sit around allowing you to re-install the same av.
    "Just re-install" is not a substitute for malware management :-/

    Don't pay malware vendors - boycott Sony
    cquirke (MVP Windows shell/user), Jan 3, 2006
  18. John (Zi Rong) Low

    Leythos Guest

    Since the same systems with current AV definitions had already detected
    and Quarantined the same virus during the same date range, it appears to
    me that the lack of definition updates cause the AV product to Miss the
    new virus, while the other machines were protected with their updated
    I agree, in the case of machines that are compromised, we may take our
    personal time to clean them as a learning experience, but we never
    return them to the customer as "cleaned", we always wipe/reinstall from
    scratch (the OS and APPS).
    The only true way to ensure that malware has been removed is to
    wipe/reinstall the OS and APPS. While this is a hard-line to take, it's
    the only true way to ensure that the system is clean at the time it's
    Leythos, Jan 3, 2006
  19. John (Zi Rong) Low

    Charlie Tame Guest

    Okay, I meant reinstall the AV to fix it, but this doesn't seem to work too
    well if there are bits left over since things like settings tend to hang
    around and thus it remains "Broken" if that is where the problem was.

    However from what I have seen NAV and McAfee are often installed by OEM's,
    Vendors, or included on ISP set up disks because they are "Famous" names and
    it looks like you are getting a good deal... kinda like the TV ads that
    proclaim "We'll also send you product "X", a $50 value" when in fact it's
    quoted value is purely arbitrary. To you it might be worth nothing :)

    In such a case the user is generally ill informed and believes that the
    original install is a lifetime thing, so they will believe paid for
    "Updates" to be some new software, not an essential detection device. 2
    years later they virus comes along and they can't understand how it got past
    their system.

    It is therefore my opinion that Leythos' observations are much more to do
    with either the user base themselves or the fact that they are better
    "Educated" as a result of his efforts. Either that or they are too damned
    scared to admit problems due to getting their machines back "Wiped" a few
    times :) (Sorry, couldn't resist that).

    I also agree that the Corporate edition is vastly superior, in fact it
    appears to be a different animal altogether, and that NAV on it's own is far
    more stable than the all things to all users packages.

    As for judging a product by update frequency it is not really a good way to
    do it. One could arrange for daily updates where little changes or weekly
    ones that provide lots of new protection. With AVG the frequency of checks
    is user defined AFAIK, how often the updates actually change I have not
    studied but they seem pretty frequent.

    Charlie Tame, Jan 4, 2006
  20. John (Zi Rong) Low

    Mediamon Guest

    Can you specify the differences?

    It seems that support for NAV 2003 has just ran out as I found Symantec
    does not offer a fix for the recent RAR issue, whereas they do for NAV

    Because of this lack of bug fix support I'm contemplating upgrading two
    machines, a PII-333 W2K SP4 box and a PII-300 Win98SE box both with 256MB
    100MHz SDRAM) to a new version of NAV. But I'm not sure how the newer NAV
    06 versions will perform on these older boxes. NAV 03 Pro runs fine on
    the W2K box and is a tad sluggish on the W98SE box, but I can live with
    it, but don't want to run any slower.

    Appreciate any advise.

    Mediamon, Jan 4, 2006
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.