Best Free AV

[gyrene81]

No antivirus will keep you safe. Best is to use something else than windows for browsing the internet and keep just a clean gaming machine separately on windows.

Latest discovery finds exploits that bypass all known antiviruses, including Nod32:

http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/

Should have read the entire piece Ripley:

Still, the exploit has its limitations. It requires a large amount of code to be loaded onto the targeted machine, making it impractical for shellcode-based attacks or attacks that rely on speed and stealth. It can also be carried out only when an attacker already has the ability to run a binary on the targeted PC.

Still, the technique might be combined with an exploit of another piece of software, say, a vulnerable version of Adobe Reader or Oracle's Java Virtual Machine to install malware without arousing the suspicion of the any AV software the victim was using.

Still boils down to common sense...as with all malware on the net...you have to do something to get infected...don't download junk you are not 100% sure about.

[Denholm]

In all reality, the only reason I use ESET Smart Security is for its firewall. Here at college, you never know what network bugs are crawling around from computers using LimeWire and Kazaa.

[MrRiplEy[H]]

Should have read the entire piece Ripley:

Still boils down to common sense...as with all malware on the net...you have to do something to get infected...don't download junk you are not 100% sure about.

Should have read and understood the essential: Any pdf, flash ad / movie, java app can have this exploit embedded. So basically you're either restricted to text only browsing or you ditch windows online if you want security.

[gyrene81]

No it doesn't say any pdf, flash ad / movie...it specifically gives 2 examples of applications that it could be inserted into so that the code can execute in the background while the program installation process writes to the system, not plugins or extraneous files that do not have write access or the ability to run a binary...movies, pdf files and flash files do not write to the system.

[Chalenge]

Well, here I thought NOD 32 has settings to prevent that sort of thing. Maybe I will look more into it later.

What about using a virtualization product to install a sub-OS and cruise from there? Is it possible to be infected while doing that?

[Denholm]

Depends on your setup. The virtual machine will obviously become infected, yet since virtual machines are usually isolated, they won't affect the host.

[MrRiplEy[H]]

No it doesn't say any pdf, flash ad / movie...it specifically gives 2 examples of applications that it could be inserted into so that the code can execute in the background while the program installation process writes to the system, not plugins or extraneous files that do not have write access or the ability to run a binary...movies, pdf files and flash files do not write to the system.

I guess you're not aware of flash weakneses that allow execution of arbitrary code.. Or dozen other zero day exploits in the wild.

[Masherbrum]

No antivirus will keep you safe. Best is to use something else than windows for browsing the internet and keep just a clean gaming machine separately on windows.

Latest discovery finds exploits that bypass all known antiviruses, including Nod32:

http://www.theregister.co.uk/2010/05/07/argument_switch_av_bypass/

It doesn't mention NOD32.   

[gyrene81]

I guess you're not aware of flash weakneses that allow execution of arbitrary code.. Or dozen other zero day exploits in the wild.

Yes I am and most are either plugged, or blocked by anti-virus/anti-spyware programs...I guess you're not aware that flash files do not write to the system, they are simply viewed using a plug-in or extension. Considering the fact that the exploit you posted requires write access to the binary level, meaning it has to access the system level files, and the fact that it is a large file load, it would be useless to embed it into a flash file...maybe piggy backed into a flash plug-in or flash creator installer, but not the flash media files.

[Getback]

I'll put my money on Avast

Avast is good but for 19.95 I'd go with Eset Nod32.

[MrRiplEy[H]]

Yes I am and most are either plugged, or blocked by anti-virus/anti-spyware programs...I guess you're not aware that flash files do not write to the system, they are simply viewed using a plug-in or extension. Considering the fact that the exploit you posted requires write access to the binary level, meaning it has to access the system level files, and the fact that it is a large file load, it would be useless to embed it into a flash file...maybe piggy backed into a flash plug-in or flash creator installer, but not the flash media files.

LOL! If a flash app lets attacker execute code on system ram, attacker can then use this method to subvert the AV. An application is nothing but a bunch of code in memory.

[MrRiplEy[H]]

It doesn't mention NOD32.   

It does, it's on the list of vulnerable apps.

[gyrene81]

LOL! If a flash app lets attacker execute code on system ram, attacker can then use this method to subvert the AV. An application is nothing but a bunch of code in memory.

Yeah...mmmhmmm...yup.