Antivirus software

[Schuey]

What's the point of purchasing new Antivirus software as opposed to just updating the definitions on your old one and just using that. For example, what advantage could there be to purchasing Norton '06 if you already have '02, like I do? The only difference that I see is that the newer software has a "nicer" UI, and that's it. As long as I format at least once a year or just purchase a new subscription on a yearly basis I would have the latest definitions.

Since I'm nearing the "reinstall XP" time of the year, I decided to try a couple new av programs to see what benefits they offered. Norton '06 is an absolute joke and I truly can't think of a good reason for someone to install this on their computer, even it were free. And the second program I tried was F-Secure AV, which I had heard good things about. Again, why does it even exist?! With Norton '02 my memory usage upon startup was ~178 megs. Norton '06 was ~225 megs and F-Secure ~235 megs. On top of that, the PC takes significantly longer to boot and there's a much larger hit on my CPU, confirmed by CPU scores in both 3DMark '03 and '05 that are down by ~5% as compared to the same system running Norton '02.

Honestly, the only difference I know of is that the newer the av software the more of a resource hog it is. Why does a four year old program using 8 megs of ram and virtually no cpu cycles accomplish the same thing as a "new and improved" program which requires five times the ram and cpu cycles? An other answer other than absurdly lazy programming?

 

[ninelven]

Well, viruses work in new ways over time, so it is important to have a program that can identify them before they are able to compromise your system.

I really can't stand Norton anymore. I use Avast Antivirus - it is free for personal use, updates automatically, is updated often, and is quite effective. The only antivirus software I would actually pay for, given the quality of Avast, is NOD32.

 

[Frank]

I agree with you, Schuey. I cannot see any reason why you would want to upgrade, either. Although I think Norton is pretty bad over all. There are much better free ones, like AVG (or Avast, as nineleven said). If you want to keep up, you could do much worse than choosing one of those. But there is probably no real need.

Just use FireFox or Opera for browsing, Thunderbird or Opera for e-mail, a hardware router as firewall (and turn off the Windows / Norton / whatever one), and you're as safe as you can be. You don't even need anti-spyware suff that way.

 

[Schuey]

Thanks for the suggestions on other AV software. I'll give Avast a try this week to see how I like it.

The truth of the matter is that common sense is your best defense against viruses. The only virus I ever got was seven or eight years ago. If you aren't visiting shady sites and you know where your emails are coming from you should 99.99% safe. I'm often tempted not install Norton at all after fresh install, but it's really not worth the (miniscule) risk because of it's small footprint.

Hardware firewall, XP's built-in software firewall, always keep Windows up to date, and running simple virus and spyware (ad-aware & spybot) checks every week to two seems to work just fine for me.

 

[Scott_Arm]

NOD32 is a very nice commercial virus scanner. I used to use TrendMicro PC-Cillin. I liked it a lot, actually. NOD32 supposedly uses fewer resources. Not sure if that is true.

 

[Guden Oden]

Just use FireFox or Opera for browsing, Thunderbird or Opera for e-mail, a hardware router as firewall (and turn off the Windows / Norton / whatever one), and you're as safe as you can be.

That's completely and utterly false. If you believe that, you WILL get hit by a virus, trojan or other such beastie, it's just a matter of time.

Nothing beats a good virus killer, particulary not "common sense".

 

[Scott_Arm]

That's completely and utterly false. If you believe that, you WILL get hit by a virus, trojan or other such beastie, it's just a matter of time.

Nothing beats a good virus killer, particulary not "common sense".

Yah, if you use a mail client and some kind of POP/IMAP mail service from your ISP or wherever, I wouldn't do without a virus scanner that automatically checks all your incoming and outgoing mail.

I use NOD32 because it automatically checks my POP mail through thunderbird, and it checks everything that comes in over HTTP protocol ports. It also checks any office documents I open. I leave the file system monitor off for performance reasons, but I think I should be safe as long as I scan everything I download manually before extracting/opening/whatever.

 

[Schuey]

That's completely and utterly false. If you believe that, you WILL get hit by a virus, trojan or other such beastie, it's just a matter of time.

Nothing beats a good virus killer, particulary not "common sense".

I've been receiving 20 - 30 work related emails every day for the past seven or eight years and only once have one of my PCs been infected. That was a long time ago and I learned my lesson and not one since. I've received many attachments which were obvious viruses and just used "common sense" and didn't open them. Would my virus scanner have caught them if I hadn't, probably. But my point is that your brain should be your first line of defense and your AV software the last. Now, if you just double click to your heart's content and download a lot of cracks and the sort, no doubt you better have all the protection you can get.

I've fixed somewhere in between of 100 to 150 PCs in the past few years that were rotting with viruses and nearly all those PCs had AV software. And me nothing. Either I'm just the luckiest PC user in the world or a little common sense does go a long way.

 

[Scott_Arm]

I've been receiving 20 - 30 work related emails every day for the past seven or eight years and only once have one of my PCs been infected. That was a long time ago and I learned my lesson and not one since. I've received many attachments which were obvious viruses and just used "common sense" and didn't open them. Would my virus scanner have caught them if I hadn't, probably. But my point is that your brain should be your first line of defense and your AV software the last. Now, if you just double click to your heart's content and download a lot of cracks and the sort, no doubt you better have all the protection you can get.

I've fixed somewhere in between of 100 to 150 PCs in the past few years that were rotting with viruses and nearly all those PCs had AV software. And me nothing. Either I'm just the luckiest PC user in the world or a little common sense does go a long way.

How do you know your computer doesn't have viruses if you don't use a virus scanner?

I definitely agree that common sense is the first line of defense. I never open attachments unless I'm expecting to receive something from a friend or family. But in that case, I still check if for viruses, because I don't know what they've been doing. During my final project at school, me and my group were transfering files on a daily basis. Common sense won't always cover your ass in these situations. If you don't have one, you're rolling the dice. The problem with a lot of people is they have virus scanners but they don't keep the definitions up to date, and they don't use any kind of active scanning to check their mail as its coming in and such. They just scan once a month, or less, which isn't all that useful.

 

[Schuey]

How do you know your computer doesn't have viruses if you don't use a virus scanner?

I definitely agree that common sense is the first line of defense. I never open attachments unless I'm expecting to receive something from a friend or family. But in that case, I still check if for viruses, because I don't know what they've been doing. During my final project at school, me and my group were transfering files on a daily basis. Common sense won't always cover your ass in these situations. If you don't have one, you're rolling the dice. The problem with a lot of people is they have virus scanners but they don't keep the definitions up to date, and they don't use any kind of active scanning to check their mail as its coming in and such. They just scan once a month, or less, which isn't all that useful.

I think you may have misinterpreted something I wrote because I do use a virus scanner - Norton '02. (Perhaps when I said,"And me nothing". I was referring to never getting viruses, not the AV software)

I started this thread to ask around and see if there was a reason to use a newer AV program. Thinking that perhaps they scan or protect the PC in a different manner as opposed to my old Norton. I hear so many people ripping Norton that I thought I'd give something else a chance to see the difference. To my surprise, everything I've tried has turned out to be a system hog by comparison. Norton '02 scans my emails and supposingly protects me while surfing as well, which from what I've heard here is enough. I scan every week or two using Norton and use online scanners from different companies every now and then when I feel paranoid.

I hear so many people crying about viruses and after sending and receiving literally tens of thousands of emails over the past half decade+ I haven't had one. Like I said in my first post, it's not worth the risk not to install my AV software because of it's small footprint, but if I had to use one of the latest superbloats I might do without. I suppose this Norton will do just fine until Vista rolls along so finding a new and lean virus scanner shouldn't be a problem for me for at least another year or so. Can't complain about getting 5+ years out of a $40 investment in 2001!

 

[wireframe]

Some reasons to update your AV utility:

1. Compatibility - Fairly obvious, but these programs do expire. The switch to 64-bit Windows should prove to be good example, though there are more subtle incompatibilities that seem to arise when you least expected to buy a new version of Norton. (designed for obsolescence)

2. New features - Again, quite obvious. Newer version of the core application may offer completely new protection schemes. An example of this might be in-flight script analysis and blocking.

3. Heuristics - This could be a biggie. Most AV scanning is a matching game. The scanner has a library of known threats and compares segments of files or memory to these fingerprints. However, most scanners today are quite smart and can detect a possible virus before it has a matching entry in the database by analysing certain behaviors. These capabilities are tied to the engine itself and not a strict database (perhaps it's best to think of it as a dynamic custom database with a two-way communication with the central (the AV manufacturer))

I think it's fair to say that a good virus scanner should allow you to grow threat prevention and elimination capability without buying into a whole new set of features that you may not want. Symantec, with its Norton AV line, seems to be particularly fond of making sure that their programs will not meet certain future requirements so they can sell you a new one. They also have a tendency to make somewhat sluggish applications that seem to target Joe Clueless, placing more importance on a cute illustrative graphic than the actual tasks that need doing (can you tell I don't like them very much and am venting in a most exaggerated and hostile way?).

I am currently evaluating NOD32 and I find it quite good with some annoyances. It is very "techy" in that it is slim and fast. It analyses everything in real-time, but you won't even notice (I guess you might if you are running a very old machine). However, it does suffer from a poor interface in critical scenarios. Partcularly, when a virus is intercepted it doesn't give you a clear way of saying "Ignore it, I'll take my chances". In fact, it doesn't really give you a felling of control once such a situation is encountered at all. On one side you get the "Gotcha, ya nasty bugger!" feeling and then you are immediately confronted with a feeling of "now what? what happened? Is it really gone? Can I undo?"

Anyways, this is not supposed to be a review of AV programs. I used to use Symantec all the time up until 2002-3, then I dumped it completely and stuck with Housecall from Trendmicro (the makers of PC-Cillin). This is quite a bad thing to do, but I really don't expose the machine much. But....I decided to have a look at NOD 32 and it's quite nice. There is a 30 or 60 day demo and I highly recommend giving it a go (eset). I have a few days left and I think I'll end up buying it just because it is so unobtrusive and hasn't caused any weirdness... like Norton used to do!!!! (there...one last blast at the doctor...heh )

 

[Scott_Arm]

I think you may have misinterpreted something I wrote because I do use a virus scanner - Norton '02. (Perhaps when I said,"And me nothing". I was referring to never getting viruses, not the AV software)

I started this thread to ask around and see if there was a reason to use a newer AV program. Thinking that perhaps they scan or protect the PC in a different manner as opposed to my old Norton. I hear so many people ripping Norton that I thought I'd give something else a chance to see the difference. To my surprise, everything I've tried has turned out to be a system hog by comparison. Norton '02 scans my emails and supposingly protects me while surfing as well, which from what I've heard here is enough. I scan every week or two using Norton and use online scanners from different companies every now and then when I feel paranoid.

I hear so many people crying about viruses and after sending and receiving literally tens of thousands of emails over the past half decade+ I haven't had one. Like I said in my first post, it's not worth the risk not to install my AV software because of it's small footprint, but if I had to use one of the latest superbloats I might do without. I suppose this Norton will do just fine until Vista rolls along so finding a new and lean virus scanner shouldn't be a problem for me for at least another year or so. Can't complain about getting 5+ years out of a $40 investment in 2001!

I think the biggest thing would be improved is the heuristics. The scanning engine, in general, improves over time, supposedly. A newer scanner would supposedly be better at catching unidentified viruses.

Wireframe made a lot of good points.

 

[nate240]

I've tried many differenet AV programs over the years, and have found NOD32 to work the best for me. Norton seemed pretty ineffective, viruses would always find a way thru, and it made my system sluggish. I tried Kapersky AV, and while it seemed to do alright with detection, it also slowed down my system. The corperate versions of symantec and mcafee tend to be faster, but it's hard to tell if they are really doing much . The only one thats been worth (and got) my money is NOD32, it's fast, and so far nothings gotten past it.

 

[Graham]

The only antivirus software I would actually pay for, given the quality of Avast, is NOD32.

I'm currently on my second 3 year license of NOD32. I can recommend it with absolutly no hesitation whatsoever. Absolute beast of a virus scanner in every way.

Possibly it's best feature is the way it scans all internet traffic before it gets to the application. So if a virus is lurking on a website the browser simply thinks the file doesn't exist on the server. I havn't seen another scanner that does this quite as well as NOD (or at all)

I've fixed somewhere in between of 100 to 150 PCs in the past few years that were rotting with viruses and nearly all those PCs had AV software

I would hesitate to guess the vast majority were running mcaffee antivirus?

I've delt to various dell PCs with mcaffee... in most cases, the AV simply wasn't running because it had to be updated before it would actually start activly scanning. And even though it was registered, you had to manually update it and jump through about 10 reboots before it would actually start running. Not to mention the fact it ran as an ActiveX component in an internet explorer control... Or that it required 'low' security in the internet zone (not intranet zone or trusted zone, internet zone!) or the fact it used unsigned scripts and components... or the....... *sigh*. On one machine it took 6 hours to scan a 40gb hdd. That machine had around 300 infections, and around ~150 different spyware programs. The spyware even went as far as to pop up windows saying mcafees trial period was up 'click here to get another year, $60'. Nearly fooled me actaully, thing that tipped me off was you couldn't right click.

 

[hoom]

I have been using Avast recently:
1) Its the only AV I could find that works with XP64
2) Its free for home use
3) I'd been stuck on an expired Norton2k3 for too long

 

[Schuey]

Thanks for the different suggestions. I've installed several different ones over the long weekend and liked Avast the best. I was a bit disappointed that all took a lot more system resources than I wanted, but there are no other options. Anyways, I only installed it on my primary PC - the one I use for downloads, email, surfing, and basically anything which isn't gaming. My gaming PC is running lean, no AV software. It's obviously got the XP firewall and a hardware one as well. So unless a Trojan or virus is released thru Steam, I should be fine.

 

[Lollan]

I have been using Avast recently:
1) Its the only AV I could find that works with XP64
2) Its free for home use
3) I'd been stuck on an expired Norton2k3 for too long

Nod32 was the first antivirus to offer 64 bit support

Nod32 and a bit of Antivir (just to make sure) are my routine scanners on customer's PCs.

 

[Rodéric]

Thanks for the different suggestions. I've installed several different ones over the long weekend and liked Avast the best. I was a bit disappointed that all took a lot more system resources than I wanted, but there are no other options. Anyways, I only installed it on my primary PC - the one I use for downloads, email, surfing, and basically anything which isn't gaming. My gaming PC is running lean, no AV software. It's obviously got the XP firewall and a hardware one as well. So unless a Trojan or virus is released thru Steam, I should be fine.

You can disable any service you don't need...
That should reduce its resources usage.

 

[Schuey]

You can disable any service you don't need...
That should reduce its resources usage.

Disabling services makes little difference in memory usage. ~210 megs upon bootup and ~200 after disabling services. Yet if I go into the task manager and end the appropiate processes the memory usage goes down to ~160 megs. Perhaps the program should shift over to virtual memory when you disable the services instead........a small gripe considering that killing them in the tm works just fine with no ill effects.