best antivirus? [merged]

ganda · September 28, 2007, 12:05am

MorphOS REBOL post:95:

Well, believe it or not, I somehow feel able to live with those terms…

At least, better lingual expressions than before…

So, let’s never use the term “crippleware” again, ok? or, if, only relating to progs that, by self definition, deserve to be called like that…

I really think we should take care of what words we are using here… Maybe we are influencing other’s people’s words. Remember that.

Freeware, e-mail-ware, letterware, crapware, shareware, careware, payware, etc… etc… well, isn’t it enough now?

Either a prog is given free for all people out there (and therefore deserves to be called freeware) or it is some demoware (i.e. 30 days or so to evaluate it and then either buy or kill it…) or it maybe is pure payware… (i.e. some proggie with no option to try before buy, so why not call it “cat-inside-the-sack-ware?”…

Of course there are companies out there who offer (and I’m glad that they do so) versions of their PAYWARE progs who lack something, but nothing essential… I would call Avira Free such a thing. Offering the best possible detection rate, but lacking a reliable spyware detection. Same with SpywareTerminator. Offering fine AS shield, but lacking a reliable AV detection. Now, come on, you won’t tell me that ClamAV or ClamWin are reliable AVs? With 156.000 Virus detections at the mom or so, compared to emsisoft a squared (keeping a database of about 895.251 malware definitions at the moment, and now having surpassed former ewido/now AVG by means of detection rate, whilst both are not really antivirus proggies…), I really think Clam is rather an experiment than a kind of true shield. Someone correct me please, if I’m wrong here.

But, what I really tried to say is, that, even if SpywareTerminator lacks a fine AV, and even if SAS lacks any real time shield, compared to the former, no one ever would try to bash on both of them. Bashing Avira, at least to me, means bashing the best free possibility of having a reliable AV shield.

Does that make sense?

LOUD & CLEAR. i assume we’re cool now ;D.thx

Ganda

LeoniAquila · September 29, 2007, 4:24pm

Independent of which AV is the best, I found a solution today which I like and I’ll use until CAVS 3 arrives: on demand scanning only! I installed Avira Personal Edition, but without real time protection. This way I save resources and I can scan once in a while to see if anything has sneaked in, or if a certain suspicious file contains malware.

LA

aladinonl · September 29, 2007, 4:44pm

Freeware, e-mail-ware, letterware, crapware, shareware, careware, payware, etc.... etc... well, isn't it enough now?

i like some funky names like "honeyware","carrotware","begware" or "lameware".. hey just joking :)

I really think Clam is rather an experiment than a kind of true shield.

no no, ClamAV is a true AV for email server and Linux machine.

So besides a firewall, u definitely need a HIPS to stay safe. R u usin CPF3, LA? dun tell me u r stil w 2.4 and get rid of ur real-time AV shield.

LeoniAquila · September 29, 2007, 10:44pm

I’m using 2.4, though I tried the newest 3.0 beta today. Uninstalled, because the Defense+ didn’t work well on my system.

I don’t consider my choice as silly (or likewise) because I’m extremely careful. Hardly visit any websites except for my well known bookmarks (which I do with Firefox w. NoScript - sorry Soya, I’ve given up Opera now, because of paranoia). Never use cracks, warez or stuff like that. Also, I hardly receive unknown files.

If any malware by any chance would enter my system, it would not be able to access the internet because CPF 2.4 blocks it. The other kind of threat would be a complete destruction of my system, but that’s no big deal because I make double backups, as soon as I’ve changed any file on my system.

For several weeks now, I’ve used only CPF and BOClean. BOClean has not caught anything. Today, when I installed Avira for scanning - not monitoring - I made a complete scan and nothing was found.

I’m not into any virtualization, the setup I’m describing is for my one and only machine, which I use for everyday production. The risk of a hard disk crash, and losing all my stuff, would probably be bigger than getting any malware. But again, with those backups, I’m safe.

Still, this is probably not a setup I will continue to use forever. I’m still paranoid, thus I’ll be glad when CAVS 3 arrives, as well as CPF 3. At the moment though, I don’t like CPF 3 because I’ve never got along with its HIPS. Especially not the latest beta, which didn’t remember my rules.

/LA

alaertsxan · September 30, 2007, 10:25am

I've given up Opera now, because of paranoia

Seems nice, you say almost that you want to be paranoia ;)

When it comes to antivirus I rather believe in on-demand scanning than on-acces becouse all virusses still get tested by the makers on the now know database so mostly it’s quite useless.

So just keep your hands of the warez, cracks, patches, etc. and the chance something comes in is pretty low :). Unless someone really tries to hit you ;D.

Xan

P.S. I don’t really get the point of firefox, it’s slower than opera and less secure ??? ? so why use it ?

LeoniAquila · September 30, 2007, 6:10pm

True, but this was my excuse: (:D)

Anyway, we all have different views upon the need of AV. I may be foolish who goes without it right now, but then I’ll learn it the hard way, eventually… unless CAVS 3 arrives before I get a virus. CAVS 3 will be probably be a nice security layer to use.

(B)

/LA

LeoniAquila · September 30, 2007, 7:20pm

I have no idea.

This is on the one hand a never ending topic, on the other hand a topic which could end right here…

Anyone, is it even possible to know which AV is the best? We can’t just count number of signatures, we need to analyze efficiency and scanning (on access + on demand) deepness as well. And I think there are very few persons here who are able to do that. Surly some Comodo staff, but is it even possible to analyze a non open source AV program? Well I guess it’s not too difficult to make some practical tests, but does it even matter?

Whether one gets infected or not can not only depend on the AV program, it should also be a result of where the specific malware was picked up from. And that is all random, I believe. So if there’s bad luck and the top AV product does not have that signature, then it doesn’t matter if the AV wins a test.

I can never rely to 100% on a black list system. Thus I believe in prevention - not getting anything in, in the first place. This makes the choice of AV less important, I think.

/LA

andyman35 · October 1, 2007, 4:18pm

I find a combination of AntiVir (on access) and the free version of Bitdefender 10 (on demand only),offer a level of detection similar to the very best paid-for AVs.Of course once CAVS 3 is finally completed we can forget about all other products (:WIN)

tansco · October 2, 2007, 7:26am

The best AV is surely the one with the best detection rate, and Avira wins that, see…

Vote Avira!

andyman35 · October 2, 2007, 11:48am

Good article there,this quote made me laugh:

Symantec, which sells the Norton line of products, said that while there “certainly” was “good basic free software” available, it wasn’t as comprehensive as the paid-for varieties.

Anyone who’s ever had the misfortune of using Norton bloatware will know that a combination of Avira AntiVir and CPF blows it away in level of security,resource usage and any other criteria you can think of! (:LGH)

weaker · October 2, 2007, 2:33pm

Absolutely. Every machine I saw with Norton installed was much more responsive and faster after I switched it to AntiVir/CPF.

MorphOS_REBOL · October 3, 2007, 11:20pm

Well, I feel somewhat of a relieve now. Finally, at least some people have recognized what is the best free antivirus, I tried so hard to teach them… lol

But I find McAfees answer really cooler than Symantec’s:

McAfee, another established provider, said that the advantage of all-in-one packages was that customers didn’t have to go to different sites for different types of product - as was the case with free software - and that updates were automatic.

Nice.
But, as always…

LOL, wanna know why?

You can have your ■■■■ directly from the bottle.
It will go down your throat like a little waterfall.
Fresh.

You could also use some glass, this would be a noble thing, but this is where it starts to be more difficult.

Everyone will know where his ■■■■ glasses are being stored at…either in the kitchen or in the living room most purposely.

But.

After having having installed your 10th pint or so…
You may ask yourself: Now, where is my kitchen again?
Oh, that was the window, third stock, wrong door…

That is the obvious problem with freeware, if McAfee is right.

A big kiss to McAfee.

Now, they introduced the infallible “Drunkard-Ware” term to the world, of which we are a miserable part only.

ganda · October 4, 2007, 3:56am

yeah yeah, you win, i give up ;D.

weaker · October 4, 2007, 10:06am

really ?
;D (:CLP)

grampa · October 4, 2007, 2:31pm

Hiya,
I cast my votes for Avira and Kaspersky. Avira has really become a wonderful product over the years and I cannot but acknowledge what they’ve accomplished. I tried Avast, AVG, CAVS,… and always came back to Avira. I also tried Kaspersky and NOD32 quite recently (free trials) and liked them both. However, my second vote went to Kaspersky for it’s more my cup of tea (just a feeling and NOD32 is said to have deteriorated a tad lately - though I cannot say that myself due to lack of knowledge; it’s just from what I’ve read).

That’s what I did. However, I don’t quite agree with you on your logic (no offence ).
Let me explain:
If you have a wonderful AV like Avira’s, that’s a good thing, isn’t it? But what if that AV could be easily terminated by malware, like it seems to be the case with AntiVir? (Again it’s just parroting what I’ve read as I’m too daft to test it myself). So ‘the best’ AV with a lousy self protection = not the best AV.
This leads me to a question…
Does anyone know how decent a self protection CAVS has at the moment?
And please refute: … could be easily terminated / circumvent by malware, like it seems to be the case with AntiVir :-
Just my 2 pence.
Cheers,
grampa.

Japo · October 4, 2007, 3:01pm

Are there third-party programs than can harden other programs against malicious termination? Because it would seem more reliable having one programs that’s very good at protecting all your programs than having to rely on every single program’s self protection, and if only one of them is not so good you’re exposed.

Anyway I guess that in order to terminate any of your programs, any malware has to execute, and if its signature/behaviour is recognized then it should be blocked on access and it shouldn’t have the opportunity to attempt to kill your programs even if their self protection is poor. I imagine this is likely wrong but would like sage advice.

EDIT: On second thought I guess HIPS contributes to protect your programs from malicious termination, however can HIPS programs be terminated before they get to block or allow the malware? ???

grampa · October 4, 2007, 3:10pm

Hey Japo,
thanks for the quick reply.
I’m have little to no understanding how these things work. But what you say seems to make sense: How can a malware terminate my AV if it is blocked by the on-access scanner?
Btw, could you plz name some progs that can harden my progs against malicious termination? I’ve never heard of any.
Any further clarification is highly appreciated.
Thanks again, Japo.
Cheers,
grampa.
P.S. tansco, if Japo is right, I might not disagree with your logic so much after all, although I’m still not 100% with you

Japo · October 4, 2007, 4:56pm

I don’t know of any either, I was just digressing uneducatedly, and asking like you.

Little_Mac · October 4, 2007, 6:34pm

EDIT: On second thought I guess HIPS contributes to protect your programs from malicious termination, however can HIPS programs be terminated before they get to block or allow the malware?

This is part of the point of kernel-level installs - drivers, hooks, etc, self-protection in the registry, and so on. This is why there are "termination tests" for firewalls; one presumes for HIPS as well. Some users are running tests of various "proof of concept" exploits against v3 and comparing to other HIPS such as EQSecure, Prosecurity, SSM, and so on.

The idea is that the HIPS should be able to protect itself first and foremost; if it can do that in the face of danger, then it should protect the system. If it can’t protect itself, well, you’re probably toast…

LM

awilson3rd · October 4, 2007, 7:27pm

I have over the last week had to rebuild my pc about 5 times. Each time I would get to a certain point and viruses would attack nearly every .exe file. I tried bitdefender and was dissapointed, it deleted or quarantined crucial running processes so on a reboot couldn’t load anything. My solution was Dr Web’s free cureit. It was the only virus checker that successfully healed the viruses rather than deleting or quarantine them. The viruses in question were win32.virut.5 and win32.virut.4

Now I have installed comodo anti virus for real time protection, I use the firewall too and really like it’s ease of use. I am dissapointed though, I scan a file that I know contains the win32.virut.5 virus and comodo doesnt even detect it, let alone heal it!