What do you consider to be the best antivurus program out there?
I ask this because i'm using McAfee total protection and the viruses just keep coming in so I'm looking for a new one
I'm thinking panda antivirus, it's been advised to me b4 but i've never tried it
Maybe i should also download ad-aware?
This ain't from personal experience, but from what I've read, the best one out there would be NOD32 AV by ESET. Very fast, and high detection rate. They've also streamlined the interface in their newest versions so to make it more usable for the general public. (Completely internet security suit is also available).
They're expensive though. Kaspersky is on about the same level. Slower scans though, but possibly easier interface to work with.
Side note- I'm addicted to ZoneAlarm. Not because of the firewall (heck, I don't think I need it here), but because of the red and green traffic indicators. I need to know what and how much traffic's going out.
If it's not Isuzu-chan Mii~
Kapersky: Strongest free/trial antivirus with best catch rate, larger system footprint. Often catches stuff you know for a fact is not a virus (incl. some legitimate programs), hence the "best" catch rate. Overdoes it.
Avast: Currently the best of the free antivirus programs, moderate footprint, good protection, ad supported, loud and noisy (but all of the sounds can be disabled)
Panda: I have had pretty bad experiences with this antivirus, but it is good for really out of date systems that can't handle the newer ones.
AVG Free: A little heavy at times, the more useful scheduling only in pro edition, version 8 took a light, free quality antivirus and made it oppressive and bloated. Not recommeded anymore.
(ESET) NOD32: Lightest system footprint for strong antivirus protection it provides, good catch rate, excellent database of viruses, expensive license (60 USD).
F-Secure: Good antivirus paired with a powerful firewall. Has found a lot of things the trial/free antivirus programs couldn't. Larger system footprint. Still couldn't find the nasty self-replicators though when I used it.
Symantec: Bloated, mediocre catch rate, severely overpriced, mediocre firewall (ZoneAlarm is free and does better), huge system hog. Drain on your computer, waste in your wallet.
McAfee: Mediocre, smaller system drain than Symantec, but worse catch rate.
Btw price is not a problem here since i'm not gonna pay for it anyway...
we have symantec enterprise at work and apparently it sucks because i've had to manually delete 2-3 annoying spyware/virus in the past 3 or 4 weeks.
one was kind of interesting, the owner had somehow not gotten any updates for well over a year and she had this irc bot virus running on her system and had her logged into a #sex channel, which was a great conversation piece w\ the owner of the company i work for.
If price is not an option (very rare in conversations about anti-virus clients) don't even think about it. Get NOD32.Originally Posted by The Archangel
NOD32 is indeed the best Anti-virus software on the list, I've using it for 3 years and it hasn't fail me yet. One thing to note though, NOD32 is not the best at catching spyware or malware so it might be wise to get a good anti-spyware if you plan to use it.
So i got ESET NOD32 Antivirus and it has worked great so far but i'm worried that it doesn't come with a firewall, i'm currently using windows' firewall.
Any advice on what i should get for a firewall? I'm looking for something good but that doesn't bother me much with settings and memory usage.
Do you have a router or a modem router with either NAT or SPI firewall. All modern and good (ie, not some cheap brand your ISP might endorse) should have it. If you do, it's not so important, since hardware firewalls block pretty much all types of entries anyway.
If you want a free firewall, I'd recommend Zone Alarm. It's not "light" per se, it's using 55MB or RAM right now (Internet suit edition). I've never tried any other firewall, so I don't know how they rate on the energy scale.
As for settings, I've always put mine on "ask me about everything", so whenever a program changes on an update or when you install something new, you'd get quite a few alerts until you teach it what to do about them. There's a learning mode which I've never used, but it monitors your computer and "learns" about what it should bother you about.
Main reason I'm using it is because I used it in the past, and I'm addicted to reading how much and what kind of traffic is entering/leaving my system. (The little icon in the sys tray has upload (red) and download (green) bars to show this)
Anyway, see what all the other guys have to say, since I've never tried other software firewalls to give an overall picture.
(Reiterate: If you've got a hardware firewalled router, the software one is only useful for blocking LAN peers or people on an unsecured wireless network. Windows Firewall does a good enough job at that. I'm only using mine for the bars.)
And I'm jealous you've got NOD32
Last edited by Buffalobiian; Sat, 11-01-2008 at 08:20 PM.
If it's not Isuzu-chan Mii~
From what i know, NOD32 is not so good, it integrates too much with OS, but its really light and decent pc can handle scan and smooth high-end game.
Kaspersky/Gdata Antiviruskit(its kaspersky and other scanner integrated together) are too sensitive, and detect some stuff that are not viruses.
AVG, it's pretty good, but you know - it was better before some updates.
As i see you suggest nod32, well it failed me 4 times... in a row. and 3 of 4 times i hadn't got a system disc image backup.
For secure firewall i suggest any hardware firewall(router).
My last advice is - make 2 partitions, system one(like 20gb) and the rest, and just after installing windows do disc backup(clonezilla is free open source tool for this), and after installing drivers do another backup. then you got one backup in case you upgreade your hardware(fresh install), and the backup for restoring in case of viruses, because they mostly infect system disc. After that i suggest to scan your drivers with some anti-virus and anti-spyware software(great collection of disk img, anti-spyware/cirus and other tools is called "Hiren's Boot CD" <- just record one on CD-RW).
Number of works of fiction that made me shed at least one tear: 3Thou seeketh soul power, dost thou not?TOX: 33524385841A92B08787EEBEBA2DB51ED293C4F15A2E292F3F C92165E82388281433A77EA8FE
NOD32 fail you 4 times in a row? wow that's pretty amazing in a sense.
I'm curious as to how this happened.
do you use Firefox or Internet explorer for your web browser? These 4 failures in a row, was that over a long period of time or just a short one like say under 6 months?
NOD32 has never failed me, very reliable.
Can we stop acting like he's not pirating this program? Money isn't an option for him for a reason.
"They call it 'The American Dream' because you have to be asleep to believe it" - George Carlin
...yeah, possible. Or maybe family may be paying for it, and just got him to find out which is the best. Who knows.
I've read somewhere that getting VB100 awards doesn't accurately reflect real-life performance and security. That's as far as I understood though. VB100 awards is what ESET boasts most about NOD32.
On the other hand, I've had a friend who lived at my place who had Kaspersky, and I never heard of him getting a false positive. AVG on the other hand, has give me several. One time it thought Zone Alarm was a worm
@Archie: I forgot if I answered your question before about wireless internet connection, so I'll address it again.
A) If you use a wireless internet connection, ie no phone cables, connection is on air, that's no different than a normal internet connection regarding security. As long as the modem/router's got a hardware firewall, you're covered from internet invaders. If you're unsure, check the model on the brand's website. You can always post the model number here if you're still lost.
B) If you use a wireless LAN connection, ie no cable connects your computer to the router/modem, you should still be fine as long as the router's firewalled, and you've got WPA or better as your wireless encryption (WEP does NOT count, you can download tools designed to hack WEP in no time).
What a software firewall would help you with is against other people on your LAN, or for example, if you frequent airports with unsecured Wi-Fi. However, if you plan to use a firewall for your home network as a a protection against hacking, hardware firewalls are all you'll need.
Hardware firewall
To qualify for sufficient hardware firewall protection, it should provide the following:
1) NAT (Network Address Translation) security - To the people on the internet, your router is the only computer that's accessing the internet. It's got an external IP that others can see. Every bit of data is sent to the router as if it's the computer that requested it. That's the case whether you have 1, 2 or 50 users at home sharing the internet.
What your router does is act as its own IP server (aka DCHP server), and gives out internal/LAN IPs to people in the house. All the information received from the internet is interpreted by the router. It figures out which computer sent or requested the data, and bounces it to the relevant local computer.
Basically, with a NAT firewall, others on the internet should not be able to see you directly, as your router rewrites all the packet headers of your computer before it lets them out. Your local IP only works for local computers, and from the outside, it seems like your router is the sole computer doing all the activity.
If you don't have NAT, or disabled it, people can see your computer directly. You should then get a software firewall.
2) SPI (stateful packet inspection) feature: SPI functions as a check for packets handled by the router. In short, it checks for packets to see if they belong to a valid session. For example, if you're browsing Gotwoot, it sees packets from associated with forums.gotwoot.net as legitimate, since the user accessed it. Meanwhile, if a hacker decided to have a go at you, his packets, originating from 203.197.X.X on someISP.com.jp, it would not be legitimate, since your session/activity has nothing to do with that address. Your router discards the packets. Note: SPI firewall checks for packets according to a valid session, not content.
You should have both SPI and NAT enabled, unless you've got a crap router, or you've got special circumstances. In that case you should know what you're doing
Additional info: DPI (Deep Packet Inspection) is another method used by firewalls. These firewalls don't check for where the packet came from, (that's what SPI firewall's for), but rather, scans the packets for content. In that sense, it's more for antivirus/antispyware protection, as it checks for malicious content.
DPI isn't required for anti-hacking functionality. SPI and NAT are what you should check for.
And since you use a wireless LAN (I'm assuming)
Wireless LAN security
Things you should be aware of:
1) Encryption: I've gone over this before. In short, use WPA or WPA2. Don't even bother with WEP, of any strength. I'll go through why after I've explained the rest.
2) hidden SSID: A hidden SSID means your wireless your wireless network doesn't show up when you (or other people) perform a "scan for local wireless networks" action. You need to know the name to get it. However, this feature is easily compromised with a packet sniffer. If you use WPA, this protection is insignificant. Use it simply for the sake of it, and so people don't know the wireless network exists (for non-hackers), so you've still got some sort of security left if you needed to disable WPA temporarily. However, some things don't like hidden SSIDs. From experience, Vista keeps disconnecting when I used it.
3) MAC address filtering: Router checks the MAC address of devices connected, and only allows connections from valid machines. Again, easily compromised with a packet sniffer. All it takes is to monitor the wireless activity, see which MAC address are "valid", then copy and paste it as your (hacker's) network card, and "tada", you're suddenly valid. Again, this shouldn't matter if you've got WPA.
Bottom line: If you've got WPA/2, that's all you'll need. Features 2 and 3 are insignificant, and are more an inconvenience than a protection.
If you've got old hardware, and can only use WEP (happens if you've only got 802.11b), then enable MAC address filtering, make your SSID invisible, and leave the network unencrypted.
MAC filtering and hidden SSID will be enough to ward off any curious neighbours and non-hackers. Anybody good/smart enough/pissed off enough to read up how to get past both these should know how to break WEP in under half an hour anyway, so just disabled WEP for added performance. (You'll need it if you've still got 802.11b)
You probably knew all that already Archie, but I was bored, so.....
To check your protection against hacking, go to Shields Up, and perform a test for "all service ports"
I second Xelbair's partitioning method. Lots of users who've had serious virus problems use that. I've heard of a slight variation though:
Partition 1: system files AND program files
Rational: virus tend to infect system files and C:\documents and settings\User files. However, programs install themselves into system subfolders too, and some won't work if you've restored a backup prior to your program install. Installing both into one partition and backing up both works around this problem.
Problem is, of course, it only works like this until you've filled up that partition. So if you've underestimated your max usage, or simply installed that much stuff, you'll have to install stuff to a second partition, and the problem arises again.
Partition 2: Data/Media and My Documents
A separate partition for your media files as well as a place to store all your documents. As the name suggests, users who use this method store all their personal files (my documents, my pictures etc) here instead of the default under C:\. This is so you can restore your Parition 1 without wiping out all your important stuff.
Last edited by Buffalobiian; Tue, 11-04-2008 at 06:38 AM.
If it's not Isuzu-chan Mii~
Those failures were in really short time range(like 1 week), and i use firefox since 5 years ago.
I totaly agree with Bill, never under any circumstances use wep. peroid.
As for saving data on partitions, if your pc gets infected, just go into safe mode and copy important stuff on other partition. I'm lucky guy - even in case my pc wont boot i can plug my disc onto one of my parent's pc or my friend's one(1 floor lower than me) and move my data.
For programs to prefer to install them on my data partition/separate partition. most of them works without reg keys so i wont have to reinstall them, only exceptions to this rule are IM(not worth saving imo) and programs that require reg keys to run(3ds max etc).
Number of works of fiction that made me shed at least one tear: 3Thou seeketh soul power, dost thou not?TOX: 33524385841A92B08787EEBEBA2DB51ED293C4F15A2E292F3F C92165E82388281433A77EA8FE
Okay, read up on some more info.
VB100 tests for old, or known viruses and their variants. Basically, it tests for AV database and signature based testing. AVs that have an excellent database, such as NOD32, excel at these tests. Engines based on heuristics, not so.
In other words, VB100 tests test for one area of virus detection technology, but by no means translates solely to real life security performance.
Tests that chuck a bazillion samples of varying types of malware, regardless of detection method, should give a more accurate picture of real-life virus detection capability.
Latest results from such tests:
AV-tests
AV-Comparative
I'm trying to decide myself whether to stay on my AVG-free or go back to the Zone Alarm antivirus on my ZA Internet Suit. From what I know, it's running a version of the Kaspersky 6 SDK engine. Not quite as good as their current one, but better than the current AVG possibly.
But then I'll have to read up on all the issues the latest ZA client has
(Last time I switched on ZA's antivirus ~2 years ago, the hourly update keep stealing your focus, which is just plain stupid when you're playing games. I don't know if they've fixed this issue yet.)
If it's not Isuzu-chan Mii~
I'm trying to do a bit of research myself, trying to pick one of these options:
1) AVG free - currently using
2) Antivir free + Spyware Doctor Starter edition
3) ZoneAlarm Internet Security.
I've already got ZA, just that I've disabled the AV for AVG since 2 years ago, Mind you, back then ZA was using the CA antivirus, which is quite an appalling AV app. The current ZA antivirus engine is a built on the Kaspersky SDK, so it's slightly inferior in therms of functionality, but not definitions. (Still, it translates to a smidget lower hit percentage).
What's making it hard is everybody's reviewing the paid versions, people assume ZA's AV is my Kaspersky, so "it must be the same", while others just don't have any credibility at all.
If it's not Isuzu-chan Mii~
AVG 8 is bad with Vista, if you have Vista.
XP-32bit here, but I'll keep that in mind. Thanks.
If it's not Isuzu-chan Mii~
I haven't tried AVG 8 with XP, only the earlier version. But with Vista, AVG 8 does some shit that prevents you from downloading. It does the full download, but then erases the file for some reason.
This also happened recently:
http://www.dailytech.com/Update+AVG+...ticle13407.htm
Interesting. I guess I'm lucky they fixed it by the time mine did a daily update. Then again, I tell it to ask me about everything. I happened to miss the OS 2.49? update for the PS3 as well, which had something like a 50% chance of bricking your PS3 once installed.
I've found a few useful tools for those who want to cross-reference suspicious files, or check for false positives:
Many commercial AV companies these days host file scanners on their websites for free, like ESET or Kaspersky, but with these you're only testing it against one source, let alone the tiny filesize limits, 1MB in Kaspersky's case.
So here's some alternatives:
http://virusscan.jotti.org/
-10MB limit, scans files against ~20 commercial antivirus engines and generates a report immediately after upload. Definitions updated hourly
If the 10MB limit is giving you a headache, attach your file and send it to scan@virustotal.com, making sure you put the word SCAN in the subject header. Results will be emailed back, with response time varying with server load. Files larger than 20MB will be rejected.
If it's not Isuzu-chan Mii~
Posting Permissions
Reply With Quote
