I would recommend Microsoft Security Essentials and MalwareBytes. MSE is much
less resource intensive, doesn't slow your system to a crawl during scanning, and
works well with Malwarebytes.
At one time I used Avira, but it had gotten a bit more hoggish of RAM, especially
during scanning...it's a good choice, just not my preferred.
Discussion on:
View:
Show:
Anybody who has broad experience in dealing with high tech malware knows that MSE is rubbish compared to the likes of Kaspersky or even the free version of Avira. And this is backed up with the results from the last AV Comparatives: MSE was 3rd worse on detection, and absolute worst on speed. And recent personal experiences show that it is wretched at malware removal as well. If you want something free and lightweight, try Panda Cloud.
Sounds like you have never used MSE, because everything you just said is bs
I work in support, so I know, MSE is better than paid versions of Symantec and McAfee. And I barely notice it working on my system, but as soon as something sus is on your system, it warns, unlike your other antiviruses out there. Perhaps you should just try it first
I work in support, so I know, MSE is better than paid versions of Symantec and McAfee. And I barely notice it working on my system, but as soon as something sus is on your system, it warns, unlike your other antiviruses out there. Perhaps you should just try it first
Take a look at the VB100 report (one of the best anti-virus testers) and you will note that MSE is fairly abysmal in protection or removal. I'll take an expert opinion over yours anytime. Avira free was best free antivirus by a long shot. Incidentally, Symantec failed their tests this year.
I call it McCr@ppy, for the huge load of problems it caused my clients! I refuse to support them anymore if they don't take it off the machine! I'd take MSE to that any day!
I was once a huge fan of Avira until one day during a pentest we slid a meterpreter payload binary right underneath it's nose and it didn't say a thing. If you can't detect meterpreter trojans, you might as well not even have AV.
I am a security professional as well and Microsoft Security Essentials is NOT included in my list of security tools. It simply is not up to par with Malwarebytes and SUPER AntiSpyware. I have enough experience with MSE to know it is a waste of time as compared to using the other two mentioned above in my post. Combofix is a given for tech savvy users, not recommended for non-techies unless you have experienced help. AVG Antivirus is also not in my tool list, there are two MUCH better alternatives. For a more tech-experienced user needing an exceptional AntiVirus program, I highly recommend Avira A-V Free (without toolbar installation) and for the less experienced, Avast Free A-V is THE ONE.
Avira was too slow on the draw to prevent injections attacks. It could recognize the zip file; but couldn't stop it in time to prevent total pwnage of my clients machine by a .bat file. It did a remarkable job recognizing most threats though. Maybe it has improved. I hear it uses more RAM than most solutions now, so maybe it has improved on the trigger.
http://www.microsoft.com/sl-si/security_essentials/default.aspx
New technology. Other AV programs can't cope anymore.
New technology. Other AV programs can't cope anymore.
Plays well with other antimalware but not with other AV products. No AV really plays well with other AV products though. It is light on system resources. I have used it with MalwareBytes, Spybot S&D, ClamWin(I keep it on a thumbstick for secondary virus scanning) and a number of other antispyware or antimalware products.
I wouldn't go so far as to claim that other AV companies can't cope anymore, but MSSE is a solid offering and holds its' own in the various tests I have seen.
Personally I use Avast/Malwarebytes/Spybot for my own PCs and recommend them to anyone who asks my opinion.
I wouldn't go so far as to claim that other AV companies can't cope anymore, but MSSE is a solid offering and holds its' own in the various tests I have seen.
Personally I use Avast/Malwarebytes/Spybot for my own PCs and recommend them to anyone who asks my opinion.
but I don't recommend removing any virus/malware it finds, I always just run CCleaner and voila! Malware gone! If it is a particularly bad actor, SAS is my best take down scanner, because I can keep running while it scans, and it makes quick work of even a terabyte drive, if set on maximum boost. I always scan within archives as well. Prevx can get away with running concurrently with other AV solutions, because it is almost purely a cloud solution.
Prevx Safe-on-line is free to FaceBook subscribers, and automatically reduces its protections level if Rapport is detected. I haven't noticed a reduction in its ability because of this though. It would be redundant anyway while Rapport is present on the operating system.
Because of the emerging kernel space anti-malware market, it has caused some conflicts between similar AM solutions, but many of them have been cooperating lately to reduce this fudge factor.
Prevx Safe-on-line is free to FaceBook subscribers, and automatically reduces its protections level if Rapport is detected. I haven't noticed a reduction in its ability because of this though. It would be redundant anyway while Rapport is present on the operating system.
Because of the emerging kernel space anti-malware market, it has caused some conflicts between similar AM solutions, but many of them have been cooperating lately to reduce this fudge factor.
in my honey pot lab - I still recommend Avast - sorry! It has never let me down. Now as far as malware goes AdAware WAS king, until some shady characters bought it; so now all bets are off, and I'm looking for more solutions that work on limited accounts. SAS, MBAM, and other AM solutions either don't protect on limited rights, or they have very little feature sets. MBAM can block bad IP addresses. A good host file to keep bad ads off the web page goes a long way. File manipulation tools help; like Comodo Defense +, Threatfire, and Emisoft Anti-malware, but you will still see malware trying certain high-jinks that could really throw an inexperienced user off balance. Spyware Blaster is golden for active x threats no matter which account you are logged on to - Spybot Search & Destroy may have improved on this, but CCleaner can be the ultimate destroyer, if you run it often, and especially if it is run before log off, shutdown, or reboot.
I run many of these concurrently along with WinPatrol, and my PC has never run better. I use the same things on older XP machines, and only Emisoft can't be recommended on those. I could never get it to run, using the premium paid version. I'm using Mamutu on Vista Ultimate x64 now, with great results!
I would think MS Essentials would play well with all of these, but I and my clients stopped using it. It only stops about 75% of the threats that come through. The IE9 browser does a better job than that using smart sense scanning, ASLR, DEP, and the UAC(and limited user rights). IE also stops many threats by simply blocking bad pages, that have shady origins - I'm not sure how much of that are root certificates, or some kind of host file on the new browser; perhaps someone can chime in on that aspect. I know it works almost as well as WOT.
(edited) - MBAM now has root kit detection, and is capable of protection on the limited rights accounts now - it is beginning to look like a truly serious utility!!
I run many of these concurrently along with WinPatrol, and my PC has never run better. I use the same things on older XP machines, and only Emisoft can't be recommended on those. I could never get it to run, using the premium paid version. I'm using Mamutu on Vista Ultimate x64 now, with great results!
I would think MS Essentials would play well with all of these, but I and my clients stopped using it. It only stops about 75% of the threats that come through. The IE9 browser does a better job than that using smart sense scanning, ASLR, DEP, and the UAC(and limited user rights). IE also stops many threats by simply blocking bad pages, that have shady origins - I'm not sure how much of that are root certificates, or some kind of host file on the new browser; perhaps someone can chime in on that aspect. I know it works almost as well as WOT.
(edited) - MBAM now has root kit detection, and is capable of protection on the limited rights accounts now - it is beginning to look like a truly serious utility!!
Avast A/V, malwarebytes, ccleaner, spybot s & d. I love the boot time scan from Avast, catches all kinds of nasties, and i find what it doesn't catch, malwarebytes does. I haven't tried M$ Security Essentials yet, but i'm iffy on the idea of an A/V product from a company that specializes in operating sytems - and sometimes misses the mark.
You forgot that MSE is a stand-alone version of Forefront Endpoint which has been out for a while and gaining steam in big business.
for clients that don't have anything to lose, and don't like alerts. I can't attest to endpoint solutions, because my clients that use VPN usually use UTM appliances that have steaming AV/AM service; so I really have no say there, except that my sister has used the ZoneAlarm Z100G to great success along that line. Unfortunately CheckPoint had canceled that hardware series last I checked. They still support the services though.
Malwarebytes Anti-malware ain't free any more. It installs as a trial. I had a case where this didn't even detect a malware variant.
Combofix can be risky. I think Bleepingcomputers recommend it as a last resort because it may remove the malware but it may also remove other things that aren't malware.
I like Spybot. Use it mostly as a verification.
Avast Free is garbage. Fully up to date PC and Avast and it couldn't detect the fake "Anti-virus XP" on 3 system. After that I don't recommend it.
MSE is lightweight and does a decent job but should automatically update the PC at bootup. In one malware exaple it removed the "main" malware file but couldn't pick up the one that triggered it. Actually Malwarebytes couldn't detect it either.
Combofix can be risky. I think Bleepingcomputers recommend it as a last resort because it may remove the malware but it may also remove other things that aren't malware.
I like Spybot. Use it mostly as a verification.
Avast Free is garbage. Fully up to date PC and Avast and it couldn't detect the fake "Anti-virus XP" on 3 system. After that I don't recommend it.
MSE is lightweight and does a decent job but should automatically update the PC at bootup. In one malware exaple it removed the "main" malware file but couldn't pick up the one that triggered it. Actually Malwarebytes couldn't detect it either.
as it is pretty obsolete - but unfortunately, since Lavasoft bit the dust, it is the only alternative, I've been able to revive. At least it is one of the ONLY tools I know that can actually block many bad cookies in the first place. It nails a lot of bad ad servers; but I wasn't aware it added a host file, so I'm a little confused. I heard RC2 of the new version is out now, but I could not find a free version of this new one; and I'm not impressed enough to pay very much for it. Even with the new trial version on-board, I could see that many malware were capable of manipulating files and icons, and who knows what else in limited accounts! I never used to see this in my honey pot lab(with the older Adaware), but then, I don't usually use host files, and at least a lot of the pesky bad page sites, and advertisements disappeared! SpywareBlaster was the only passive real time protection I used to use that had a light duty host file.
is more malware than virus so of course Avast wouldn't pick it up - it's not a malware program. But...we've pulled a/v xp out of a number of machines using malwarebytes - which still has it's fairly decent free version - in safe mode. We've also ended up backing up the pc and doing a wipe and load. Avast has yet to fail me, so I'll stick with what works.
Malwarbytes is free. It just offers the real time protection as a trial. Buy the full version to get the real time protection or do as i do uninstall and then reinstall. That's the only downfall
but I like the scheduled update and quick scan tools, and anyone can use anything they can get as a blended defense. One thing is for sure - MBAM is as resistant to attack by malware as I've found, and it works wonders in safemode. I run it before running, SAS as a rule! MBAM is a heavy hitter when it comes to the vicious variety of malware. I would rather keep malware off the machine altogether, though, and AdAware used to do that before they got creamed by a bad buyer!
It is going to take a LOT of blended defenses to fight the new malware, who need very little system privileges, and don't set off the best heuristic tools out there. CCleaner is still King in my book - for now.
It is going to take a LOT of blended defenses to fight the new malware, who need very little system privileges, and don't set off the best heuristic tools out there. CCleaner is still King in my book - for now.
After my last upgrade to AVG Free 2011 in December 2010, I kept on having major problems getting its engine to upgrade. Those problems included having to completely uninstall and re-install the tool because the upgrade had got itself sufficiently badly mis-directed that nothing further could be done with the installation (including an inability to update the virus definitions).
On the first occasion on which this mischance occurred, it took me ages to clean the horrid mess off the machine (both files and registry, and at least two re-boots after partial file removal). I then spent some time cleaning any remaining nonsense from various parts of the machine. I suffered a similar blip on a second machine on which I had AVG Free 2011 installed, about ten days later. This also caused major amounts of uninstallation and re-installation work to rectify.
On the second occasion on which the mischance occurred (less than six weeks later), it was thoroughly purged from both machines (including extensive registry cleaning, etc.). It was then replaced by a different anti-virus tool: twice bitten, thrice shy!
On the first occasion on which this mischance occurred, it took me ages to clean the horrid mess off the machine (both files and registry, and at least two re-boots after partial file removal). I then spent some time cleaning any remaining nonsense from various parts of the machine. I suffered a similar blip on a second machine on which I had AVG Free 2011 installed, about ten days later. This also caused major amounts of uninstallation and re-installation work to rectify.
On the second occasion on which the mischance occurred (less than six weeks later), it was thoroughly purged from both machines (including extensive registry cleaning, etc.). It was then replaced by a different anti-virus tool: twice bitten, thrice shy!
to recommend it. They didn't listen and SPLAT! They lost their machines, one after another. They listen to me now! At least with even an old version of Avast with the kernel NEVER updated. I've been able to completely recover most PCs. Especially enough to wipe and reinstall. Avast and SAS will take care of most(at least 97%) of the backup file infections after that.
"The big downfall of AVG is that, should you have to run ComboFix, you can???t just turn it off."
I had to use ComboFix on and AVG machine for a nasty rootkit, but all I had to do was stop the AVG services, run ComboFix, then restart the services.
I run AVG Free on half a dozen personal machines at home and it does a good job and it's not as heavy as some of the others. I work on a lot of computers and the kids have machines made from spare parts, so I need something that won't bog down the less than stellar performance of all these Frankenstein machines. AVG does a good job.
I had to use ComboFix on and AVG machine for a nasty rootkit, but all I had to do was stop the AVG services, run ComboFix, then restart the services.
I run AVG Free on half a dozen personal machines at home and it does a good job and it's not as heavy as some of the others. I work on a lot of computers and the kids have machines made from spare parts, so I need something that won't bog down the less than stellar performance of all these Frankenstein machines. AVG does a good job.
Especially if you have an older, slower machine, after using CCleaner (free), Avira Free (highest rated free A-V in VB100 report) would be your best choice. For kid's computers that need a real-time A-V, Avast Free is the safest. AVG was the best 3-4 years ago. Since that time, it sunk toward the bottom of the free A-V recommendations. (Note: AVG may have 'seemed' to do a good job preventing infections so far for you but then again, it hasn't encountered the many vulnerabilities which it possesses. Switch before it's too late. Good luck.
Hello guys.. what about if i installed the kaspersky in my machine, do i need to instal and run other app up ( like malwarebytes or combobytes) ?
Thank's in advance,
Thank's in advance,
but they are too darn expensive to recommend for my clients. The fact that they are based in Russia is doubly vexing on this, as the dollar is strong over there. They are making HUGE money at the expense of our clients, and quite frankly, you have to be very careful with the powerful kernel access they impose on the system. I see many more freebees that are plenty efficient, and WAY cheaper. Bear in mind you need many blended defenses to make a good protection for computing. Sometimes you are better off with solutions that work in an infected environment, and still provide a superior defense of your data.
Besides even Kaspersky can be thwarted by the new malware reality. They may have good heuristics, but malware don't need to be noticeable to AV/AM solutions to do damage to your data. Remember, they don't need to PWN the PC to get into your pocket book.
To be fair - I've seen ZAccess.backdoors that can defeat their Rescue CD, but that doesn't mean they may not have had the ability to keep backdoor trojans off the machine in the first place.
Besides even Kaspersky can be thwarted by the new malware reality. They may have good heuristics, but malware don't need to be noticeable to AV/AM solutions to do damage to your data. Remember, they don't need to PWN the PC to get into your pocket book.
To be fair - I've seen ZAccess.backdoors that can defeat their Rescue CD, but that doesn't mean they may not have had the ability to keep backdoor trojans off the machine in the first place.
We use a combination of SuperAntiSpyware, Malwarebytes, and last resort ComboFix when cleaning up machines brought in to us for repair.
I still need a good rescue CD with an AV on it for such purposes. I like to make at least a 95% assurance nothing may be left on the hard drive. If they have something truly valuable to protect, I may wipe and re-install, then update all scanners before checking the backup files. If they have a business, and can wait at least two days for all definitions to update, I try to scan later, and just not recover all backup files right away.(especially by incremental backup date)
I work on PCs all the time. My tool kit includes AVG for those folks who just refuse to put anti-virus on themselves, Spybot for the same reasons. I find CCleaner and Glary Utilities to be invaluable. I've also got ReImage, but have not used it yet to recover from heavier nasties. Has anyone used ReImage to recover machines so infested that reimaging the machine is a last resort? I will definitely add the others mentioned here.Thanks for the info
I have used Macrium Reflect to good result, The image backups are just one click away, and any situation can be imaged and recovered. It even does incremental images( although I'm sure at least one other utility does this) I've never had a failed restore yet - but I've only started using it in the last six months. Reading user reviews on CNET to rate the top five backup utilites is paramount.
Bear in mind the built in image tool for Win7 has the same good reputation, as long as you have a version above basic or home version. Vista home premium now has full file backup ability, which works flawlessly(as long as you don't need browser favorite recovery). I don't think even Vista Ultimate has image backup ability(at least I can't find it).
Bear in mind the built in image tool for Win7 has the same good reputation, as long as you have a version above basic or home version. Vista home premium now has full file backup ability, which works flawlessly(as long as you don't need browser favorite recovery). I don't think even Vista Ultimate has image backup ability(at least I can't find it).
At this point, with viruses only accounting for 7% or so of malware, anti-virus is needed, but not completely helpful. I'm not sure I have ever removed malware from a system which was fully up to date.
Making sure Windows update is running, and using Secunia, or even better Ninite is the way to keep everything else up to date. Ninite will update almost everything else on you Windows machine, saving you from having to click on loads of legal disclaimers, and refuse multiple toolbar offers.
I installed Ninite on my main PC, which I thought was fairly up to date. It updated 13 of the apps on that machine, including Adobe, Java, Firefox, Chrome, Terracopy, Eclipse, and a bunch of lesser apps.
Making sure Windows update is running, and using Secunia, or even better Ninite is the way to keep everything else up to date. Ninite will update almost everything else on you Windows machine, saving you from having to click on loads of legal disclaimers, and refuse multiple toolbar offers.
I installed Ninite on my main PC, which I thought was fairly up to date. It updated 13 of the apps on that machine, including Adobe, Java, Firefox, Chrome, Terracopy, Eclipse, and a bunch of lesser apps.
It seems to me that you totally overlooked one of the best free AV products out there - Immunet Protect. I agree that AVG isn't all that great as an AV any more and I'm not really a fan of Avast either - and the free version of these cannot be run in any commercial environment as the free version is strictly licensed for "Home Use Only" (Avast) or "private, non-commercial, single home computer use only" (AVG).
Immunet Protect is free for use on home, non-commercial and commercial computers and there's a Pro subscription available for US$24.95/year. It can also run alongside other AV products and was specifically designed this way.
I do agree with your comments about ComboFix being not for the weak of heart, but I'd also strongly recommend it isn't used by anyone without a good idea of what's actually going on inside a Windows-based computer system as choosing the wrong options inside ComboFix can bring a computer to its knees.
Malwarebytes and Superantispyware are both great tools.
Immunet Protect is free for use on home, non-commercial and commercial computers and there's a Pro subscription available for US$24.95/year. It can also run alongside other AV products and was specifically designed this way.
I do agree with your comments about ComboFix being not for the weak of heart, but I'd also strongly recommend it isn't used by anyone without a good idea of what's actually going on inside a Windows-based computer system as choosing the wrong options inside ComboFix can bring a computer to its knees.
Malwarebytes and Superantispyware are both great tools.
is it true that it is a cloud solution? I liked Prevx that way as an add-on AV to Avast. That was the only other way to double AV protection on a PC, because the cloud utility won't conflict with the one other installed AV.
As many of my clients are Face Book subscribers, I recommended the free Safe-online version from there.
As many of my clients are Face Book subscribers, I recommended the free Safe-online version from there.
I also think MSE is better than AVG and have brought back two computers from the brink using it. Also, Malwarebytes is still free. When installing, just Decline the offer for the free trial.
1. MSE
2. Comodo Firewall - i use this to augment MSE.
3. Malwarebytes
4. Spybot (SD Helper is on but TEA TIMER iS OFF)
5. User Knowledge - this is the best
2. Comodo Firewall - i use this to augment MSE.
3. Malwarebytes
4. Spybot (SD Helper is on but TEA TIMER iS OFF)
5. User Knowledge - this is the best
I know Comodo's Defense+ is good but it doesn't protect the registry like tea timer. Lavasoft made SafeNetworking obsolete, but AdAware is going down the tubes with a questionable takeover last January, so I digress there.
If #5 were in force, the Users would know how to interpret "Tea Timer"; but then they shouldn't be running as anything other than a limited user anyway - right?
If #5 were in force, the Users would know how to interpret "Tea Timer"; but then they shouldn't be running as anything other than a limited user anyway - right?
I also like Avira, especially because the memory it uses is MUCH less than others including Avast and MS SE. And it's free of course.
And it would be good if the article mentioned that when running XP, make sure you're at SP3, and *DONT* run as a user with Administrative rights. This is a bit more of a pain in XP than it is in Win 7, but there is no real alternative, other than of course to upgrade to Windows 7. But if you want or need to stay with XP then run as a restricted user, and either log in as Admin when you need to install software or tweak settings, or learn to use the 'Run As' command.
And it would be good if the article mentioned that when running XP, make sure you're at SP3, and *DONT* run as a user with Administrative rights. This is a bit more of a pain in XP than it is in Win 7, but there is no real alternative, other than of course to upgrade to Windows 7. But if you want or need to stay with XP then run as a restricted user, and either log in as Admin when you need to install software or tweak settings, or learn to use the 'Run As' command.
We use MSE at my tech college and it is a total fail. They don't want to spend the money to use something good. There are always virus and malware on the computer that MSE failed to find. I can't recommend that program at all. I do believe they are up and coming and probably will take over but at this time, I haven't seen anything good.
SpyBot I don't use much any more. It's a little slow sometimes. Though I will still bring it out if I have too. I really find that Malwarebytes and Superantispyware, along with your regular antivirus really does the trick most of the time.
Others that I have used are Hijack This, Combo Fix, Hitman Pro.
I aso like to use Virustotal if I know what the troubled file is and see who has virus def for it.
SpyBot I don't use much any more. It's a little slow sometimes. Though I will still bring it out if I have too. I really find that Malwarebytes and Superantispyware, along with your regular antivirus really does the trick most of the time.
Others that I have used are Hijack This, Combo Fix, Hitman Pro.
I aso like to use Virustotal if I know what the troubled file is and see who has virus def for it.
I have to say I have used Malwarebytes exclusively, the licensed version with real-time protect on my own PC's and have not had any infections during that time (18 + months)
Also use the free version to clean up client PC's-it is just brilliant.
Also use the free version to clean up client PC's-it is just brilliant.
A few months ago, I was on contract at a site that switched from Symantec to (paid) AVG.
Non-stop problems (network logins mysteriously disabled, exchange server hidden, network paths inaccessible), then a really heavy-duty piece of malware crashed the disk system. I sat there for three weeks getting paid for doing nothing while they tried to get the server running again.
Yes this could be a coincidence, but it's a classic case of the new IT guy trying to make a name for himself and shooting himself in the foot. Before you make any big changes, firstly back up everything at least twice, and have a disaster recovery plan in place.
Non-stop problems (network logins mysteriously disabled, exchange server hidden, network paths inaccessible), then a really heavy-duty piece of malware crashed the disk system. I sat there for three weeks getting paid for doing nothing while they tried to get the server running again.
Yes this could be a coincidence, but it's a classic case of the new IT guy trying to make a name for himself and shooting himself in the foot. Before you make any big changes, firstly back up everything at least twice, and have a disaster recovery plan in place.
Enterprise grade security suites, were worse than single PC utilities. We had better luck using NT permissions and AD group policy - plus the usual locked down server techniques. Web white lists were pretty valuable there, just to name one.
I must admit, that ESET's products were tempting, but I like UTM gateways with streaming service so well, it would be tempting to try an enterprise class of that hardware first. Maybe Barracuda?
I must admit, that ESET's products were tempting, but I like UTM gateways with streaming service so well, it would be tempting to try an enterprise class of that hardware first. Maybe Barracuda?
On my wife's computer, I've got Avast!, Malwarebytes, and CCleaner, and they seem to do just fine. I had AVG on there, but it seemed to use a lot more resources than Avast!. I'm pretty motivated to keep her computer running well, as I'm the one that has to fix it. I don't have to worry much about my computer, as it runs SimplyMEPIS Linux. Haven't had a problem with mine in years, wish I could say the same about hers...
on Windows(especially after NT6) will get your almost as much protection as Linux. But even Linux is vulnerable with a browser using javascript or flash equivalent. The lower the profile on Linux, the less code on board, the lower the threat assessment.
I've found that the most effective way to keep malware and spyware from infecting a system is to use an updated HOSTS file, see http://winhelp2002.mvps.org. This keeps them from "calling home" to download thier payload by redirecting them to the local host. This along with Trend Micros' Worry-Free Business Security on the enterprise has reduced infection by over 95%!!!
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
