What anti virus software?

Home Forum Chat Forum What anti virus software?

Viewing 23 posts - 1 through 23 (of 23 total)
  • What anti virus software?
  • Premier Icon scholarsgate
    Subscriber

    A guy a work recommended this site as a good site for info. They run independent security tests against most well known av solutions and publish the results.

    druidh
    Member

    Microsoft Security Essentials

    uwe-r
    Member

    Thanks Scholar. The results on that site seems to fit with my experience where Kaspersky has done a decent job over the last 12 months. I will fork out the cost of another 12 months.

    Premier Icon Cougar
    Subscriber

    Kaspersky is one of the better paid-for solutions.

    Microsoft Security Essentials is still my go-to product though, and is free. And doesn’t appear to be on that list, oddly.

    I see little reason to pay for AV, above and beyond the misconception that if you’ve paid money for it then it must be ‘better’.

    sm
    Member

    With some online banking you can get this for free.

    mickyfinn
    Member

    Nice they only test products which they can get a kick back from selling.
    I’d still reccomend Security essentials over anything apart from Kaspersky and Sophos.

    Premier Icon kcal
    Subscriber

    Avast!

    free, seems to have caught dodgy stuff. Seems good enough for me.

    druidh
    Member

    uwe-r – if you are detemined to spend your moeny, then send me your Kaspersky renewal fee and I’ll send you a link to the MSE installation.

    uwe-r
    Member

    The Kaspersky program that I got free with my laptop is about to expire and I keep getting a message asking me to sign/pay up for a 50% discount.

    I have never paid for one before and it does seem to have kept it clean for the last 12 months. Previous PC was riddled with bugs after years of running free stuff.

    So is it worth paying up or am I better of with something else?

    Premier Icon Cougar
    Subscriber

    Nice they only test products which they can get a kick back from selling.

    I had a quick look at what they’re doing. They have a very specific set of criteria for what they’re classing as eligible for their tests. MSE is solely an AV product (which is one of the reasons I like it, it does one thing and does it well rather trying to be a “total Internet security” product full of guff no-one needs). I think it’s a bit like wondering why your favourite wine doesn’t appear in a good beer guide.

    IHN
    Member

    This also gives MSE a pretty poor rating, care to give your informed opinion Cougar?

    http://www.theregister.co.uk/2012/10/15/anti_virus_tests/

    I use MSE, by the way.

    mickyfinn
    Member

    As someone who manages 7000+ clients on Forefront (The corporate version of MSE) my opinion is no single product is infallible. Take a different sample set of Malware and run the same tests again and the results could and most likely would be vastly different.

    We migrated from McAfee to Forefront and the amount of undetected Malware which was caught during that process was astronomical, Yet McAfee scores higher in these tests and no they weren’t false positives!.

    Premier Icon Cougar
    Subscriber

    care to give your informed opinion Cougar?

    It depends entirely on what they’re testing. MSE is solely an AV product, nothing more. It’s very good at that but will fall down if they’re testing against things it just doesn’t do.

    The things it doesn’t do are generally covered in other areas. Hardware firewall at the router, Windows firewall doubling up this on the desktop; using common sense when dealing with unsolicited emails; using the latest version of your web browser; keeping Windows Updates current; and making sure that you’re using the latest versions of, or uninstalling, Flash and Java.

    Out of that lot, old, unpatched versions of Flash and Java are the single biggest source of Windows infections today, by a country mile. Scam / spam gullibility is probably second. Both of these are readily avoided without having to pay an annual subscription.

    my opinion is no single product is infallible

    Agreed. In a corporate environment, I think the best solution is generally to mix and match; so, have products from different vendors for your endpoint security, email scanning, perimeter defences etc. Sticking to a single vendor means that if malware gets past one there’s a good chance it’s going to get past them all.

    Take a different sample set of Malware and run the same tests again and the results could and most likely would be vastly different.

    This is true, and at least in part explains:

    We migrated from McAfee to Forefront and the amount of undetected Malware which was caught during that process was astronomical,

    Whilst I’m no fan of McAfee, the same thing may well have been true if you’d migrated the other way. Ie, Forefront picked up missed malware not necessarily because it’s ‘better’, but ‘different’.

    Premier Icon Cougar
    Subscriber

    The other thing to bear in mind of course is, the user experience.

    Times are changing and reviews / tests are now starting to look at this, but historically AV products were gauged solely on detection rates. The fact that it might well have ground your PC to a halt in the process has been roundly ignored, not least by vendors. Symantec (Norton) is a poster-boy here; it always used to top the detection charts, but out of the box it was a heavyweight application with unnecessarily aggressive default settings which just caned the life out of machines. I hold the unpopular opinion that it’s a very good product, it just needs setting up properly.

    Some products are very chatty. They pop up so many largely unimportant questions (“MSN Messenger is attempting to access the Internet!! Allow this? [yes/no]”) or ones that are impenetrable to most people (“System32.dll wants to access the Internet…”) that people stop reading what it says and just ‘yes’ the box. Which is great until it actually finds something you do need to block.

    Many are now “total Internet security” type products which pertain to protect you in all manner of ephemeral ways. More protection is better, right? The problem here is that a lot of what they do is unnecessary (you don’t need another firewall when you’ve got two already, for a start) or can be negated by safe computing practices, as I touched on above. Education is preferable to reliance on fallible technology. If you get a virus because you opened an executable file emailed from @yahoo.com">qrqppafvn123@yahoo.com pertaining to be pictures of Brittney Spears naked, the issue here isn’t AV failure, it’s a lack of forethought (and poor taste in women).

    Additionally, these ‘total’ products often cause more problems than they solve. By blocking network traffic and preventing from running any applications that they don’t understand, they end up creating weird, hard to diagnose issues. VPNs, Citrix connections, messenger programs and remote support programs all commonly (and silently) fall victim to overzealous security products.

    All of these points are part of why I usually champion MSE. It does what it says on the tin, and nothing else, with minimum fuss and minimum drain on system resources. I’ve yet to find anything that doesn’t work as it should because MSE is installed; I can’t say that of many others.

    IHN
    Member

    Cheers, all very interesting.

    and making sure that you’re using the latest versions of, or uninstalling, Flash and Java.

    What wouldn’t work if I did uninstall them? I must get Java updates once a week, they’re a bit of a PITA.

    Premier Icon Cougar
    Subscriber

    Flash and Java applications, largely. (-:

    Flash is used mostly by Internet video. Java applets crop up all over the place.

    There’s value in uninstalling every version of Java you have (there may well be several installed concurrently) and just installing the latest from Java.com.

    These days I’ve taken to installing Flash for IE only and using Firefox as my primary browser. Then Flash only runs when I specifically want it to, by falling back to IE when required (via the “IE Tab 2” extension). Not sure as I’d recommend it to everyone, but it works for me.

    Premier Icon leffeboy
    Subscriber

    All of these points are part of why I usually champion MSE. It does what it says on the tin, and nothing else, with minimum fuss and minimum drain on system resources.

    That. I also tend to use Chrome as it often warns when websites are infected before you even get near them. We had a very innocuous site that we sometimes go to infected recently (Nepalese embassy iirc) but Chrome just popped up a warning so we phoned instead.

    mickyfinn
    Member

    Cougar speaks lots of sense 🙂
    INH If you want extra protection from Drive by web attacks then the first step is to uninstall Java. There’s a fairly high chance if you don’t know you’re using it you aren’t. If a site launches a legitimate Applet you will get a popup telling you Java is running down in the systray (Beside the clock)
    Flash you probably are using so not ignoring the requests to update is key.
    In our last quarterly just under 70% of malware detected on our devices was attempting to exploit Java, around 10% was Adobe Reader (so keep that up to date too) the other 20ish% was a mix of windows vulnerabilities and other browser objects like Flash.

    Everyone is very quick to jump on the Microsoft aren’t secure bandwagon however since Win7 came about it’s more about the 3rd party vendors and their poor (I’m talking to you Oracle) Quarterly release cycle for critical vulnerability patching.

    While We’re on take a look at installing EMET as more and more Zero day attacks are appearing. AV Vendors can only work with what is known and the latency between outbreak and detection is growing.

    Premier Icon Cougar
    Subscriber

    Everyone is very quick to jump on the Microsoft aren’t secure bandwagon however since Win7 came about it’s more about the 3rd party vendors

    This. Absolutely, this.

    IHN
    Member

    What’s EMET?

    Premier Icon Cougar
    Subscriber

    Incidentally,

    A nice piece of additional protection is Spyware Blaster. It’s passive protection, ie, there’s nothing running all the time; it works by blocking access to websites known to contain malware.

    The auto-updating version is a paid-for product, but it’s free if you select manual updates (just remember to update it occasionally).

    mickyfinn
    Member

    http://support.microsoft.com/kb/2458544

    EMET is a complicated beast if you want to understand how it works. From a users perspective it intercepts unknown exploits by ‘wrapping’ itself around certain applications, Internet Explorer for example. It looks for common memory hijacking techniques used to execute malicious code, then if it sees something trying corrupt or modify code it kills the process. That’s a very simplistic view, There’s a good white paper on the MS site if you really want to get into the dirty of how it works.

    All of this technology is built into Windows, however it’s up to 3rd parties to opt into the mitigation techniques with their code. Most don’t, EMET forces them in with the caveat of potential compatibility issues. We’re in the process of testing at the moment and I’ve had no issues YET! If I find one I’ll modify what and how it’s protecting and test again.

    Microsoft Security Essentials,
    good one in this regard…results are good!!!

Viewing 23 posts - 1 through 23 (of 23 total)

The topic ‘What anti virus software?’ is closed to new replies.