Which of the following do you recommend for anti-virus ware?

Discussion in 'Virus Information' started by rubyjack, Oct 26, 2007.

  1. rubyjack

    rubyjack Guest

    I have the following choices to install as anti-virus ware/suite (my
    NortonWorks is expiring). The price ranges from $0 to $40 to install (all
    legit, I have some on hand).

    Norton SystemWorks
    Norton 360
    MacAfee 2007
    Panda 2007
    Kaspersky 6.0

    Your help would be appreciated,
    Dan Hacker
     
    rubyjack, Oct 26, 2007
    #1
    1. Advertisements

  2. rubyjack

    RJK Guest

    Synmantecs' Norton has for sometime has been called bloatware, and if you
    don't mind the significant system-slowdown that comes with it - it's quite
    good. Another Norton minus, in my view, (in previous versions of Norton at
    least), is that one ends up with TWO trusted sites lists to maintain, one in
    IE, and one in Norton firewall !!

    For many years in the past Mcafee VERY often caused nightmares i.e. it was
    often very intolerant of most of the myriad OS/software mixes it found
    itself installed into. (...dunno if that's true nowadays - Mcafee was so
    awful - years ago - I've never revisited it), ...having said that I've
    always been grateful for their free a/v CLS.
    Panda, ...same as Norton, quite good but, really slows down, (even fast),
    systems.
    Kaspersky, lots of people rave about it - I found it nothing but trouble -
    a year or so ago I tried their internet security suite in several systems
    that were clean, tidy and well maintained. Kaspersky refused to perform on
    all of them i.e. caused, lock-ups, crashes ...never got on well Kaspersky at
    all. ...again, ...quite good free CLS from Kaspersky though :)

    AVG free (anti-virus only), is really good, minimal impact on system speed
    and overhead, not quite as good a detection rate as NOD32 and others but,
    one has to pay for NOD32 :-(
    AVG anti-spyware is really good, (I pay for that), ....though Windows
    Defender has to date, intercepted everything nasty heading my way before it
    got anywhere near AVG anti-spyware !! ...and so many out there keep
    criticizing Windows Defender !!
    ....Zonealarm free firewall is VERY good but, occasionally one has to fight
    with it.
    PrevX, mentioned (negatively) in here http://tibbar.blog.co.uk/ (made in
    the UK) is quite good, it's advanced heuristics detection is quite good but,
    as with ALL a/v/ a/malware software it often misses things !!
    ....Spybot Search and Destroy (and the Teatimer realtime scanner help - ),
    ....in a highly unusual fit of generousness, (is there such a word), a couple
    of weeks ago, I donated £15 to Spybot S&D !!!

    ....I could go on and on and on but, won't !
    ....everybody has their own preferences :)
    ....and however good your "multi-layered" approcah to internet defences, and
    despite ones best efforts in "hardening up" a PC for internet use, (which is
    of course attempting the impossible by trying to strike a balance between
    safety, (crippling almost everything), and {usablility which often equates
    into the the owner allowing in something nasty} !

    regards, Richard
     
    RJK, Oct 26, 2007
    #2
    1. Advertisements

  3. If you are going to dump Norton,Add+Remove doesn't always work very
    well. You may need to download their cleanup tool. I have heard good
    things about Kaspersky. The others,I have tried and thought that they
    seemed to take over ownership of my system. I like to keep things
    simple. The free version of AntiVir works well for me. It has a very
    good detection rate and seems light on resources.If you are going to
    use a paid-version AntiVirus,NOD32 would be my choice hands down. You
    should try using a more secure email client and browser(Thunderbird
    and Firefox come to mind). Prevention is the key here. I have written
    some pages that might be helpful(see below)
     
    Max M.Wachtel III, Oct 27, 2007
    #3
  4. rubyjack

    Virus Guy Guest

    Which one is the least likely to be neutralized (de-activated) by the
    Storm virus?

    It's not good enough these days that an AV program detect malware.

    It must be hardy enough to withstand deactivation attempts by malware.

    And which of those AV programs can gain enough control to actually
    delete or quarantine viral files?
     
    Virus Guy, Oct 27, 2007
    #4
  5. rubyjack

    3Cat Guest

    Avast is free and pretty good.
    http://www.avast.com/eng/home-registration.php
    AVG is also free and good comment in market. http://free.grisoft.com/doc/1

    I used Norton before but expensive and not well protected, I changed to
    NOD32 now (my Notebook) and Avast Home (free) for my Home Desktop.
     
    3Cat, Oct 27, 2007
    #5
  6. Windows OneCare: http://onecare.live.com/standard/en-us/default.htm

    --
    Carey Frisch
    Microsoft MVP
    Windows Shell/User

    ---------------------------------------------------------------

    I have the following choices to install as anti-virus ware/suite (my
    NortonWorks is expiring). The price ranges from $0 to $40 to install (all
    legit, I have some on hand).

    Norton SystemWorks
    Norton 360
    MacAfee 2007
    Panda 2007
    Kaspersky 6.0

    Your help would be appreciated,
    Dan Hacker
     
    Carey Frisch [MVP], Oct 27, 2007
    #6
  7. rubyjack

    Leythos Guest

    One Care is not even close to a viable protection product for anyone
    that has a clue about security.

    --

    Leythos
    - Igitur qui desiderat pacem, praeparet bellum.
    - Calling an illegal alien an "undocumented worker" is like calling a
    drug dealer an "unlicensed pharmacist"
    (remove 999 for proper email address)
     
    Leythos, Oct 27, 2007
    #7
  8. rubyjack

    RJK Guest

    mmm! I though I'd have another go at this one :-

    Symantecs' Norton has for sometime has been called bloatware, and if you
    don't mind the significant system-slowdown that comes with it - it's quite
    good. Another Norton minus, in my view, (in previous versions of Norton at
    least), is that one ends up with TWO trusted sites lists to maintain, one in
    IE, and one in Norton firewall !!

    For many years in the past Mcafee VERY often caused nightmares i.e. it was
    often very intolerant of most of the myriad OS/software mixes it found
    itself installed into. (...dunno if that's true nowadays - Mcafee was so
    awful - years ago - I've never revisited it), ...having said that I've
    always been grateful for their free a/v CLS.
    Panda, ...same as Norton, quite good but, really slows down, (even fast),
    systems.
    Kaspersky, lots of people rave about it - I found it nothing but trouble -
    a year or so ago I tried their internet security suite in several systems
    that were clean, tidy and well maintained. Kaspersky refused to perform on
    all of them i.e. caused, lock-ups, crashes ...never got on well Kaspersky at
    all. ...again, ...quite a good free CLS from Kaspersky though :)

    AVG free (anti-virus only), is really good, minimal impact on system speed
    and overhead, not quite as good a detection rate as NOD32 and others but,
    one has to pay for NOD32 :-(
    AVG anti-spyware is really good, (I pay for that), ....though Windows
    Defender has to date, intercepted everything nasty heading my way before it
    got anywhere near AVG anti-spyware !! ...and so many out there keep
    criticizing Windows Defender !!
    ....Zonealarm free firewall is VERY good but, occasionally one has to fight
    with it.
    PrevX, mentioned (negatively) here http://tibbar.blog.co.uk/ (made in
    the UK) is quite good, it's advanced heuristics detection is quite good but,
    as with ALL a/v/ a/malware software it often misses things !!
    ....Spybot Search and Destroy (and the Teatimer realtime scanner help - ),
    ....in a highly unusual fit of generousness, (is there such a word), a couple
    of weeks ago, I donated £15 to Spybot S&D !!!
    Lavasoft Adaware (not to be confused with "adware"),

    ....I could go on and on and on but, won't !
    ....everybody has their own preferences :)

    However good your "multi-layered" approach to internet security, and
    despite ones best efforts in "hardening up" a PC for internet use, (which is
    of course attempting the impossible by trying to strike a balance between
    safety, (crippling almost everything), and "usablility,"
    that "multi-layered" approach is often thwarted and ruined by the owner of
    that PC !!

    regards, Richard
     
    RJK, Oct 27, 2007
    #8
  9. I've been running Windows OneCare on three different
    computers for over two years now. No viruses, no spyware,
    and no malware has entered any on my PCs using OneCare.

    --
    Carey Frisch
    Microsoft MVP
    Windows Shell/User

    ---------------------------------------------------------------

    :

    One Care is not even close to a viable protection product for anyone
    that has a clue about security.
     
    Carey Frisch [MVP], Oct 27, 2007
    #9
  10. rubyjack

    RJK Guest

    ....that's because you've probably been practising safe-hex :)

    regards, Richard
     
    RJK, Oct 27, 2007
    #10
  11. rubyjack

    Virus Guy Guest

    Norton Anti-virus started to become bloatware with version 2003.
    Prior versions were pretty good. I continue to use NAV 2002.
    Something that most people don't realize is that the older versions of
    NAV (like 2001 and 2002) will update themselves the first time you run
    them after installing them. Updates to NAV include virus definitions
    as well as updates to the scan engine, allowing the old versions to be
    identical to the new versions at being able to detect malware.

    But generally I don't see AV software as the front-line defense that
    it was say 3 years ago. Because of polymorphic viruses, as well as
    the new versions of Storm that can de-activate your AV software
    without it being obvious to you, AV software is becoming irrelavent as
    a first line of protection.

    The best use of AV software today is to use it as a system scanner
    that you boot from a CD to periodically scan a hard drive.

    Forget continuous, real-time interception / protection. Today's AV
    software is not capable, or robust enough, for that job.
     
    Virus Guy, Oct 28, 2007
    #11
  12. rubyjack

    Virus Guy Guest

    How do you know?

    How do you know if an AV product is working?

    Just because it keeps telling you that there is no malware on your
    system doesn't mean you don't actually have malware on your system.

    The polymorphic threats out there (like storm) have been deactivating
    AV programs for 2 or 3 years now.

    And if you really don't have any malware on your system, don't credit
    your AV software. The reason you don't is because you patch your
    system as soon as the patches become available.
     
    Virus Guy, Oct 28, 2007
    #12
  13. rubyjack

    RJK Guest

    ....above this post a little, you said that you are yourself using an older
    version of NAV,
    ....here on this part of this thread - you pointed out that viruses like
    "storm" have been deactivating AV programs,
    ....so you are aware of this danger, and yet you are using an ancient a/v
    program !
    ....this is a almost a contradiction !! ...(and I mean that in a warm, kind,
    loving way !!!)

    ....malware that's programmed to deactivate AV software is just one of the
    reasons that many major AV application software vendors, (like AVG), are
    continually modifying their core files !

    ....and this is one aspect of the "preventing malware / multi-layered
    internet security approach," that's being utilized by people who are
    interested in the subject, and are often the same people who try to help
    others with anti-malware procedures / ...i.e. that "multi-layered approach."
    That includes lengthy experimentation to determine which anti-malware
    software applications will happily coexist in the same machine. e.g. we all
    know that it can be very problematic to have more that one "real-time" a/v
    scanner and/or other malware scanner all running at the same time. Though,
    (after LOTS of trial and error), I have, at the moment, a LARGE number of
    anti-malware programs running, all use a real-time scanner module, almost
    all are using signature databases and heuristic detection algorithms,
    ....none are interfering with each other - or any other software in my
    machine, (one has to keep any eye out for scheduled scan "time of day"
    coincidence / clashes), And they are not placing a discernable load on my
    system.

    It does get a bit boring switching them all off, or suspending them, prior
    to making any system changes, such as installing or uninstalling software,
    ....including drivers !

    regards, Richard

    ps I will not divulge how large "LARGE" is ! ...howzat for grammar ?!
     
    RJK, Oct 28, 2007
    #13
  14. rubyjack

    Virus Guy Guest

    I manage about a dozen PC's. On most of them, I either have NAV 2002,
    or Symantec corporate (version 8 I think). I've only ever paid for 1
    copy of NAV 2002, and that was at a swap meet in 2003. The Symantec
    Corporate installations are pirated.

    On my own 2 PC's, I've allowed my NAV 2002 to expire (I've uninstalled
    them to stop them from nagging me about their expired status). All it
    takes to re-activate them is to copy the file "catalog.livesubscribe"
    from any of the other systems that haven't expired yet.

    I also run a real time registry monitor made by "The Cleaner" (also a
    bootlegged copy).
    The age of the program is not relavent - and might even be an
    advantage. The Storm "thing" has a built-in list of process names
    that it looks for. Using an old (ancient) piece of AV software might
    be an advantage - assuming that the same process name isin't being
    used in more modern versions. And even though NAV 2002 is old, it
    updates itself via Symantec's "LiveUpdate" with the most current virus
    definitions and scan engine.
    What they need to do is give their program modules different names
    (random process names) so that things like Storm can't identify them
    at run time.
    I run win-98 on my systems. That's the most effective "layer" going
    (besides running Linux or Mac OS I guess).

    It's a lot harder to run a root-kit on Windows 9x, and it's a way
    easier to identify, and delete malware on a win-98 box (fat-32 makes
    things easier compared to NTFS). In the 8 years we've been running
    win-98 on most of our systems, I think there have only been 2
    infections, and those were prior to 2004. In fact, our win-98 systems
    were directly facing the internet (no firewall, no NAT router) up
    until the end of 2005 and none were ever hit with a network worm,
    port-scan, etc. We've had about 1/2 dozen occurrances of malware on
    our handful of NT and 2K machines over the same time frame.
     
    Virus Guy, Oct 28, 2007
    #14
  15. "The Symantec Corporate installations are pirated."
    Am I missing something?
    Or are you admitting to theft?
     
    Jupiter Jones [MVP], Oct 29, 2007
    #15
  16. rubyjack

    RJK Guest

    I'd rather argue with him about, (paraphrased a little:), "the age of the
    A/V programs isn't relevant but, I don't think it would do any good."
    e.g. AVG seem change their *.DLL contents and filenames almost as often as
    they supply signature pattern updates, ...e.g. my firewall often rediscovers
    AVG itself "trying to get out" after several 'signature only' updates :)

    ....I feel that my argument is already partly won because his, (IMHumbleO),
    flawed methodology, and views, has already got his systems a virus or two !
    :)

    regards, Richard
     
    RJK, Oct 29, 2007
    #16
  17. rubyjack

    Leythos Guest

    Why - Symantec Corp AV for Workstations and Servers 10.2 can be
    purchased in as little as 5 CAL.

    Being an unethical hack and then telling people about it is a way to
    have no one listen to you again.

    --

    Leythos
    - Igitur qui desiderat pacem, praeparet bellum.
    - Calling an illegal alien an "undocumented worker" is like calling a
    drug dealer an "unlicensed pharmacist"
    (remove 999 for proper email address)
     
    Leythos, Oct 29, 2007
    #17
  18. rubyjack

    Virus Guy Guest

    What's a CAL?
    That's up to you. You can do a lot worse than using the odd piece of
    software without paying for it. And being "unethical" is not the same
    as being unknowledgeable.
     
    Virus Guy, Oct 29, 2007
    #18
  19. rubyjack

    Leythos Guest

    Forget how to use google? Client Access License.
    Yea, it is, it shows that your willing to do the wrong thing because of
    your lack of ethics - it makes everything you say/suggest questionable
    and suspect.

    --

    Leythos
    - Igitur qui desiderat pacem, praeparet bellum.
    - Calling an illegal alien an "undocumented worker" is like calling a
    drug dealer an "unlicensed pharmacist"
    (remove 999 for proper email address)
     
    Leythos, Oct 29, 2007
    #19
  20. rubyjack

    Virus Guy Guest

    Ok, if AVG is a moving target, good for it. I'm not saying that's not
    (I've never owned or used AVG).

    Based on the writeups for Storm, there seem to be lots of anti-malware
    products that don't change their process names.

    (tangent - some writeups say that Storm also turns off some P2P apps -
    anyone know why it would do that?)
    When you manage systems being used by a few monkeys, you can't always
    be watching over their shoulder...
     
    Virus Guy, Oct 29, 2007
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.