What's a good anti virus these days?

tina1040

I have a new laptop since June and I tried a few free ones.

I currently have 11 days left on Bullguard. It seems good. And I run Malwarebytes.

syklops

That question has a complicated answer. Antivirus vendors differentiate between viruses and malware and so produce two(or more) different products to defend against each. Meaning more $$$. Its like Durex releasing a condom for preventing AIDS, and a different condom for preventing HIV. You don't want either infection so you buy both right?

Malwarebytes is generally accepted to be one of the best anti-malware packages. Its free, but so many users I've met don't trust free security products because they can't be better than paid for packages. Surprisingly the opposite is often true.

Generally the best solution is malwarebytes and a decent AV package. Finding a decent one is not so easy.

Kaspersky was well respected, but recent allegations have suggested it faked some of its test results.

I've had good results with AVG in the past(plus I nearly got a job with them once), but like many vendors I don't like their (relatively new) active attempts at getting more money from you to buy their anti-malware, their firewall etc.

The unfortunate reality is most modern anti-virus and anti-malware solutions use signatures to find the malware. What that means is if I create a new virus and release it tonight and I infect 1000 machines, it is FUD, or fully undetectable until a new signature exists to find it. So of the 1000 computers I've infected one of them needs to be owned by someone with the wherewithal to analyse my virus, develop a signature, send it to an AV vendor, who then analyse the signature and if they like it they push it upstream into the AV database to be downloaded into the regular users signature databases who can then detect my virus. The problem is, between the signature being created and the user downloading it could be anywhere between 24 to 72 hours which gives me ample time to release updates to my virus which means the original signature no longer works.

Sorry for getting technical, my point is, AV or anti-virus is always on the back foot. Always a day or two behind.

Another problem here in 2015 is, 20 years ago, a reliable symptom of your computer having a virus was it was running slow, back when a normal computer had 4 Megabytes of RAM and virus writers cared little about memory management. Now, a consumer computer has 8 gigs of RAM or more, means a little virus has plenty of memory space to do its thing without affecting your user experience even a tiny bit.

Sorry this turned into a bit of a novel.

tl;dr version. Get malwarebytes. Pick an AV package, but don't assume the most expensive package is the best, and don't assume the free one is crap, but also remember, the AV/Anti-malware is the last line of defence. The first line of defence is you the user. Don't click on links in emails where you don't know the recipient, be mindful of USB sticks and don't plug in ones of an unknown source, and be careful of what websites you visit, especially peer to peer and adult sites.

Bongalongherb

When contacted this week, they had no comment on the allegation that Kaspersky Lab had targeted them.

The Russian company is one of the most popular antivirus software makers, boasting 400 million users and 270,000 corporate clients. Kaspersky has won wide respect in the industry for its research on sophisticated Western spying programs and the Stuxnet computer worm that sabotaged Iran's nuclear program in 2009 and 2010.

There is no definitive solution when it comes to anti-virus software even from the best out there. It's basically down to what one you trust - if you can trust any of them, but it's still better to use one than nothing, and when I say nothing I mean AVG is not capable of removing the very strong virus's and especially the remnants of the virus's, for this you will need a better anti-virus program.

But in saying this, AVG - especially avast is better than using no protection.

Bongalongherb

Just a heads up... I have seen folk just opening malwarebytes free edition and clicking the big scan button and doing it this way as always. But to do a real slow full scan and the scan for rootkits of which is very important, a person needs to open malwarebytes and do a custom scan and then configure it to checkmark the rootkit scan to enable full scanning features of not only malware and virus's but for rootkits..

Always do the custom scan with malwarebytes as the threat scan will not scan for rootkits.


PS: We will all be an hour younger tonight, enjoy. Unless Y215k explodes.

caff

Used to use avg, got freaked by them selling customer details though. Generally I just go with ms defender. Any free company is selling you no matter how good their software is.

Bongalongherb

caff wrote: »

Used to use avg, got freaked by them selling customer details though. Generally I just go with ms defender. Any free company is selling you no matter how good their software is.

Microsoft Defender has been discontinued because of it's seriously bad detection rate.

Folk need to ask themselves how important security is to them, because defender will do nothing for any-one. It's basically worthless and useless.

If folk don't want to pay for the higher security protection, then just use Avast anti-virus and malwarebytes and make sure windows firewall is activated, or just download a free firewall - the best free one.

anvilfour

I hate to sound facetious but if you want to hugely reduce your chances of running malware as well as make sure that your OS doesn't have undisclosed security holes or backdoors, might it be best to use a free and open source operating system like Linux? Naturally viruses do exist for Linux but none have been able to make any significant inroads as there are so many flavours of the OS out there!

FSL

I agree with Anvilfour. As most of those querying about AV or how to remove an infection seem to predominately use browser based applications, then Linux is fine.

With the exception of some gaming there is very little you can do on Windows you can't do on Linux. As my idea of a game always involves physical exercise and invariably a round object this is not a problem for me.

Yes I do also use Windows but that is because some of my clients do and consequently I do need to be up to date in order to support them.

liamo

I respectfully disagree.

Although I'm a long-time Linux user, I'm also a long-time Windows user and I haven't picked up malware (that I know of) since a stupid incident back in Windows 98 days.

If you have the latest O/S updates AND the latest application updates with a reasonable AV product and you exercise a modicum of common sense you'll be pretty safe.

I don't question the sincerity of your advice but I don't believe it's necessary for the OP to dump his OS in order to improve his security.

Liam

anvilfour wrote: »

I hate to sound facetious but if you want to hugely reduce your chances of running malware as well as make sure that your OS doesn't have undisclosed security holes or backdoors, might it be best to use a free and open source operating system like Linux? Naturally viruses do exist for Linux but none have been able to make any significant inroads as there are so many flavours of the OS out there!

anvilfour

liamo wrote: »

I respectfully disagree.

Although I'm a long-time Linux user, I'm also a long-time Windows user and I haven't picked up malware (that I know of) since a stupid incident back in Windows 98 days.

If you have the latest O/S updates AND the latest application updates with a reasonable AV product and you exercise a modicum of common sense you'll be pretty safe.

I don't question the sincerity of your advice but I don't believe it's necessary for the OP to dump his OS in order to improve his security.

Liam

Hi liamo,

I take your point, it is quite possible for someone who knows what they are doing such as yourself to avoid accidentally downloading malware in most cases.

I suppose it depends on your threat model ; in my own case I am not just concerned about malware, there are also undisclosed security holes in Windows, plus without the source code being made available, we don't know if Microsoft have provided a back door to shadowy government organisations as they did for the NSA with Windows NT.

There is also a range of software out there to detect Windows viruses however as has already been discussed this is only any good after the fact and also it doesn't strike at the root of the problem which is that most malware is written for Windows machines.

On the basis that prevention is better than cure and particularly given how user friendly some flavours of Linux are these days e.g Linux Mint, there's no reason someone couldn't use it day to day and keep Windows for gaming and other software which will only run on that platform.

conor-mr2

Bongalongherb wrote: »

Microsoft Defender has been discontinued because of it's seriously bad detection rate.

?? Any links for this ??

anvilfour

conor-mr2 wrote: »

?? Any links for this ??

AFAIK it's called Microsoft Security Essentials these days, perhaps someone who uses Windows more regularly can enlighten us?

Professey Chin

anvilfour wrote: »

AFAIK it's called Microsoft Security Essentials these days, perhaps someone who uses Windows more regularly can enlighten us?

It back called Windows Defender again & is baked into the OS (with 10 anyway)

Red Alert

With normal sane security practices you don't need AV. Corporate IT love AV because it gives them a job to do, and AV vendors of course aren't going to put themselves out of a job.

practice

I use Avast free and never had a problem.
Run Malawarebytes free now and again.
The best one of all I find is common sense and dont click on anything unless you know where it came from.

Capt'n Midnight

Red Alert wrote: »

With normal sane security practices you don't need AV. Corporate IT love AV because it gives them a job to do, and AV vendors of course aren't going to put themselves out of a job.

Corporate IT HATE AV with a passion.

It's a necessary evil for many reasons not just because some users are morons who will click or open just about anything.

Tip : send a warning email telling people not to open a certain type of email.
The next day sent that certain type of email and count how people opened it.

AV slows down PC's. Spams users with messages to be explained away. And if you are really lucky the management app will be a polished turd and you may have the pleasure of manually uninstalling an old version before you can install a new one (that's about the point where you ditch them and try a different AV vendor that hasn't let you down, yet.)

/RANT

the_syco

Use Bitdefender myself. Great at finding viruses in compressed/zipped files, and notifies me if any program tries to connect to the internet; which is great if I didn't run it. Has helped me detect a few nasties on the system.

Red Alert wrote: »

Corporate IT love AV because it gives them a job to do, and AV vendors of course aren't going to put themselves out of a job.

Corporate IT loves AV, as it can help stop the stupid users from losing their data, but the users still open every goddamn email that they get!

syklops

Capt'n Midnight wrote: »

Corporate IT HATE AV with a passion.

It's a necessary evil for many reasons not just because some users are morons who will click or open just about anything.

Tip : send a warning email telling people not to open a certain type of email.
The next day sent that certain type of email and count how people opened it.

AV slows down PC's. Spams users with messages to be explained away. And if you are really lucky the management app will be a polished turd and you may have the pleasure of manually uninstalling an old version before you can install a new one (that's about the point where you ditch them and try a different AV vendor that hasn't let you down, yet.)

/RANT

Today Symantec updated itself and required a reboot for some reason. Cue 24 machines popping up a message saying a reboot is required, cue 12 phone calls to the help desk, including one to a manager, who rang one more senior manager who rang my boss wanting to know was it legit. A lot of work resulting in AV updating and as you say popping up needless messages. Pain in the hole.

Corporate IT love AV because it gives them a job to do,

Every IT team I have ever worked on has been critically under staffed. AV gives them a job to do? Don't make me laugh bitterly.

_Tombstone_

syklops wrote: »

Today Symantec updated itself and required a reboot for some reason. Cue 24 machines popping up a message saying a reboot is required, cue 12 phone calls to the help desk, including one to a manager, who rang one more senior manager who rang my boss wanting to know was it legit. A lot of work resulting in AV updating and as you say popping up needless messages. Pain in the hole.

WTF was the problem with just restarting them? Why did they have to ring anyone?

syklops

_Tombstone_ wrote: »

WTF was the problem with just restarting them? Why did they have to ring anyone?

That department don't like restarting their machines because they lose time and might lose productivity. I know because that very same question was asked and that was the reply we were given.

Theres no rolleyes icon in the world big enough. I know.

Muppet Man

Malware bytes for me for a good few years now.

I've had too many wars with mcafee on my work laptop, my own personal laptop and my fathers laptop.. so I just avoid it completely now. And so have work.

scamalert

reminds me of story buying tablet and guy offering McAfee or some sort of similar antivirus soft for 30e plus-my first response was why the f would i need one,and then saying even if it was euro i still wouldn't take it.

I know might sound harsh and people need to push that stuff,but thank you no.

soft like avast-free does 90% of the job,rest if you manage to click some nasty link and get 20addons and malware then you start looking for stuff like malwarebytes and other software to clean the mess up.

theres simple steps to avoid such nuisances-avoid websites,check what you download specially if its torrents and file is zipped.

And last not having any personal info that would cause much damage if lost-in other terms if you got some nasty crap and cant remove all of it,format the damn thing
also many miss a point but say you want to be sure you are secure doing online banking and such best way get usb stick and put live linux in there,or install on the side,thus browse as much as you want on one or another and keep next just for clean business.

Kur4mA

I just run Windows Defender and the odd time will do a sweep with malwarebytes free version and it will find any other nasties generally.

Honestly, this is the best solution for me. I've run Avast, Bitdefender and all the others at different times and none of them have beaten the above combo. The mother in law was running Avast free version and it missed 200+ nasties which malwarebytes found and quarantined.

_Tombstone_

Kur4mA wrote: »

I just run Windows Defender and the odd time will do a sweep with malwarebytes free version and it will find any other nasties generally.

Honestly, this is the best solution for me. I've run Avast, Bitdefender and all the others at different times and none of them have beaten the above combo. The mother in law was running Avast free version and it missed 200+ nasties which malwarebytes found and quarantined.

Someone needs to have a sit down with her and see what see gets up to behind the mouse.

200+ Bugs = wipe that machine

scamalert

Reading Kur4ama comment decided to install malwarebytes since only using avast free,run full scan expecting at least maybe 10-20 cookies etc result 0.Now id be frequent user to torrent sites where you get like 4-6 window pop ups with adds and other crap-but only thing i do is just close them one by one without pressing anything inside the site,and if theres malicious site avast picks that up before entering.

as for 200 threats found,i wouldn't be too surprised-if person using pc and pressing add links that nowadays every site is covered in dozens,you could rake that much in day,if not knowing much about safety.More interesting would be to know how many of the 200 were actual threats,like worms,virus type things,not some cookies that buried themselves into registry files.

jaqian

tina1040 wrote: »

I have a new laptop since June and I tried a few free ones.

I currently have 11 days left on Bullguard. It seems good. And I run Malwarebytes.

I find AVG-Free or Avast! to be pretty good, haven't had any virus in ages. Stay clear of McAfee (crap) and Norton (resource hog).

biko

I am forced to use a particular one on the work computers, but do the occasional scans with Housecall, MBAM, Spybot - Search and Destroy, and others, even rootkit scanners. The trick is to use various ones as a single one won't pick up all the threats, in my opinion anyway.

Don't forget defraggler and ccleaner. Sometimes a slow computer just needs a clean.

scamalert

Biko
you basically layed out every protection soft one would need.

found all of them useful few times when dealing with nasty crap that leaves traces-thus as you mentioned basically use different ones to check every last bit,since one might remove infected files,yet skip some process thats running,or root kits and whatever can resurrect itself,so them names are good if you gotten something and want still to save pc from doing full format.

Blowfish

Lots of people here seem focused on scanners etc. which find stuff after the fact when in reality it's preventative software and user behaviour that makes the biggest difference.

Use Chrome 64bit, uBlock Origin, Privacy Badger, NoScript, EMET and a decent password manager. Next, uninstall Java and Flash, keep up to date on all your security patches (for all software, not just Windows stuff) and watch what you click on.

Doing that will be far far more effective than any AV or anti malware on the market.

Saying that, as well as the above, I use Kaspersky, not for it's actual AV/Malware scanner as they are all pretty much useless, but for it's other stuff like it's completely configurable firewall and it's mini vuln scanner which lets me know if I'm running third party software that needs patching.

dbit

Have you seen the latest EMET hack that uses compatability mode on WOW64 to run any form of maliciuos 32 bit app and guess what EMET rubs its nuts all over it and doesnt give a damn .

AV for the VDI world no longer hogs up the user session - You have some very impressive agentless technology that tackles all the gripes , IPS , virtual pacthing (Very sexy stuff here where the vulns are protected virtually as in no need to release patch tuesday nighmares upon users or test bed group for wsus and so on . ) WRS, IM and a whole array of features and not one of them present on the actual guest - instead running ona service VM on each host .
With the birth of NSX and tagging which has brought into the fray an array of function in that lets say outbreak occurs - Guest is flagged by thrid party app for being infected - NSX sees this flag and unplugs the VM's network - third party sec software goes to work , cleans and quaratines , then sends a clean flag - NSX plugs the VM back into the network and you , the admin roll over for that extra lie in.


SAying the AV tech is dead and that IT admins hate it is just silly , they may not be using the right solutions for the right scenario's .

Back in my day i loved to fight virusus by hand . Most sites i arrived at you would see the admins cringing at a large outbreak, I get that . There is a whole world of options and stuff to choose from , i could go on but i wont .