Anti-virus/spyware - which one?
Join Date: Sep 2002
Location: UK
Posts: 129
Likes: 0
Received 0 Likes
on
0 Posts
McAfee at work (7000+ seats) as chosen by our IT department
McAfee and Norton at Home, for AV and firewall - never see a lot of difference, although if I had to choose, I prefer Norton's firewall, but McAfee's AV.
For Spyware, I run MS Defender and Webroot Spy Sweeper. Preference is probably MS, as Webroot seems to have an unusually high processor overhead (noticable when the laptop is on battery).
All machines sit behind a SPI firewall, so that helps as well.
I know free is very good and I don't knock it, but rightly or wrongly, I feel the "pay" products should/are offering something more (other than a lighter wallet )
Regards,
Shuttlebus.
McAfee and Norton at Home, for AV and firewall - never see a lot of difference, although if I had to choose, I prefer Norton's firewall, but McAfee's AV.
For Spyware, I run MS Defender and Webroot Spy Sweeper. Preference is probably MS, as Webroot seems to have an unusually high processor overhead (noticable when the laptop is on battery).
All machines sit behind a SPI firewall, so that helps as well.
I know free is very good and I don't knock it, but rightly or wrongly, I feel the "pay" products should/are offering something more (other than a lighter wallet )
Regards,
Shuttlebus.
Join Date: Dec 2002
Location: to the left and down
Posts: 66
Likes: 0
Received 0 Likes
on
0 Posts
Yer not wrong there, Scuttlebutt
I'm with colmac viz. Pandalabs. I tried Titanium freeware some time last year, then splashed out for the full deal. Avg, anti-spyware and firewall.
Went through various freeware: AVG (Grisoft) very good, a-Squared, nod32, avast. The Spanish Panda is awesome, no conflicts with Zonealarm, which I also run, or my ISP's spyware.
But, one point of note, I use Firefox and have to disable Panda's firewall initially to log on, or I get a "server has reset the connection-try again" window. Turning on firewall once it's running is no probs.
Was told Norton/McAfee are viruses anyway and avoided them apart from one or three of their "Fix Tools".
And CCleaner is a must have. Clears up what system tools' "disk cleaner" won't. I run it at least once a day.
Now all you need is a top-shelf registry cleaner.
I'm with colmac viz. Pandalabs. I tried Titanium freeware some time last year, then splashed out for the full deal. Avg, anti-spyware and firewall.
Went through various freeware: AVG (Grisoft) very good, a-Squared, nod32, avast. The Spanish Panda is awesome, no conflicts with Zonealarm, which I also run, or my ISP's spyware.
But, one point of note, I use Firefox and have to disable Panda's firewall initially to log on, or I get a "server has reset the connection-try again" window. Turning on firewall once it's running is no probs.
Was told Norton/McAfee are viruses anyway and avoided them apart from one or three of their "Fix Tools".
And CCleaner is a must have. Clears up what system tools' "disk cleaner" won't. I run it at least once a day.
Now all you need is a top-shelf registry cleaner.
Join Date: Nov 2001
Location: western europe
Posts: 1,367
Likes: 0
Received 0 Likes
on
0 Posts
Was told Norton/McAfee are viruses anyway and avoided them apart from one or three of their "Fix Tools".
Recidivist
Join Date: Jun 2005
Location: Essex, UK
Posts: 1,239
Likes: 0
Received 0 Likes
on
0 Posts
"Was told Norton/McAfee are viruses anyway and avoided them apart from one or three of their "Fix Tools"."
I suspect the word like is missing between 'are' and 'viruses', as in 'the AOL browser infects your machine like a virus'.
I suspect the word like is missing between 'are' and 'viruses', as in 'the AOL browser infects your machine like a virus'.
Join Date: Sep 2003
Location: GA USA
Posts: 51
Likes: 0
Received 0 Likes
on
0 Posts
AVG with Zonealarm. Both free versions and always good at detecting virus/intruders. Never had any problems. Use Adaware and Spybot once a month.
As said before Norton is very good at crashing systems...avoid at all cost. They should have a blue screen on the box as thats what you get !more often than not !!
cheers
As said before Norton is very good at crashing systems...avoid at all cost. They should have a blue screen on the box as thats what you get !more often than not !!
cheers
Recently purchased this computer, WinXP (sp2) and it came with the full Norton suite (which was a B to get rid of after it interfered with several other applications)
Using all freeware, hardly ever have any problem.
"Javacool's" Spyware blaster
AVG antivirus
AdAware
Spybot
CWShredder from Trend micro
Bazooka scanner
CCleaner
A2 scanner
The standard XP firewall.
Winpatrol
Hijack This.
All free and do a great job
Using all freeware, hardly ever have any problem.
"Javacool's" Spyware blaster
AVG antivirus
AdAware
Spybot
CWShredder from Trend micro
Bazooka scanner
CCleaner
A2 scanner
The standard XP firewall.
Winpatrol
Hijack This.
All free and do a great job
Guest
Posts: n/a
Go to: http://security.iia.net.au
A web resource provided by the Australian Internet Industry Association to assist people with security issues.
I declare my interest. I am the web manager for the site.
A web resource provided by the Australian Internet Industry Association to assist people with security issues.
I declare my interest. I am the web manager for the site.
Red On, Green On
Join Date: May 2004
Location: Between the woods and the water
Age: 24
Posts: 6,487
Likes: 0
Received 2 Likes
on
2 Posts
McAffee came pre-loaded on my new Dell desktop, and I'm not impressed with the spam trapping module. Yesterday it lost the account settings of the three email accounts I use - no big deal, but a few minutes to re-enter them and re-start. A couple of weeks back it was collecting all the emails from the ISPs, but not releasing them to Outlook and Thunderbird. I slapped it, re-started and then had a hundred to read.
Added to that it assumes that anyone sending me an attached jpg is spam. Grrrrr...
Added to that it assumes that anyone sending me an attached jpg is spam. Grrrrr...
Spoon PPRuNerist & Mad Inistrator
VH-GRUMPY, are you sure you want to publicly associate yourself with typos of this magnitude?
Copied directly from the "Latest News" section of the home page...
I am the web manager for the site
Anti Spware is a majpr priority og this site
Well I've just had an unpleasant little adventure with malware, despite all the security gizmos. This little nasty first announced itself by AVG kindly alerting me to the "Zolob trojan.downloader",(my wife later commented: Gross. sounds like something you'd hoick up.), which I reacted to by instructing it to "heal" it (since it doesn't default to delete). The PC then went through increasing strata of craziness. A new "antispyware" program installed itself, (Spyware quake),placed a (then) immovable icon in the system tray, and after I turned the entire arsenal of scanners loose on it, one at a time, and again in safe mode, remained un-fixed. So in desperation I turned the modem back on and asked Mr G. for help. There were several likely answers, the one I utilised was at MajorGeek forums, where I downloaded a DOS repair kit for this one infestation, and followed a time consuming proceedure involving three restarts, renaming a .dll, running the tool, rebooting to normal. It worked.
Interestingly, AVG detected but couldn't kill it. A2 detected a corrupt reg. entry and a tracking cookie not of any site I'd visited. Ms (Giant) found something - can't remember what - (but related) and killed it. AdAware didn't find a thing. Spybot found 3, a "vcodec", "smit" something, and "antim" something, and needed to run on reboot to kill them. And still it grew back. And all the time, Winpatrol continued to warn (and prevent) changes to homepage,startup entries, sheduled tasks, and IMO prevented a much worse infestation. (I saw the Hijack this logs of some affected users, mine was a tenth the size!)
Apparently this wee beast is only a week or 3 old. I'm real grateful that someone has developed a proceedure and application to zap it.
Interestingly, AVG detected but couldn't kill it. A2 detected a corrupt reg. entry and a tracking cookie not of any site I'd visited. Ms (Giant) found something - can't remember what - (but related) and killed it. AdAware didn't find a thing. Spybot found 3, a "vcodec", "smit" something, and "antim" something, and needed to run on reboot to kill them. And still it grew back. And all the time, Winpatrol continued to warn (and prevent) changes to homepage,startup entries, sheduled tasks, and IMO prevented a much worse infestation. (I saw the Hijack this logs of some affected users, mine was a tenth the size!)
Apparently this wee beast is only a week or 3 old. I'm real grateful that someone has developed a proceedure and application to zap it.
Join Date: Mar 2006
Location: Finland - East of Sweden
Posts: 113
Likes: 0
Received 0 Likes
on
0 Posts
Try following these instructions:
http://forums.spybot.info/showthread.php?t=1958
In principle you always do this after an infection:
Disable/disconnect any network connectivity;
Start up in Safe Mode (Hit F8 -> into menu while booting Windows up);
Use regedit to remove all references to infection-carrying code;
Delete infection-carrying code (may be any .EXE .DLL etc file or files).
I know, the hard bit is to decide which files and references to remove! For some infections (rootkit type) a separate utility is required.
The basic tools are msconfig (built-in with Windows) and HijackThis
http://www.majorgeeks.com/download3155.html .
After repair you must APPLY ALL SERVICE PACKS immediately. It's a very good idea to have Service Packs on a CD. They can be loaded as independent (administrator) packages from the MS site.
http://forums.spybot.info/showthread.php?t=1958
In principle you always do this after an infection:
Disable/disconnect any network connectivity;
Start up in Safe Mode (Hit F8 -> into menu while booting Windows up);
Use regedit to remove all references to infection-carrying code;
Delete infection-carrying code (may be any .EXE .DLL etc file or files).
I know, the hard bit is to decide which files and references to remove! For some infections (rootkit type) a separate utility is required.
The basic tools are msconfig (built-in with Windows) and HijackThis
http://www.majorgeeks.com/download3155.html .
After repair you must APPLY ALL SERVICE PACKS immediately. It's a very good idea to have Service Packs on a CD. They can be loaded as independent (administrator) packages from the MS site.
Join Date: Dec 2000
Location: Horsham, England, UK. ---o--O--o---
Posts: 1,186
Received 4 Likes
on
2 Posts
Markjoy
I know how you feel, I spent a few hours doing the same as you. Trying to get rid of Spyware Quake. Visually the software looked quite nice! But, quite a barsteward to get rid of!
I had much the same indications as you; Norton Antivirus found Zlob but despite that running, also had Zone Alarm Firewall, MS Antispyware, Spyware blaster, Spyware Guard running as well.. They all failed to stop Spyware Quake downloading and installing!
I saw the technique you used on Major Geeks but, used a different but similar one on gladiator-antivirus.com/forum.
They also advised use of Ewido antimalware software in safe mode. This worked a treat, it found plenty that Spybot and Adaware had missed. Ewido has 14 day full use licence. I quite liked it and may well buy it!
Anyway best of all It's Gone!
I know how you feel, I spent a few hours doing the same as you. Trying to get rid of Spyware Quake. Visually the software looked quite nice! But, quite a barsteward to get rid of!
I had much the same indications as you; Norton Antivirus found Zlob but despite that running, also had Zone Alarm Firewall, MS Antispyware, Spyware blaster, Spyware Guard running as well.. They all failed to stop Spyware Quake downloading and installing!
I saw the technique you used on Major Geeks but, used a different but similar one on gladiator-antivirus.com/forum.
They also advised use of Ewido antimalware software in safe mode. This worked a treat, it found plenty that Spybot and Adaware had missed. Ewido has 14 day full use licence. I quite liked it and may well buy it!
Anyway best of all It's Gone!
Out of Trim
Thanks for that post. Just downloaded and ran Ewido (3.5) myself. Picked up 3 remnants of spyware quake and zolob downloader that the others hadn't spotted!
Does make me wonder what else is out there, lurking in the registry or other mysterious places.
Seen mixed reviews for Ewido, most of them (for this version) extremely good, though there are complaints it's a resource hog and slow.
Not too noticeable with a gig of RAM and 3500+AMD cpu, though! Full scan (all extensions) took about 15 min.
Thanks for that post. Just downloaded and ran Ewido (3.5) myself. Picked up 3 remnants of spyware quake and zolob downloader that the others hadn't spotted!
Does make me wonder what else is out there, lurking in the registry or other mysterious places.
Seen mixed reviews for Ewido, most of them (for this version) extremely good, though there are complaints it's a resource hog and slow.
Not too noticeable with a gig of RAM and 3500+AMD cpu, though! Full scan (all extensions) took about 15 min.
Cunning Artificer
Join Date: Jun 2001
Location: The spiritual home of DeHavilland
Age: 76
Posts: 3,127
Likes: 0
Received 0 Likes
on
0 Posts
Something new got through my security on Monday (Avast/BlackIce/Adaware/etc.) and caused a multitude of application problems, one being disabling explorer.exe so I couldn't search through the files. Folder Guard continued to keep my D: data partition safely under lock and key. I spent a few hours last night reformatting C: and doing a clean install of XP. The old notebook is humming again.
No matter what security you have, something will break through occasionally and for a large organization there's no alternative to fixing such things by running clean-up programs on the network. Reformatting a couple of thousand PCs isn't an option. For single user home PCs though, its simply good practice to back up data regularly and do a clean install once in a while to sort out all the corruptions and orphan files that build up over time. Its the only way to really keep your hard drive nice and clean and efficient.
Incidentally, when reinstalling BlackIce, I was informed that my extended download had expired and I would need to purchase a renewal. Now, given that BlackIce let whatever caused me to do a clean install through the door in the first place, I see that as a Rip-Off, so as with Norton AV, I'm not inclined to do business with them anymore. Using the XP firewall for now, but any suggestions for good alternatives to BlackIce?
No matter what security you have, something will break through occasionally and for a large organization there's no alternative to fixing such things by running clean-up programs on the network. Reformatting a couple of thousand PCs isn't an option. For single user home PCs though, its simply good practice to back up data regularly and do a clean install once in a while to sort out all the corruptions and orphan files that build up over time. Its the only way to really keep your hard drive nice and clean and efficient.
Incidentally, when reinstalling BlackIce, I was informed that my extended download had expired and I would need to purchase a renewal. Now, given that BlackIce let whatever caused me to do a clean install through the door in the first place, I see that as a Rip-Off, so as with Norton AV, I'm not inclined to do business with them anymore. Using the XP firewall for now, but any suggestions for good alternatives to BlackIce?
Join Date: Mar 2006
Location: Finland - East of Sweden
Posts: 113
Likes: 0
Received 0 Likes
on
0 Posts
1st and foremost: you must have ALL the OS patches installed and ALL the service packs applied.
Unless you have it that way, the bugs will come through, IRRESPECTIVE of your anti-virus program and your other surfing behaviour.
In my academic institution F-Secure (www.f-secure.com) antivirus-firewall combination has the protection responsibility, also on the staff's home computers, and I can testify nothing comes through, with new virus database updates downloading often several times a day (But see above).
Unless you have it that way, the bugs will come through, IRRESPECTIVE of your anti-virus program and your other surfing behaviour.
In my academic institution F-Secure (www.f-secure.com) antivirus-firewall combination has the protection responsibility, also on the staff's home computers, and I can testify nothing comes through, with new virus database updates downloading often several times a day (But see above).
BlackSheep
I've read lots of good reviews for ZoneAlarm (a "learning" firewall, takes a wee time to get it trained apparently) and would use it, but am happy (I think) with the XP, which performed 100% at a test site. https://www.grc.com/x/ne.dll?bh0bkyd2 (this one, called shields up).
MikeJ,
(also see above re: ZoneAlarm) I understand that feeling, but have come to the conclusion that it's sometimes not money well spent. I wasted a few $ on a Norton suite, that doesn't integrate well with the way I want to use this (XP) computer. Apart from my nasty little adventure the other night, I've found the freebies work very well, but might consider purchasing the Ewido, if it doesn't still work well after 14days.
MS "beta" (Giant) is replaced by windows defender (my Beta expires in about 120days) but the reviews I've read about Defender have been a little less than glowing. Limited configuration options etc.
I've read lots of good reviews for ZoneAlarm (a "learning" firewall, takes a wee time to get it trained apparently) and would use it, but am happy (I think) with the XP, which performed 100% at a test site. https://www.grc.com/x/ne.dll?bh0bkyd2 (this one, called shields up).
MikeJ,
(also see above re: ZoneAlarm) I understand that feeling, but have come to the conclusion that it's sometimes not money well spent. I wasted a few $ on a Norton suite, that doesn't integrate well with the way I want to use this (XP) computer. Apart from my nasty little adventure the other night, I've found the freebies work very well, but might consider purchasing the Ewido, if it doesn't still work well after 14days.
MS "beta" (Giant) is replaced by windows defender (my Beta expires in about 120days) but the reviews I've read about Defender have been a little less than glowing. Limited configuration options etc.