Help Selecting New AV Please

I ran Norton Internet Security for a couple of years on 4 of my family's computers. All became virus infested and had to be formatted. 3 of our computers now run PC-Cillin 2006 Internet Security. However, Trend has let one additional malware strike a computer. It was detected with the online scanners at F-Secure and at BitDefender. I have tried F-Secure Internet Security 2006 and was very impressed, except (1) if scan all files was selected my computer -a 3Ghz 2GB SDRAM- became virtually unresponsive, and (2) backweb began giving error messages on 2 different computers. I have a trial of BitDefender Internet Security 9 on one computer and have been very impressed until I learned that it does not scan incoming mail from my IMAP account. BitDefender tells me that IMAP support will be implemented in the next version. Is my incoming IMAP mail safe enough to stay with BitDefender? Should I try something else? Is there a way to stabilize F-Secure?

 

LOOK OUT !!!
All kinds of opinions are on the way . Bottom line is , it seems you are doing very well on your own . Try them out . See what works for you . F-Secure is good but , NOT for you . You answered your question . Point is , so many here have their favorite . Pick one . try it and ask a specific question about a specific AV . This way , you will get more of a factual answer than opinions . Just trying to help you out . You seem knowledgable anyway . That is why I say you are your own best judge .
Hope that helps . You are well on your way

 

In general, NOD32 is regarded as the best real time scanner out there (I believe it supports IMAP scanners). Kaspersky generally is regarded as the best on-demand scanner, and KAV 2006 looks very promising.

On the free solution side, Antivir 7 beta w/ Heurestics Engine 2.0 seems to be a very good real time scanner, although av-comparatives hasn't tested it yet. Bit-Defender free is probably the best free on demand scanner.

 

Once the mail reaches your HD, if its infected, and BD has the detection then Virus Shield should catch it.

Yep

BitDefender seems like a nice choice, or try NOD32, or KAV, or...........

 

Hey FastGame .
Maybe a new thread on WHY you put NOD first . Or was it BD ? Wait . Maybe KAV was only second . Oh Hell . What about McAfee ? Is Avast .....oh never mind . Sorry Elvis . Only teasing here . I know you had a serious question . Think I will start another thread on Which AV a person likes and why . Oh . Waut . I can't . Been done !
That's all folks

 

I don't believe PCcillin is meant for the malware crowd. Though I might be wrong. For something against malware, you really do need something dedicated such as ewido, trojan hunter, etc. Antiviruses, although stepping up, sometimes just aren't catching things. [well conventional ones of course: Norton, pccillin, etc. I have heard all about the NOD32/Kas crowd and their "clean" computers.]

 

seem's like the security and thoroughness of it you're looking for can only be found in paid stuff (so i wouldnt really reccomend free stuff). well anyway, there are a lot out there, although some good paid ones i've heard of and noticed are NOD32 and KAV (i hate symantec! ). if you want to know more on how each security software compares, you can check here at:

http://www.av-comparatives.org/

and also here (check on the VB 100% awards)

http://www.virusbtn.com/index

 

I'd say NOD or KAV will be the best two bets - give the trials a run and see which works better for ya.

 

Irrespective of people's likes, dislikes and opinions, the fact is that Norton is consistently near the top of the league in virus/worm detection and cleaning. Trend is also very competent. That unwanted software got past both of these leads me to question:

1. Exactly what infections did you pick up with each of these A/Vs respectively?

2. How were these infections contracted?

2. How does your A/V fit in with your other security software (if any)?

3. Given the presumably differing internet usage patterns and experience of your family members, what are the main risks each pose to your family computers/network?

Given the answers to these questions, you will be in a better position to understand your expectations of each family member, and your expectations of your A/V (and other security) software. Match them appropriately and you will be in a much better position to choose the right products(s) and usage habits.

 

Indeed so clean you could eat off of the hard drives.

 

Clean enough to do surgery indeed. xP

 

Yes your email is safe. BD's On-Access scanner will take care of any infected email. I've tried many suites and Bit Defender is the best one. Great value, great detection, very good heuristics, good firewall, nice GUI, not as heavy as the rest, etc. If I were you, I’d stay with Bit Defender.


tD

 

There is only one answer as given by Hollywood ---> Try out a few of the best products (KAV, NOD, BitDefender, Mcafee, maybe even Norton ) and see which one works best on your setup. Use the links given by Sword and you can see objective data on detection rates. If you are looking for a single product which allows you to load on several machines, there are a few that do that. One that comes to mind is F-Prot. I think you can pay for one license and load it on your all your family machines. You might be giving up some detection with that one though.

Have fun investigating this. You may end up like me and have licenses for about three or four different products at once. It is fun to play with these things.

 

Yes lately Norton has improved their detections in AVcomparatives tests and by others, the problems with Norton are not totally related to detection capabilities but to problems relating to stability, and interfering with other software. Liveupdate is almost famous for screwing up, thus leaving users unprotected from the latest malwares. My own personal opinion is that without all the pre install contracts Sighmantec would not have anywhere near the sales that they do. However, since you can buy a PC from almost anywhere and it is already there, lots of people use it and think nothing more about the AV. Consider several facts, Microsoft doesn't use Norton, Dell stopped pre installing it, Gateway is considering it, as is HP simply to lower support costs related to the number of support calls they receive from new customers. There are far more stable AV products out there, some with better detection. The tests that are done are usually in the form of using the scanners to detect virii in a set testbed, not during typical use. So stability of a product and how slow or unstable it may make the system is rarely if ever considered during a test/reveiw of a product.

Given those factors, I do agree with your second #2 suggestion, how your AV fits with other security software, ie conflicts or redundancy. For example I wouldn't suggest using Escan and backing it up with KAV as both use the same engine and definitions so there is little benefit. A NOD primary with a KAV back up (or vice versa for those that prefer KAV) is much better as you get two different detection ideologies, heuristic versus definition with each complementing the other. NOD and Ewido or KAV and Ewido also make a good combo . Although KAV/Ewido to me personally is a bit redundant as both are mostly definition based but Ewido has decent heuristics and KAV's are improving lately. The same with Eset improving their definition based detections have improved noticeably in the 8-10 months or so, it seems to me that Eset and KAV are driving each other to vastly improve their products.

Suggestion #3 is always a valid point that is almost never considered, I mostly recommend NOD to people unless they tell me that they visit a lot of porn sites or do a lot of filesharing or other high risk type stuff in which case I lean toward KAV if their system can handle it without serious problems. How you use your system should be a factor in which AV you use as well as what level of system you have, whether it is a bargain basement budget desktop with a 7 year old CPU or a top of the line $6,000 screamer of a game system are factors you shoud factor in.

I completely disagree with your #1 and your 1st #2 suggestion, what infections you have had in the past or how they were picked up is irrelevant except in the area of how the settings were done to learn how to improve your set up. The line between differing types of malware is becoming more and more blurred every day. Gone are the days of pure trojans or pure virii, trojans are becoming a means of downloading bots to create huge spamming nets, worms are becoming a means of disabling security products so that a trojan can be installed to do the same. Malware is a different type of animal now and all security products need to be able to find and eliminate all threats to users' systems. While some products are better at some type of threats than others, every maker is working to improve their detections of almost everything.

 

While I agree [partly] with your synopsis of NAV, the opening poster did not indicate he had experienced any such problems, only that he had experienced a number of infections while using NAV.

I don't think it's that the distinction between different types of malware is becoming more blurred. Rather I believe the 'traditional' distinctions made have always been somewhat arbitrary and made by - and for the benefit of - the A/V (and, later, other) vendors.

In an ideal world it would be nice to have a single product that protects against all malware types and target vectors (although some would also disagree with this), but in reality this is just not the case. In point, most viruses/worms spread through 'conventional' techniques (such as e-mail) and are basically simple pieces of software in the sense that their detection and removal are (usually) straightforward, and A/Vs as a rule generally excel at these two tasks (for known threats, anyway).

The more modern malware types are not only of a more blended nature, being commercially motivated they are generally much more sophisticated both in the means by which they infect you in the first place, and in their resistance to subsequent detection and removal. While A/Vs are in many cases improving their detection of such malware, their prevention and removal capabilities are often seriously lacking, and other types of security software become necessary.

So, I contend that my point #1 remains valid (and also my first point #2, although it is really a consequence of point #3). My experience is that someone who picks up a particular type of infection will likely do so again, as it's happening is indicative of an exploitable weakness in their security setup.

Knowing as much as possible about what actual infections were contracted (and how, if at all possible) is therefore important - in conjunction with my other suggestions- in choosing whether or not a replacement A/V will indeed help, or whether the addition of another security product would be more effective. For instance, if the poster was subjected to zero-day viruses - and the users' usage habits heighten the risk of such events (such as making use of file-sharing) - then some A/Vs would be better than others, while if the threats were of a highly sophisticated nature then it would be sensible to look at either anti-spyware and/or one of the many behaviour-control products that are fast maturing.

 

NOD32 KASPERSKY F-SECURE avast and AntiVir