Avira>Avast

I use Arch.

And most importantly of all:

NEVER TRUST FUBAR

I hate to say it but Spybot and Ad-aware are no longer at the top of the chart. Although they are good and will complement your security with on demand scanning, and spybot's teatime real time protection, there are better choices out there. I personally use superantispyware and it works great. You can pay for a lifetime subscription which enables real-time proection that doesnt conflict with the real-time scanners of other products.

I also think that you should get a good firewall software, i use C.O.M.O.D.O, it can be a bit annoying in the beginning when you have to configure it for our programs but once that's done it works like a charm. Online Armour is another firewall choice that is less intrusive and annoying with the popups but still works well.

If you download a lot of programs i also suggest you get Sandboxie. When programs are executed inside the sandbox they are completely isolated from the rest of your computer. Ive run the ecard trojan and killbox trojan inside the sandbox, scaned for malware and they were picked up. Once i cleared the sandbox and scanned again there were no traces. It creates a copy of your registry and makes all changes to that. The only downside is after you install a program and determine that it contains no malware you have to install it again outside of the sandbox.

>>3521
you can easily code something to not let the infected part of a program open if it detects a sandbox, and also they cant do shit against password stealers and the like.

>>3534
shit. Time to disconnect from my LAN and do an offline virus scan... Thank Zeus i dont buy shit online or check my email on the computer i download torrents on.

>>3536
lol as soon as you rejoin the lan scanners could find and exploit you again :3

>>3552
lol, no. My router stealth all ports.
Also when i download torrents, i only get from VIP or above from pirate bay, and even then i only download keygen and get program from official site. Then i run keygen sandboxed.

>>3510
NOD32 > Avast

>>3742
Nod32=costs money+ has shit definitions so you have to rely on the heuristic scanner. Ive used nod32 before and ive has trojans that it never picked up. when my subscription ended i decided to try a free anti virus for a while before i went back. avast found a crapload of stuff that nod couldnt pick up.

All of these programs seem to be for Windows only, how do I detect this on a BSD system?

>>3883
{k,c}lamAV

Look up ClamAV via the ports collection.
klamav is a KDE front-end for clamAV, also pretty easy to use.

Also, for a fairly heavy-duty firewall config app, check out guarddog.

Further, for Linux junkies, there's AppArmor.

(Yes, I could go on, but L2Google)

http://www.superantispyware.com/download.html
Another free antivirus for windows, super anti-spyware. The free version does not include real time scanning, but it has received some pretty good reviews as seen here:
http://www.snapfiles.com/opinions/Super-Anti-Spyware/Super-Anti-Spyware.html
http://www.download.com/SUPERAntiSpyware-Free-Edition/3000-8022_4-10523889.html

I have a question about the spyware/virus scanner I use, not a free utility, so it was not listed here. I am running the current version of Webroot Virus Scanner and Spysweeper, I have (of course before I posted) turned to google for reviews, and this was consistently rated within the top 3 products tested. Is it truely this good? Because when I do visit tech support forums on a search for information, I rarely hear it suggested, even as a paid utility, so I figured I would ask /india/ what they thought.

Nice post.

I may be seriously out of date but...

I just BitDefender (full version) and Ad Aware (free version).

OP here again, I just wanted to add a note regarding an odd trojan horse virus that I came across earlier. It's called Norton security scan, by symantec corporation. Yes, the Symantec.

Now this program will scan your computer, and will find viruses and things if you have them. But it won't fix them. You have to buy software from Symantec to remove it.

Here's the thing. You can go to add/remove programs and uninstall norton security scan, but when you restart your computer, it will reinstall itself WITHOUT YOUR PERMISSION. Every time.

Furthermore, it comes bundled with certain adobe software (Reader), Google pack, and of course, norton protection suite. You can get a removal tool from the symantec website, but I found a way to do it manually. You can go to Control panel > Scheduled Tasks and there will be a listing there for the norton security scan. If you follow the address, You'll be able to find it, and delete it. Then delete the listing in scheduled tasks, and install Spybot SD or CCleaner, and restart. Spybot SD or CCleaner will detect the broken registry entry, and remove it for you. As far as I can tell, this method gets rid of every trace of Norton Security Scan.

What about the free version of AVG? I've been using that for a while now and have had no problems with it.

I'm running OA with AVG free. I'm very happy with OA (even though comodo recently scored higher on the matousec leak tests http://www.matousec.com/projects/firewall-challenge/results.php). I know AVG is crap but Avast has issues with OA. Which free virus scanner would anon recommend to use with Online Armor ? Please respond only if you have a fully working combination.

Just a short list of links to valuable, helpful or otherwise interesting computer related stuff:

Notebook Review forums, a large Vbulletin forum with thousands of active members. If you have a question about your laptop, chances are it's been answered there somewhere.
http://forum.notebookreview.com/index.php

A specific thread on the same site, with a very good list of free software for windows, from DVD burning software to media players and antivirus tools.
http://forum.notebookreview.com/showthread.php?t=337890

A subforum of the same site with user-submitted in-depth articles and guides for everything laptop related.
http://forum.notebookreview.com/forumdisplay.php?f=1013

A vast collection of ebooks that relate in some way to computers. Programming, hacking, linux, hardware, software, networking and internet.
http://www.51cnnet.com/directory

A wiki on internet censorship, and many different ways of getting around it. Might come in useful for many Australians soon.
http://en.cship.org/wiki/Main_Page

With this site you can enter the url of a flash video site (ie youtube) and it will download the audio of the video for you. So if you want a quick way to download an MP3 of a song on YT, use this. It means you don't have to download or install any software.
http://www.flv2mp3.com/

Convert various filetypes to various other filetypes. Docx to doc, or AVI to MP4 for example.
http://www.zamzar.com/

So I'm currently using AVG Free, Spybot S&D, Ad-Aware Free, and ZoneAlarm Free. Are there any better FREE firewall/antivirus/antispyware/antimalware/antiadware/antibadware programs out there?

>>4984

Avira
Common sense
Windows vista/7 UAC

>>4984 Online Armor and Comodo both outrank ZoneAlarm on leak tests by a significant margin. They are both free.

I use OA with Avira and Spybot. It's pretty tight.

Here's some quick info on how to deal with suspicious email.

First of all, if you receive an email from a person you have never met or a site you have never accessed, always assume it's malicious until you've verified it's not. This includes email from official-sounding sources. The picture you see is an email that I got from someone claiming to be from the FBI; it is a fake.

Most major email providers will have ways of checking to make sure an email comes from who it says it comes from. In this case, there is no verification that the email does indeed come from the FBI, so it's a good idea to at least be careful.

There are a number of things in this email that give away that it's a fake. First of all, the reply address is a Gmail address; government agencies conduct business with their official addresses only. Also, there are mistakes with capitalization; official emails will almost never have grammatical errors, and certainly not as many as appear in this email.

The scammer indicates that the agent you must contact is in Nigeria. This should be a giveaway that it is a scam. If the scammer hadn't mentioned Nigeria, you can find out by the phone number. If you look at it, you will notice that it is longer than most. In this case, this is because it is preceded by a country calling code (the first three digits). In this case, the number is 234. Wikipedia has a list of country calling codes, and upon looking it up, the country calling code is from Nigeria. In general, if you have no business with Nigeria, delete any emails that so much as mention it; it's a hotspot for email scammers.

Another giveaway is that the email claims I've won a lottery. Lotteries are held for a reason; they make more money than they are forced to give out, because the chances of winning are infinitesimal. If you haven't entered the lottery in question yourself, assume that it's fake; I can almost guarantee it is.

Scammers always want one of two things: personal information or money. In this case, it's both; they are asking for $500 and your personal information. If the email requires you to give up money or personal information, that's good enough reason to raise your suspicion. Scammers can use personal information to steal your identity, so don't give it out until you've verified the email isn't a scam. Sometimes, the email will include threats in order to coerce you to give up these two things.

If you are genuinely unable to tell if an email is fraudulent, and you are concerned about the contents of the email, Google the group that claims to have emailed you and contact them through their site. In this instance, we'd go to the FBI's site at www.fbi.gov, look up the contact info for the local FBI office, and contact them about the email. DO NOT click any links in the email; links can be easily disguised to go to a malicious site dressed up to look official, and most of all, do not respond to the email until you've verified its sender.

Sup /tech/.

Well, I don't know how or where the fuck did i pick this trojan up. I suppose it might have been in one of the chans. It's called avpo.exe and in many forums they say it's a rootkit. How do i get rid of it?
BTW my Windows doesn't have any antivirus so I only noticed it after I had opened the Task Manager because my PC was getting slow and saw this process called avpo.exe which wasn't there before. I ended it and haven't seen it in later days.

There are some real idiots that will be using a computer I just built. For this matter, it needs serious protection. Anything that requires user confirmation or decisions (for example, AVG's "Trojan Detetcted!" warnings, or C.O.M.O.D.O. Firewall's Defense+ warnings) will undoubtedly be very bad for them (clicking allow every time). So, what are some good applications that are hidden from the user for Vista?

Antivirus:
AVG: I like it, but you guys rag on it a lot, and it's too user interactive.
Kaspersky: Didn't they get hacked?
Avira: I've tried it, and I liked it, but I need more reviews. Is it secure?
Avast!: I hear you guys saying it has good realtime, and that it can do a lot of stuff automatically, so it'll probably be my AV.
NOD32: Never tried it, so I need some reviews.

Firewalls:
C.O.M.O.D.O. Firewall: I love it, but it's way too user-involved.
ZoneAlarm Firewall: It sucks, and too involved.
Online Armor: Messes with my glass panel Aero theme, and the way IE gets displayed.
Windows Firewall: Is shit.

Antispyware:
Ad-Aware: I like it, and it has Ad-Watch.
Spybot S&D: I love this thing, but it might pose a problem with the TeaTimer prompts.
SuperAntiSpyware: My friend uses it, but I need reviews.
Windows Defender: Never by itself.

Miscellaneous Security:
IE is crap. Firefox hogs memory. I've never tried Opera. So what browser is secure AND easy on my computer's resources?
Obviously, I WILL be installing Drop My Rights and Sandboxie.

>>5868

Regarding Spybot: S&D... you can just use the Immunize function to block their access to a lot of trojan sites, and block those sites' access to them. Turn off TeaTimer itself, but leave the IE Resident there, and have it set to block pages silently.

Regarding the other selections, I'm not super-aware what to do... Ah, but browsers. SeaMonkey has won my heart... I've mentioned it a few times on here. It handles Flash way better than Firefox, and I'm pretty sure it has a lesser memory footprint overall. It also includes a mail client (if you want it in there, who knows what would be best for what you're looking to set up? Maybe just stick with webmail?), supports most Firefox extensions, is very customizable, and it's just as secure as Firefox. In fact, its cookie handling, if you don't just deny all cookies, can be more secure-- but that requires user interaction. You might want to give it a shot. K-Meleon is built off the same core, but I haven't checked it out to see whether it's more or less efficient. In my case, I need to try Opera more than anything. My only experience with it this far is on the Wii, haha. But yeah, check it out. My whole family has been using it since I found it (well, originally I found Mozilla, which is basically just what it was named until recently) and they've never been happier.

Oh yeah, and yes, Kapersky got the hacksky.

According to online test sites, Avira has the highest detection rating. I know people kick AVG around but it does deserve it. It's bloated, compared to others, and when it does a system scan, it only scans something like 25% of files. Avira and Avast scan the most. Avast has the quickest realtime scanner. All the test sites produce slightly different results though.

>>5878
>only scans something like 25% of files

You do realize there's a setting to change that, right? Just checking.

So I'll be going with Avast, Avira (need more reviews), or NOD32 (need reviews) for AV. For Antispyware, it looks like it'll be Ad-Aware AE and Spybot S&D in tandem. Has anyone here ever tried SuperAntiSpyware? Is it secure, and does it need a lot of user interaction? My two big questions. I might try OA as a firewall, and see if it still screws with my graphics.

avast is the slowest piece of shit I have ever used I could manually check files faster than this. It's been one fucking hour and it has scanned 1300 files.

Kaspersky and Avira have always been near or at the top ranks of official tests. You pretty much can't go wrong with either of them, though Kaspersky has more features and Avira has a higher detection rate. Norton 2009 has a slightly lower detection rate than both, but despite Norton's radioactive legacy, their newest version is light, fast and is not significantly worse at detecting malware than Kaspersky. The new Norton is also more idiot-proof if that's a concern for you.

SuperAntispyware and Malwarebytes have pretty much usurped the old Spybot S&D and Ad-Aware combo. Using both, you can expect ~90% detection of spyware, but be well aware that the free versions have no realtime scanning.

One type of program that isn't really well-known are HIPS, with use behaviour-based rules to block malware. Some are quite complicated and need a ton of user-intervention. For excellent HIPS that don't need micromanagement, the two best ones are Threatfire and DriveSentry. You may experience a big performance hit with DriveSentry if you have lots of processes running in the background that constantly write to disk, since DriveSentry examines every write operation.

A word of warning: NO combination of programs will detect 100% of all malware. A single antivirus, security suite, or other scanner will NEVER remove 100% of the malware it detects. Finding every last trace malware in a heavily infested system is a very difficult job that cannot be automated. This is only in issue for the worst of infections, but if one were to happen, I recommend a complete reformat.

Given this, please take into account the trade-off of benefits between malware detection/removal capability and the performance hit. More "layers" of security will protect your system better, but slow your system and introduce software incompatibilities. At a certain you reach "overkill" level where you receive negligible marginal benefit for every new security program installed.

If you're using a "comprehensive" program like a security suite or C.O.M.O.D.O., don't bother adding too many programs beyond a few free spyware scanners.

>>5868

NOD32 used to be tied with Kaspersky as best antivirus in the business. Their heuristics are excellent, but recently their detection ratings have started to fall in industry tests. Their biggest claim to fame is low resource usage, but I found Kaspersky actually used fewer resources than NOD32. Maybe it's just me.

>>6107

The "Big Three" of free antivirus are AVG, Avast, and Avira, in order of descending fame. Right now, Avira has the overall highest detection rating and I believe it has the lowest impact on system resources. The others aren't bad though, be sure to try them out and see which one you like the best.

Free antispyware programs tend not to have automatic scheduling or updating. It's a good idea to scan with one every month or two, unless you're confident that you did nothing potentially dangerous or have a rock-solid HIPS.

So, to provide examples of recommended setups:

Config 1 (paid)

1. Antivirus: Norton 2009
2. Antispyware: SuperAntispyware (SAS) and Malwarebytes Anti-Malware (MAM)
3. Firewall: Online Armor Free

Config 2 (paid)

1. Security suite: Kaspersky Security Suite 2009
2. Antispyware: SAS and MAM

Config 3 (free only)

1. Antivirus: Avira
2. Antispyware: SAS and MAM
3. Firewall: Online Armor Free

Config 4 (free only)

1. Firewall + HIPS: C.O.M.O.D.O. (antivirus component not installed)
2. Antivirus: Avira

Config 5 (free only)

1. HIPS: Drivesentry
2. Antispyware: SAS and MAM

If there are software incompatibilities or other points I neglected to mention, anyone feel free to correct me.

>>6108
For your paid configurations, are you using the paid versions of SAS and MAM? If so, are you using the real time protection features of both? I heard that SAS's real time protection was designed to be compatible with the real time protection of an anti virus but i havent seen much about MAM's compatibility.

>>6123

I use the free versions. You need to update the program and definitions each time you run it, but I only scan once a month so it doesn't really become that big of a deal. Basically, the only reason why you would want to buy licenses or pirate the full version is if you value automatic updates and other conveniences.

If I did buy licenses for MAM and SAS, I would probably turn off the real-time scanning for at least one of them. Having three real-time scanners on all the time would probably would cause an intolerable slowdown in normal usage, much more so during work or gaming. This may not apply to you if you have a Core i7 machine or something.

I'd like to add that AVG doesn't seem to have a free version anymore, they have a 30 day trial now but you have to pay at the end of that. its lame, i really liked AVG.

Is it possible to have too many antiviruses installed? Do they clash with each other or something?

I just found out I have a nasty case of Vundo, and so now I've added a few more antiviruses to my already bristling arsenal. The list goes:

Avast
Avira
Spybot SD
Super Anti-Spyware
Malwarebytes Anti-malware
CCleaner
Hijack This
COMODO and it's antivirus.

At least now I think I've gotten rid of the fucking Vundo which was bogging down my system like a sonovabitch.

>>6184

Oh god yes. Its extremely bad to have more than one anti virus/anti spyware/anti adware with real time protection. There would be countless conflicts, system instability and crashes.

Imagine you computer is a building, and anti-malware products are private security firms. If Avast is checking a room (file) and Avira comes along to check the same area its gonna go "WTF is going on here?" and boom! system crash.

>>6184

COMODO's antivirus is next-to-useless. You shouldn't have installed it with the rest of the package.

I recommend uninstalling some of those programs. Leave in SAS, MAM, and HijackThis! assuming you have the free versions they have no real-time component to conflict with. If you insist on running multiple anti-virus programs, leave only one of them with the realtime scanning turned on.

This Greek website has a portable antimalware package you can install on your USB drive. Sign up for their forums and you can use it.

http://www.virus.gr/portal/en/

If you find a suspicious process, check to see if it's harmful using this site:

http://www.processlibrary.com/

>>6184
CCleaner isn't anti-virus.

>>6184

Oh god, you had Vundo? Did you REALLY kill it, for certain? I spent literally 14 hours over two days trying to remove it from a machine, ended up just telling them to reformat. If you actually killed it forever, I will be amazed, and maybe start using a couple of those programs. (Out of the programs mentioned, I haven't used Avast, Avira, or SAS yet.)

>>6195
Fuck knows if I really got it all, but it was SAS that picked it up and skullfucked it for me, and CCleaner that cleaned up the mess left behind.

Computer seems to be working okay now though. Much better than it was before. Only time will tell if it resurfaces. I still don't have a clue how it got in through my gauntlet though.

Goddammit.

I downloaded COMODO and installed the firewall. I reboot and when I log in to my account it throws a popup about utorrent wanting to connect to the internet (it starts up automatically). I click "allow", and my whole system freezes. Couldn't move the cursor, couldn't ctrl-alt-del, completely frozen and unresponsive. I had to do a hard reboot. I try again, and the same exact thing happens. I remember that Microsoft firewall is still active, so I disable that, reboot, try again, same thing happens. Hard reboot again.

Somewhere during all this, my external HDD dies. Just goes cold. I begin to sweat. Not wanting to fuck around any longer (hey, I gotta torrent, I have ratios to maintain), I go to uninstall COMODO. Halfway through the uninstall process, my machine throws up a BSOD.

In the end, everything turned out okay. My HDD started behaving and I got COMODO uninstalled without issue. However, I still want to use it as a firewall. Anyone know what might be going on?

BTW, running Vista and using Avast.

>>6603
I'm not completely sure if this is what will cause that to happen, but if you install both the regular comodo firewall thing and the comodo memory firewall, shit blows up.

The memory firewall and regular firewall want to kill eachother; I think its caused by both of them sharing use of a specific file, so they try to stop eachother from using the file like a sensible antivirus would do as in the case of a real virus trying to manipulate the antivirus/firewall's files. so its a one or the other situation.

If you didn't install both the memory and normal firewall, then *shrug*.

What do you guys think of the Windows Vista firewall? I've heard the XP one is horrible, but I think I'm pretty satisfied with the Vista one. That, and OA doesn't work with x64 vista. Do you think I'd be fine with just AVG and windows firewall?

>>6982

I wouldn't recommend AVG, Avira is better.

What happens when my 60 day trial for Avast runs out?

You register for a free key at their website.

>>6982

Windows Firewall is fine if you use a hardware-based firewall. Most routers have this. In fact, some people in IT believe a third-party software firewall is totally unnecessary. Windows Firewall covers inbound connections and stealths all the ports, which should be fine for the vast majority of users. The idea is that if you need outbound protection, your system is already compromised.

I personally use a third-party software firewall, but only because I'm a bit paranoid, appreciate the extra features like built-in HIPS, and I can afford to take the performance hit.

>>7326
Oh, thanks, that clears things up. I always thought the whole firewall jerkoff extravaganza put on by every net security agency was a bit of hype.

>>6071

Really? It goes through about 149,000 files (roughly 230GB) on my PC in 20 mins.

>>6603

Man, that happended so many times to me when I had COMODO. It never stopped a single malicious process, all it did was spam me with popups for completely legitimate programs and windows system processes. I ended up uninstalling it 'cause it kept crashing my PC and the popups were never anything useful.

>>7856 Some firewalls conflict with some antivirus programmes. I had the same problem with Avast/Online armor. You could try switching virus checkers to Avira, which is a nice one, or use another firewall. Online armor is also nice. The program guard is pretty good so you don't need to use a system guard like Spybot Teatimer.

dear geek squad,

in addition to the things discussed above, how effective is vmware/other virtual machine software in combating virii? last i looked in to it (years ago) there was talk of malicious code able to break out of the virtual invironment and infecting the host OS.. is this rampant nowadays?

my best stab at securing my sytem would simply be to run all apps under a virtual machine, leaving the host machine essentially for file storage/backups. all cracks/keygens/etc to be run in a separate vm as well.

any thoughts? is vmware the top shelf shit these days? any recommendations?

>>8304
its possible to do that, yes. however, i would recommend using something like http://sandboxie.com/ for everyday use because it is not intrusive and you can make it only sandbox certain applications.

Sup guys, it's me:

>>6107
>>6108

Since it's been a long time since then, there's a few updates that I should make.

Firstly, I think I've made the mistake of being too supportive of COMODO. It's also not particularly useful unless you're paranoid or an expert. If you're reading this thread then you probably shouldn't be using COMODO. In fact, third-party firewalls in general don't add a lot of extra protection unless you engage in very risky internet behaviours.

Right now there's only one free antivirus I can recommend without reservation: Microsoft Security Essentials. MSE competes head-to-head with Avira in detection and removal, without the annoying nag screen or truckload of false positives. It's also lighter than anything else, even NOD32.

Most free antivirus now also has significant spyware detection abilities that make dedicated antispyware somewhat redundant. Rather than having SUPERAntiSpyware and Malwarebytes installed (they don't update automatically), download them only if you suspect a malware infestation, or to clean up a mess your usual antivirus can't handle.

My new recommended setup goes something like this (for normal usage):

Browser: Firefox with NoScript and Web of Trust, Google Chrome/SRWare Iron (IE8 is actually safer than stock Firefox, but you probably don't want to use it for other reasons.)
Antivirus: Microsoft Security Essentials
Firewall: Windows Firewall

Upon request I can make recommendations for "high-risk" and "paranoid" builds.

>>8981
I agree with you mostly on the antivirus recommendations. I too have found MSE to be a very competent antivirus product and the best bet on the free end, however I have to politely disagree with you over system resource usage by it and NOD32. I'm finding larger memory footprints on both XP and Vista machines using MSE over NOD32, as well as slower startup times. For that reason, and that reason alone, I tend to still recommend NOD32. You get what you pay for, and that $60/year gives you a leaner AV product that's still got one of the best heuristics detection engines available... though one could make the argument that $60 would be better spent on more RAM if idle system memory footprints over 200MB were of a concern to begin with.

I, too, have been drifting away from dedicated software firewalls on user systems outside of XP without a router. They aren't worth it on Vista/Seven, and if I do install COMODO, I now tend to avoid WinPatrol for XP.

The best little application I've found for overall security lockdown that my own customers like and don't have problems learning to use is SuRun. You get the added security protection of running a Windows account in Limited User mode, but don't have the annoying restrictions of doing so. It basically makes Windows behave like a well-configured Linux desktop for administrative access rights.

Well, I am a horrible asshole and/or newbie. Just thought I should clarify that because I hit the "malware defense" trap the other day while drunk. While given my debilitating porn/torrent addiction malwarebytes has gotten me out of a few jams. However, this time, my ransomeware has seemingly gotten my egg timer to work for ten or so seconds on malwarebytes with no program-run or scan taking place. what I do? Thanks bros.

>>9007
Egg timer? You cook eggs with your pc? That's pretty neat man.

>>9007

There's to ways to go about this. One is to boot into safe mode, then run a scan from a portable antivirus on a USB key or CD.

ftp://ftp.drweb.com/pub/drweb/cureit/cureit.exe

Alternatively, you could booting into a Live CD with antivirus tools.

http://www.free-av.com/en/tools/12/avira_antivir_rescue_system.html