# An Anti-Virus Dillema?



## LarryFlowers (Sep 22, 2006)

At a time when our computers are under assault in new and ever more surreptitious ways, I find myself faced with the dillema of choosing anti-virus software.

As a IT consultant, I see the damage potential on an almost daily basis and frankly, most of the problems are caused these days by the lack of common sense by the user of the computer.

Right now, my primary personal PC, which I recently rebuilt with clean install of Vista Business Enterprise SP1, is running Windows Live One Care. One care was a choice I made because of the 90 day breathing period before I have to pay for it, not because it was my particular favorite.

For a number of years now I have been a proponent of Trend Micro Internet Security products, but their latest edition seems to have a problem that keeps cropping up and has become very annoying. They have an "anti-spam" program that runs in Outlook with a toolbar and for some currently unknown reason it can malfunction in a way that causes Outlook to inform you every time you open the program that the data file was not properly closed last time and is being checked for problems. I contact the normally extremely helpful Trend Micro support staff and they had several suggestions, all of which failed to resolve the problem. They then suggested I uninstall the program and reinstall it. I consider this to be a unacceptable solution to a problem unless it is an isolated one, which unfortunately in this case, it is not. I now have 9 client PC's with the same problem. I have informed Trend Micro of the problem and the normally responsive support team has been unusually silent.

Symantec/Norton used to be one of the best software companies out there, until 2 things happened. First, Norton started causing a real performance hit on PC's they ran on... frankly the overhead to run a Norton product got way too high. When I first switched from Norton to Trend Micro, Trend was using 60% LESS system resources than Norton. Second, Norton supports answer to everything was becoming "uninstall and reinstall" the program.

There are all kinds of other brands out there and I have had experience of one kind or another with most of them. McAfee, Kapersky, Zone Alarm and AVG all have pluses and minuses and frankly in most cases the minuses outweigh the pluses.

I am reminded of a article written by Microsoft's Jim Allchin back in 2006 when Vista RTM was released. In the article he stated that his children's computer was running Windows Vista _without anti-virus software and with UAC set to "user" for his kid's accounts._

This claim has been largely ignored and overshadowed by all the other misinformation about Vista and the seeming unwillingness of the popular press to say anything positive about Vista.

The claim as it turns out is true.

Extremtech even ran tests to see if it was true. They loaded a computer with infected emails and opened the attachments and not a single one got past UAC.

While this is wonderful news, it has a downside to it. First, there are those who consider UAC a nuisance and disable it or make everyone on the PC an administrator. Secondly, there is a danger, that I find even myself who should certainly know better, of falling in to the trap of not reading the information that accompanies the UAC message and just clicking through it.

This brings me back to what I said at first, the problems are caused by PC users themselves. The common causes of infected PC's are straightforward:
1. Failure to keep the Windows Operating System patched, the second Tueday of every month is the day Microsoft releases security patches.
2. Opening attachments on emails. Don't do it. Unless you are expecting the email and the attachement and even then you should call the sender to verify it. Important Note... your financial institution will never ever ask you to fill in data thru an online connection in an email and they will never ever place an attachment in an email. ALLWAYS call your bank if you have a question.
3. Downloading "free" anything... remember that anything free is worth what you pay for it. Know the source of your downloads. Downloading from Microsoft or Adobe is one thing.. downloading things thru BitTorrent has enormous risks.
4. Never let anyone connect a USB drive, thumb drive, or place a cd or floppy disc in your PC, or if you do make sure that it is scanned by anti-virus software before you access the contents.
5. if you have kids and run Vista, never give them admin rights or diable UAC. It may be annoying sometimes but it is infinitely safer.

So what do I do, I have several alternatives:

1. I could take my test bed PC, do a clean vista install and test each anti virus program for a month and look for the program that does the best job. It would take the best part of half a year to do it and unfortunately, the versions of the software would probably change in that time. 
2. I could try to rely on "reviewer" results of anti virus tests, but so far I haven't found any of the popular reviewing sites that can agree on the best program.
3. I could just skip it. Run Vista as I do now with UAC enabled and pay careful attention to any warnings that pop up and simply follow my own rules that I give others.

Choice 3 may be the best for me, but what do I tell clients about anti virus software? I am expected to guide them in these choices and employees can't be trusted to obey the rules so protection is necessary. I could go forward with Trend Micro and disable the anti spam feature, but I don't like that solution, I paid for it, it should work.

So if any of you have experience with a particular product, and particularly in Vista environments as my clients are about 98% converted, let me know about them.


----------



## woj027 (Sep 3, 2007)

Oh jeeze, I was hoping you were going to tell me which Anti-Virus program to purchase. I just reinstalled Win XP all the service packs and updates. I've got 30 days free of Norton, but when I had it before it ate up all my resources.

Do I just drop $40 at Costco and get Mcaffe?


----------



## LarryFlowers (Sep 22, 2006)

woj027 said:


> Oh jeeze, I was hoping you were going to tell me which Anti-Virus program to purchase. I just reinstalled Win XP all the service packs and updates. I've got 30 days free of Norton, but when I had it before it ate up all my resources.
> 
> Do I just drop $40 at Costco and get Mcaffe?


I feel your Pain... really really feel your pain...


----------



## woj027 (Sep 3, 2007)

Can you disable the Trend Micro anti spam function? would that make that issue go away? 

Outlook 2003 Student Edition has a Junk Mail box funciton that works pretty good for me so far. would that be adequate?

I was actually at Costco the other day looking at both McAfee and Norton and decided not to buy either becaue I remembered that Trend Micro had great reviews.


----------



## phat78boy (Sep 12, 2007)

I understand where you coming from. I myself run a corporate edition of Symantec as I find it is much less of a resource hog then the commercial edition. Its also not as intrusive or annoying with pop ups and toolbars. Unfortunately, thats not an option for everyone.

When it comes to AV software, I'm a less is more person for the most part. I myself would recommend the free AVG software with UAC turned on. At the same time I would also recommend you get a good free spyware program, ex. ad-ware, and run it manually once a month.


----------



## Sirshagg (Dec 30, 2006)

I dumped the resourse hogs Symantec/Norton and Mcafee years ago. I've never tried Trend and I probably never will. In general I don't like these huge "suites" these big companies have have moved towards. We currently use ESET which i have been very happy with.


----------



## MIAMI1683 (Jul 11, 2007)

Ok so after I tried 4 different versions. I bought a new laptop. I went with One care. I like it and find it to not be so "clumsey". I also like the "tune-ups" that run in the background. It will run and tell me that I am not usuing specific startup programs. Then it asks if I want to turn it off. I guess I just like the way it runs


----------



## Grentz (Jan 10, 2007)

There is no universal answer, that is the problem. Some detect some viruses better than others and none are perfect. These days I recommend Avast! and Avira to people, both do a very good job and are light on resources. Mcafee, Norton, etc. are all such pigs.

The best Antivirus suites are corporate solutions that cost thousands and are not for home/small business users. Trend Officescan Corp is amazing, but it costs around $6000 

Most cases are user error anyway, people need to learn what to trust and what not to. I have had almost no spyware or viruses in years of being on computers 24/7 just because I am careful and knowledgeable in what to be weary of. Not everyone can do so, but there is some common sense that needs to be applied.

I feel your pain as well, I am a Small Business Computer/Network consultant and am plenty sick of Spyware/Adware and Viruses...gets very tiring after awhile of cleaning the same machines over and over. The best thing you can do is inform and lock down the machines as much as the client will allow. Trend Officescan Small Business is not bad if you have a client on a domain.


----------



## harsh (Jun 15, 2003)

I run the Trend Micro Client Server Suite at work because users are lusers.

We subscribe to Postini mail filtering which catches most of the e-mail borne malware.

My work machine is barefoot W2K box because I'm not an idiot, I don't have anything irreplaceable on my machine and I can build it from scratch in less than an hour.

I run a Linux-based firewall, web and e-mail server as I don't trust anything Microsoft directly accessible to the Internet. Our community storage setup is a Linux-based NAS. Finally, to put the hurt on worms, I don't have any Windows domains set up.

The key is what kinds of applications you allow your lusers to run. Most of the lusers here run Windows 98SE which seems to be pretty safe. We use Eudora or Thunderbird for e-mail which slams the door on most of the malware entry points. I have IE5.5 installed on most of the machines that can get away with it because it is less of a vermin magnet than IE6. The handful of XP users all run IE6 because it is required by many of our most important applications and IE7 is just plain goofy with its new drag and drop FTP malfeasance.

With our mail filtering, I'm considering going to more of a anti-spyware anti-trojan approach and concentrating on protecting the browsers as effectively the only entry point. If I do any Windows domains for future software applications, I may have to re-evaluate.


----------



## harsh (Jun 15, 2003)

MIAMI1683 said:


> Ok so after I tried 4 different versions. I bought a new laptop. I went with One care. I like it and find it to not be so "clumsey". I also like the "tune-ups" that run in the background. It will run and tell me that I am not usuing specific startup programs. Then it asks if I want to turn it off. I guess I just like the way it runs


There's something distinctly wrong about a company that offers a product devoted to watching out for another one of their products.


----------



## Hansen (Jan 1, 2006)

I went through similar pains about 4 months ago in deciding what anti-virus/anti-malware to use on my systems. After testing a few different ones and reading bunches of test results, product info, and perusing the user forums for the different products out there, two AV/AM products rose to the top: Avast! and Avira Antivir. Both are excellent products and rated at the top in the independent tests. You do not hear much about them since they are European companies and not carried by "retail stores" and don't do marketing hype but they are the real deal when it comes to achieving extremely high detection rates (on the order of 98/99%) and having minimal footprint on resources. While both offer extremely good free versions, the paid-for versions have some very good and worthy extras. Also both Avast and Avira's product work on either 32 bit or 64 bit platforms. I ultimately went with Avast! given I'm running a 64 bit system and Avast's rootkit detection worked on a 64 bit system whereas Avira, IRRC, does not yet do that. Plus, Avast sells a "Family Pack" for the professional version that contains 10 licenses as well as a license for their anti-virus software for running on your Windows Home Server. Nice deal for about 80 dollars.

Avast Professional (paid version) has a free 60 day license to try out the full fledged program before buying. Then you get a 14 month license once you purchase...effectively making your first license about 16 months (using the 2 free month trial). http://www.avast.com/

Avira's paid-for version has a 30 day free license for the full version. http://www.avira.com/en/pages/index.php


----------



## barryb (Aug 27, 2007)

My biggest issue with anti-virus software is that most of them are what I call "bloatware", or simply put: software that slows down my system(s).

I have been more than happy over the past two years with using AVG products. Not the free version, but the paid for corporate version at work. At home I still use the free version and it seems to do the job just fine.


----------



## HIPAR (May 15, 2005)

Since you are an IT consultant I fully realize you won't want to go against conventional wisdom and say forget all of this anti-virus software stuff. But, when operating your own machines, why not just rely on your common sense, knowledge of how things work and your general intuition ?

I don't run any anti-virus here but that doesn't mean I'm oblivious to the threat. I hide behind a firewalled router to discourage 'drive by installs'. I refuse to have anything to do with ActiveX on the Net unless I trust the the website and I don't trust many; no 'coolbars'. I immediately close the FireFox browser when I get one of those 'You have a corrupted computer' pop-ups. Once a month I run free Ad-Aware.

I frequently check what's running using the Task Manager and look immediately into problems like shutdown hangs. I make a full backup of my system with Lenovo Rescue and Recovery whenever there are major configuration changes. 
Maybe something like a rootkit is getting by me but the last time I had a malware problem in years was when I purposely installed software that I knew in advance contained a virus. I removed that virus manually. 

I use the system's resources for essential overhead and applications.


----------



## Cholly (Mar 22, 2004)

PC Magazine now recommends Norton Internet Security 2009 as the best suite. It is much faster than in the past, the UI is improved greatly, and isn't the resource hog it used to be. I have it and it's worlds better than prior version. I'vee tried System Mechanic, Trend Micro and McAfee in the past and Norton 2009 gets my vote.


----------



## rudeney (May 28, 2007)

I use Norton Internet Security 2008 and it works fine. I have not noticed it being a terrible resource hog, and supposedly it has been improved as of late.

In addition to that, I strongly recommend using opendns.org as the dns server. It has an adware site blocker that can help keep things clean. It actually prevents many pop-ups and annoying ads by restricting access to the URL’s.


----------



## Grentz (Jan 10, 2007)

HIPAR said:


> Since you are an IT consultant I fully realize you won't want to go against conventional wisdom and say forget all of this anti-virus software stuff. But, when operating your own machines, why not just rely on your common sense, knowledge of how things work and your general intuition ?
> 
> I don't run any anti-virus here but that doesn't mean I'm oblivious to the threat. I hide behind a firewalled router to discourage 'drive by installs'. I refuse to have anything to do with ActiveX on the Net unless I trust the the website and I don't trust many; no 'coolbars'. I immediately close the FireFox browser when I get one of those 'You have a corrupted computer' pop-ups. Once a month I run free Ad-Aware.
> 
> ...


There are a few reasons this is bad. First, there are threats that you might come across even though you never have had a problem in the past. This has happened to me once or twice in many many years, but I need to have some protection in that very unlikely 1% instance. You cannot always tell or prevent something that is sent to you in a legit looking email, website, etc.

Also, if you do get infected and do not know (it is very possible) you could very well be someone spreading a virus to many other people. Many viruses are meant not to effect the the users machine it is on, but use it as a platform to deliver viruses to others.


----------



## LarryFlowers (Sep 22, 2006)

woj027 said:


> Can you disable the Trend Micro anti spam function? would that make that issue go away?


Yes, you can disable it and the problem goes away, but it shouldn't be necessary.



Sirshagg said:


> I dumped the resourse hogs Symantec/Norton and Mcafee years ago. I've never tried Trend and I probably never will. In general I don't like these huge "suites" these big companies have have moved towards. We currently use ESET which i have been very happy with.


I have added ESET to my list of programs to check out. Thanks.



Hansen said:


> two AV/AM products rose to the top: Avast! and Avira Antivir. Both are excellent products and rated at the top in the independent tests.


I have also added this to my list of programs to check out. Thank you.



HIPAR said:


> Since you are an IT consultant I fully realize you won't want to go against conventional wisdom and say forget all of this anti-virus software stuff. But, when operating your own machines, why not just rely on your common sense, knowledge of how things work and your general intuition ?


Believe me I am giving this serious consideration but Grentz below has an interesting point...



Grentz said:


> There are a few reasons this is bad. First, there are threats that you might come across even though you never have had a problem in the past. This has happened to me once or twice in many many years, but I need to have some protection in that very unlikely 1% instance. You cannot always tell or prevent something that is sent to you in a legit looking email, website, etc.
> 
> Also, if you do get infected and do not know (it is very possible) you could very well be someone spreading a virus to many other people. Many viruses are meant not to effect the the users machine it is on, but use it as a platform to deliver viruses to others.


Thanks to everyone who has commented thus far, you have given me interesting areas to pursue and think about. I will continue to stay current in this thread and update as my journey continues.


----------



## JcT21 (Nov 30, 2004)

i use ESET NOD32 antivirus on all my computers. it comes with a 30 day trial and then it costs $39.99. not free, but it has an extremely small footprint. its fast and you hardly even know its running. ive tried etrust, mcafee, norton, avg-free, avast!, antivir, and i was blown away with how "lite" ESET is on performance. i dont think id ever go back to the other av products now. i also run vista business on my main pc. no problems.


----------



## spartanstew (Nov 16, 2005)

I've been using Kaspersky for a couple of years and have been happy with it. Fry's usually has deals every other month where it's free after rebates. My key expired last week, so I installed the free version of AVG to tied me over until the next Fry's FAR deal.


----------



## Pinion413 (Oct 21, 2007)

Avast! has served me right for a few years now. It's worked so well that I am seriously considering paying for it. Even still, the free version is a very solid (and did I mention free?) anti-virus program. :grin:


----------



## prospect60 (Aug 26, 2006)

I have had Norton Internet Suite on the kids computer (now teens) for years as much for theire Parental Control as anything else. For the most part it hasn't slowed things down too much. 2006 or 2007 was probably the worst then 2008 improved significantly though the bootup time was still definitely slow. The 2009 version is significantly faster and seems far lighter at the Pig Trough. I have never had a virus or trojan hit that computer. I have had a very good experience with the new 09 AV from Symantec as well. That doesn't solve the Tech Support side though.

My wife's 4yo laptop used to have Norton, but I eventually moved it to AVG Free a couple years ago since her use is far more tame overall and Norton seemed much heavier on her machine than the desktop.

My main computer I've used ESET with excellent results. I used a Free after rebate version of Kaspersky a couple years ago and had one minor virus that made it through and overall seemed to take much longer to scan. I just didn't like the feel of either Avira or Avast. McAfee I've had nothing but problems and Ive had to decontaminate 2 friends computers who used that as their main AV though I suspect most software would have had problems with some of the dumb stuff they did.


----------



## curt8403 (Dec 27, 2007)

Pinion413 said:


> Avast! has served me right for a few years now. It's worked so well that I am seriously considering paying for it. Even still, the free version is a very solid (and did I mention free?) anti-virus program. :grin:


+1 on that


----------



## CorpITGuy (Apr 12, 2007)

AVG rocks my world.

We've spent well over $100,000 on AV software in the last few years. It still misses stuff AVG catches.


----------



## Cmnore (Sep 22, 2008)

Hansen said:


> I went through similar pains about 4 months ago in deciding what anti-virus/anti-malware to use on my systems. After testing a few different ones and reading bunches of test results, product info, and perusing the user forums for the different products out there, two AV/AM products rose to the top: Avast! and Avira Antivir. Both are excellent products and rated at the top in the independent tests. You do not hear much about them since they are European companies and not carried by "retail stores" and don't do marketing hype but they are the real deal when it comes to achieving extremely high detection rates (on the order of 98/99%) and having minimal footprint on resources. While both offer extremely good free versions, the paid-for versions have some very good and worthy extras. Also both Avast and Avira's product work on either 32 bit or 64 bit platforms. I ultimately went with Avast! given I'm running a 64 bit system and Avast's rootkit detection worked on a 64 bit system whereas Avira, IRRC, does not yet do that. Plus, Avast sells a "Family Pack" for the professional version that contains 10 licenses as well as a license for their anti-virus software for running on your Windows Home Server. Nice deal for about 80 dollars.
> 
> Avast Professional (paid version) has a free 60 day license to try out the full fledged program before buying. Then you get a 14 month license once you purchase...effectively making your first license about 16 months (using the 2 free month trial). http://www.avast.com/
> 
> Avira's paid-for version has a 30 day free license for the full version. http://www.avira.com/en/pages/index.php


Another Norton-to-Avast! convert here. I used to run Norton until I decided to build myself a machine that was X64 windows XP based. Norton's only solution there was the Enterprise version(even though X64 will run 32 bit programs as well;Norton decided it wanted my money more than my loyalty). I searched the net and found 'free' AV and firewall programs - Avast! and Ghostwall. Neither program has much impact on performance at all. I also use Spybot S&D as my spyware killer. It even has an active IE resident that warns you about almost EVERYthing that is even remotely shady looking in the background(yes it is defeatable). My scans run clean and have now for 2 years.


----------



## LarryFlowers (Sep 22, 2006)

Thanks to input here I am setting up 2 PC's, one with Avast and one with ESET and I will run them thru the end of the year and then make a decision.I will begin my test on Nov1 st and see what happens.

I truly appreciate the great input and response you all have given me.


----------



## Cmnore (Sep 22, 2008)

Keep us posted!


----------



## capegator (Sep 14, 2007)

I'm running Trend Micro Pro on 4 family machines now. Pretty good program but does have conflicts with Spybot and Ad-Aware. I just completed a new build for our main family PC (Vista 64 SP1). The Avast! Family Pack looks like it might work for us, so I'll give it a try. But please guys, no one has ever played with a Torrent or experienced something for free? I'll just remind you of a couple quotes from 2 of my favorite 80's movies....

"Life moves pretty fast. If you don't stop and look around once in a while, you could miss it."

Sometimes you just have to say...WTF!


----------



## Cmnore (Sep 22, 2008)

capegator said:


> But please guys, no one has ever played with a Torrent or experienced something for free? I/QUOTE]
> 
> Whaaaaaa...who, meeeeeee? Whyy...that would be unCONSCIONable!


----------



## wilbur_the_goose (Aug 16, 2006)

I'm an information security officer.

I've found for home use, ESET is great. But I'm currently running Microsoft OneCare. They were the first to have a definition for MS08-067.


----------



## HIPAR (May 15, 2005)

Here's an review from PC Magazine that grants Editors Choice to Webroot Antivirus with AntiSpyware 6.0:

http://www.pcmag.com/article2/0,2817,2333287,00.asp

Another PC Magazine review of about a 'zillion'  security suites:

http://www.pcmag.com/article2/0,2817,2333448,00.asp

--- CHAS


----------



## Sirshagg (Dec 30, 2006)

wilbur_the_goose said:


> I'm an information security officer.
> 
> I've found for home use, ESET is great. But I'm currently running Microsoft OneCare. They were the first to have a definition for MS08-067.


...a little inside information perhaps.


----------



## wxx (Oct 8, 2008)

Symantec Corporate Edition client is much easier on the resources than retail Norton you buy in the store.

I have this and Eset and the latter has never caught anything the former didn't and misses most the SCE gets,

Eset interface is also confusing.

VirusTotal is very handy to do a mass scan for free on uploaded suspected file.


----------



## Ken S (Feb 13, 2007)

JcT21 said:


> i use ESET NOD32 antivirus on all my computers. it comes with a 30 day trial and then it costs $39.99. not free, but it has an extremely small footprint. its fast and you hardly even know its running. ive tried etrust, mcafee, norton, avg-free, avast!, antivir, and i was blown away with how "lite" ESET is on performance. i dont think id ever go back to the other av products now. i also run vista business on my main pc. no problems.


We moved to ESet's products a few years back. They have been rock solid in virus/spyware detection. Very light on resources as well.


----------



## deltafowler (Aug 28, 2007)

Avast!
Firefox w/adblock plus
Open DNS

A user can still shoot themselves in the foot, but they have to take careful aim.


----------



## Sirshagg (Dec 30, 2006)

Ken S said:


> We moved to ESet's products a few years back. They have been rock solid in virus/spyware detection. Very light on resources as well.


Exactly why we switched to it.


----------



## Git (Jul 12, 2008)

Symantec Endpoint Protection 11

Antivirus and firewall. One of the things I like about it is you can set it to shut down all traffic until the firewall is fully up and running after boot up. It also shuts down traffic after it stops during shutdown.


----------

