Anti Virus and Anti Spyware

[Vulcan]

Yup my apple colleagues are quite concerned with the new malware doing the rounds. First because it doesn't actually attack an exploit vector, and uses social engineering.

Second because apple have an immature security industry unlike windows, look at us arguing over which AV is better on the PC pulling out statistics and proper evaluations. Whereas the handful of AV products for the apple are little more than afterthoughts.


Oh and llama, IE6, I still use it. There are still many issues with IE7, and even Firefox has its oddities. So I need IE6 (I usually need two browsers because at least one of them doesn't do 'somethigng' right, be it rendering a page wrong or caching a page it shouldn't).

[GovtFlu]

Originally posted by Larry
I don't know if this should be in the H&S forum or not but what the heck. I'm looking to buy some antispyware and virus scanners and I'm willing to pay around $100-150 for them. So what are the best ones you've used?

Avast gets my vote, its free, after 5 years its never let me down. I hear AVG, also free, is good too.

Lavasoft Ad-aware for spyware, same price.

[llama]

Originally posted by Vulcan

Oh and llama, IE6, I still use it. There are still many issues with IE7, and even Firefox has its oddities. So I need IE6 (I usually need two browsers because at least one of them doesn't do 'somethigng' right, be it rendering a page wrong or caching a page it shouldn't).

Vulcan,

Hey, me too. I can't stand IE7, so IE6 is still on my systems. I just wouldn't dream of using it at the various risky sites out there.

Yeah, FF can be vulnerable against zero day attacks for a little while too (though FF got updated like 4 times in the past two months - good for them), but I'm a diehard Opera user myself. Still no guarentee, but an extra layer of obfuscation...

-Llama

[Vulcan]

Hey llama wtf dude:

Virus Attempts % of Attempts
 
1  HappyTime_3 (Worm) 1 100.0%
1/1 records are shown as detailed information  
  Source Destination Attempts % of Attempts
  12.39.144.18  192.168.60.91  1  100.0%
 

Was checking our weekly reports and saw this. That IP resolves too: http://www.computerpoweruser.com/   which I visited Friday (Thursday your time) to check out who CPU magazine was (you mentioned you wrote for them).

I checked my browser history, I only went onto your CPU's main page and some forum posts, I revisiting didn't result in any hits. Some I think it must've been imbedded in a banner advertisement.

[llama]

Vulcan,

Heh. Funny stuff.

As luck would have it, I'm doing a review of ESET's NOD32 (which I really like, BTW) this month, so I've had it running on a test machine that only has IE6, and the whole box is behind in its patches by about 8 months.

NOD32 has a web-surfing-protection component, so I went to the CPU website and trolled all around the forums, some articles, and so forth. NOD32 reports nothing. I then tried a VMWare machine with NAV2008, which has a drive-by-download protector and did the same thing with the same browser.

Both logs and quarantines show the same thing, which is to say, nothing.

It seems likely to me that there's a hacked banner ad. That said, I don't have a thing to to with the website, and in fact, I don't even know who runs it or what platform it runs on.

I'm going to forward your note to my editor and let them deal with it. Thanks for the heads-up.

-Llama

[0thehero]

I'm not a security expert and I don't have the breadth of experience with as many applications, but we run some Secure Computing gear here at the office (IronMail and WebWasher) to which Vulcan referred in an earlier post, and when I look at the Javascript-based malware counts that the WW machine is stopping everyday (we're over 22K instances in just the last 4 months), I'm damn glad we have it.  It really is a different world than ten years ago in this area.

That said, for home users I like Avast for those that wouldn't pay for software and NOD32 for those that see the value in greater protection for a few bucks.

[Vulcan]

I've never had a chance to play with the Secure Computing stuff but it does look nice. (Although I trained/qualified in Ironmail before SC brought Ciphertrust).

If anyone was wondering about my previous post, well on Friday I was wondering who CPU magazine was (that Llama said he wrote for) so I went to their website. In browsing their website our work firewall (Sonicwall) blocked a malicious peice of malware, most likely this was embedded in a rolling avertising banner. Many websites use these to gather revenue, and the content is usually hosted somewhere else. CPU Magazine did no wrong but it goes to show how 'trusted' websites can be sources of malware.

[Gunthr]

Bit Defender Antivirus 2008...  $25 bucks.  Used for the past two years, it has never failed to protect against  attacks from viruses and malware/adware.

WinXP, Zone Alarm, Linksys Router

[FOGOLD]

This is a fascinnating thread. I must confess I've used most of the spyware fixerspaid for and free and all they EVER find are cookies and it does make me wonder of the spyware thing is just more AV hype.  Still do scans nbow and then (Kaspersky does them anyway) with spybot, adaware or Spysweeper. I almost want them to pick something up sometime!


I would always have AV as it will pick up malicious e-mails.