Virus protection

[Diggles]

fuck man, this year at school as been the worst in the school districts history, probably at least a third of the 125 teacher machines in my school were infected (graduate student teachers, not best idea kthx...fuc en 'bud lite laptops').

Symantec Enterprise version is a useless piece of shit.

I've had good experiences with <!-- m --><a class="postlink" href="http://www.malwarebytes.org/">http://www.malwarebytes.org/</a><!-- m --> when infections are found early. However I've not seen any program that can remove medium-bad infections, its always reformating.

Microsoft better get their shit together in Windows7 or I see Mac and Google picking them apart finally.

[1000xZero]

AVG Anti-Virus
Spybot - Search & Destroy
Ccleaner

I have a corporate version of Symantec but it no better than AVG.

[Diggles]

While Spybot does a fairly decent job in finding and removing, its slow as all hell and resource intensive.

Malwarebytes is doing a much better job. ALso, since its newer, the malware that targets security/anti-malware programs are not disabling it

[Ulfen]

I've worked on countless computers with so much malware on them (100's of infections and 10000's of traces) you could not understand how the user even functioned. I've tried 20-30 different anti-spyware programs and I don't understand why so many people think spybot is sufficient. I find it misses a ton of infections. The best two removal programs I have used so far are Webroot Antivirus w/ Antispyware and Malwarebytes. I'm speaking purely about removing malware from an already infected machine, not protecting it from future infections.

[Diggles]

Would you be refering to spy sweeper w/optional Antivirus? I stopped using that because it was notoriously unstable and crashed or locked up computers

[1000xZero]

I've alwys used Spybot and updated it. Updating is an important feature. I know loads of people who never updated it. Also it allows to choose which malware to check or not check. Also it takes awhile because it is running at low priority. If you bump up the priority it runs faster.

I used malwarebytes and it found nothing either.

Probably use all 4 now since nothing is perfect.

[Ulfen]

Would you be refering to spy sweeper w/optional Antivirus? I stopped using that because it was notoriously unstable and crashed or locked up computers

Yes, the active protection is unstable. I would use it for removal purposes and then uninstall it.

[Ulfen]

I've alwys used Spybot and updated it. Updating is an important feature. I know loads of people who never updated it. Also it allows to choose which malware to check or not check. Also it takes awhile because it is running at low priority. If you bump up the priority it runs faster.

I used malwarebytes and it found nothing either.

Probably use all 4 now since nothing is perfect.

Spybot is fine for people that in general know how to safely use the internet and just get an occasional infection, but when you have to clean someone's computer that probably clicks every thing they see it just isn't adequate.

[Dragonzfire]

Until we get completely away from damn sig based detection we are all screwed royally.

We have installed many corporate versions of AV products and all of them are about 80% effective against stuff that is 1-3 weeks old.
On a zero-day note non seem to avg. above 75% and that all depends on how well the code is obfuscated and how many bytes you change. Unfortunately the newest Tri-fecta of evil is a few years ahead of the AV community.

Bot nets obfuscate enough code on their own to prevent signature based detection. This can be done on the fly and is by certain ones.
The really good coders high the data streams within other protocols and some use UDP to transmit data to and from in a semi state full connection. Yes I know it shouldn’t be possible but there are flaws with the way UDP is designed that you can pad it with TCP session type information and have yourself a nice little remote session over it.

[grizzle]

fuck man, this year at school as been the worst in the school districts history, probably at least a third of the 125 teacher machines in my school were infected (graduate student teachers, not best idea kthx...fuc en 'bud lite laptops').

Symantec Enterprise version is a useless piece of shit.

I've had good experiences with <!-- m --><a class="postlink" href="http://www.malwarebytes.org/">http://www.malwarebytes.org/</a><!-- m --> when infections are found early. However I've not seen any program that can remove medium-bad infections, its always reformating.

Microsoft better get their shit together in Windows7 or I see Mac and Google picking them apart finally.

Sounds more like idiotic user error to me. I have used the latest versions of Windows and Norton Security for the past 10 years, always keeping them up to date, and have never had a virus. But again, I keep it on at all times and always keep it updated.

My father, on the other hand, had Norton installed on his school laptop by me, and everything worked fine, until the school's IT guy uninstalled it, installed some POS school sponsored anti-virus app, and he then got two viruses, and his machine has been borked ever since.


If you think Windows has more flaws than MacOS, you're crazy. There just happens to be far more "zomg im so leet hacker and antimicrocrap so ima hack em" people out there to exploit the Windows holes. Sure, Macs might become more popular with the computer illiterate, or people who are more into fads (I'm a Mac) than they are with functionality, but eventually people will start exploiting Mac flaws as well.

[Diggles]

fuck man, this year at school as been the worst in the school districts history, probably at least a third of the 125 teacher machines in my school were infected (graduate student teachers, not best idea kthx...fuc en 'bud lite laptops').

Symantec Enterprise version is a useless piece of shit.

I've had good experiences with <!-- m --><a class="postlink" href="http://www.malwarebytes.org/">http://www.malwarebytes.org/</a><!-- m --> when infections are found early. However I've not seen any program that can remove medium-bad infections, its always reformating.

Microsoft better get their shit together in Windows7 or I see Mac and Google picking them apart finally.

Sounds more like idiotic user error to me. I have used the latest versions of Windows and Norton Security for the past 10 years, always keeping them up to date, and have never had a virus. But again, I keep it on at all times and always keep it updated.

My father, on the other hand, had Norton installed on his school laptop by me, and everything worked fine, until the school's IT guy uninstalled it, installed some POS school sponsored anti-virus app, and he then got two viruses, and his machine has been borked ever since.


If you think Windows has more flaws than MacOS, you're crazy. There just happens to be far more "zomg im so leet hacker and antimicrocrap so ima hack em" people out there to exploit the Windows holes. Sure, Macs might become more popular with the computer illiterate, or people who are more into fads (I'm a Mac) than they are with functionality, but eventually people will start exploiting Mac flaws as well.

Macs are 95% idiot proof. They are designed around the fact that hardly anyone needs admin rights to the computer and protect it well...preventing 90-95% of harmful programs.

Windows on the other hand gives anyone and anything full admin rights to the computer...which is why its in such a sad state. They tried fixing/redesigning it in Vista and the developers are too used to easy/bad programming from previous versions. Now all you get it some stupid annoying allow/deny box every time you want to do something.

[Karne]

Malwarebytes is a really good program as Diggles suggested. I used it to clean off the GF's machine. It did a great job removing all 51 infections it found from kids doing whatever kids do on it.

[Diggles]

I havent seen anything in the past 3 years that Malwarebytes hasnt been able to fix for me. Occasionally I'll need to take a hard drive out and hook it up to a surrogate lab machine of my to run the scan for it, because it was badly infected.
I dont know if this is progress Microsoft is making on security or if all the malware developers have already moved to mobile devices (android, iOS, etc) now.

Most 'spyware' or 'virus' I remove now are grayware addons for IE/Firefox/Chrome that the users is mainly responsible for adding.

[Sebrent]

It's several things:

• Malware is mostly for profit nowadays, so they target what can get them cash
  
• Operating System security has much improved over the past decade ... the easiest thing to attack is the user so that's what most attackers do ... 0.1% of 1 million is still very successful.
  
• Malware is wanting to be stealthier now since it's more about the money and less about ego.

A/V can't really compete with a good malware author. The ways it works without hindering a machine's functionality simply do not allow the A/V to win. If you are actually interested in this, hit me up and I can get you some reference material.

Thankfully, the good malware authors would rather hack a large corporation than you and your grandma.

[Diggles]

Ratings of Security Software: thought you might be interested in this report./......

Free Anti-Malware Programs:

1. Avast free antivirus
BOTH #1 & #2 are Recommended (high-performing)
2. Avira
3. AVG AntiVirus Free 2013
4. Microsoft Security Essentials

PAY Security Suites
#1 thru 5 are all Recommended:

1. G Data Internet Security 2013
2. ESET Smart Security 6
3. F-Secure Internet Security 2013
4. Kaspersky Internet Security 2013
5. Avira Internet Security 2013
6. Avast Internet Security 7
7. Bitdefender Internet Security 2013
8. Trend Micro Titanium Internet Security 2013
9. BullGuard Internet Sec. 2013
10. McAfee I/N Sec. 2013
11. AVG I/N Sec. 2013
12. Norton I/N Sec. 2013
13. Zone Alarm I/N Sec. Suite 2013
14. Panda I/N Sec. 2013

=====================================

I've started recommending Avast free to my clients that do not have kids or have a history of infections and it seems to be doing a very good job. I typically also install Malware Bytes on their machines so they I can walk them thru how to do a scan with that if anything suspicious is going on.

In my experience AVG hasnt been useful in about 5 years and it just slows down computers to a crawl.

I have no experience with the top 2 rated paid subscription ones but Kaspersky was my recommended product...but I've even plenty of instances where it doesnt fully protect people and I have to do some cleanup after it. Certainly better than Norton by a good margin and McAfee is just a joke.

[Zirak]

I used to be a big Norton fan and used their paid service for years. Then one day I decided to try out Avast on the recommendation of a friend rather than renew my Norton subscription. Avast identified a virus on my machine that Norton had missed. That was probably about 12 years ago and I've been a big fan of Avast ever since.