Aces High Bulletin Board
General Forums => Hardware and Software => Topic started by: TDeacon on January 30, 2017, 09:30:39 PM
-
Do we still recommend ESET Nod32 for Windows 7 installations (Windows 7 Professional 64bit)? I was using Symantec for Windows XP, and it failed me (also, I know Skuzzy hates Symantec).
I plan to use Windows 7 side for Windows games, Photoshop, and professional web browsing (to support software development on Visual Studio). Everything else including recreational browsing and email will be from Linux side. I have a hardware firewall, use NoScript, and would probably enable software firewalls on both Win7 and Linux as well.
Thanks in advance,
MH
-
ESET is still the best gamer anti-virus program around. The least intrusive.
-
ESET
-
Thanks!
They apparently have several versions (https://www.eset.com/us/home/for-windows/). Can any of them be used to check malware on a USB memory stick (prior to said malware transfering itself to the Windows PC)? I sometimes need to be able to transfer files back and forth between the Windows and Linux OSs.
Mark H.
-
ESET
:aok
Can any of them be used to check malware on a USB memory stick (prior to said malware transfering itself to the Windows PC)?
I have the ESET NOD32 ANTIVIRUS version, yes you can scan external sources.
-
FWIW feedback I have been getting is ESET is failing.
The sad news is most consumer AV is rubbish right now, all the good stuff is exclusively enterprise. What you should be looking for is signature-less protection (unless your hardware firewall can do Advanced Threat Protection/Sandboxing).
If you want something really good then this is probably the best out there right now: https://www.malwaremanaged.com/ (Cylance based, but cylance does not provide a consumer/SMB version). I would recommend it be used in conjunction with Windows built in AV as cylance uses no signatures, so Win AV is good just to keep the old stuff out.
Alternatively I've been trialing Malware Bytes full version and it seems alright.
-
I use the windows defender albeit the best defense against malware is yourself.
-
I use the windows defender albeit the best defense against malware is yourself.
Same here. :aok
Coogan
-
Gibson Research is saying that Windows Defender is the better way to go, and to use Edge as your browser. ALL other browsers are suffering from a major vulnerability at the moment.
-
Looks like we have 2 camps here.
WRT Windows Defender, don't forget that my OP refers to a Windows 7 installation. According to Wikipedia, WD is just anti-spyware in Windows 7, and is in any case disabled if one uses Microsoft Security Essentials for Windows 7. So if one wanted the official MS solution, wouldn't Microsoft Security Essentials for Win7 make more sense? (Either alone, or in conjunction with Vulcan's idea).
MH
-
Gibson Research is saying that Windows Defender is the better way to go, and to use Edge as your browser. ALL other browsers are suffering from a major vulnerability at the moment.
LOL that is the biggest pile of smelly brown stuff I have heard in a long time.
Windows Defender is mop up duties only, when malware is well and truly known. If you use MSE or Windows Defender alone then you are truly screwed.
I work in the IT security sector for a vendor that provides network level security (SMB through to enterprise). We don't really do a client solution (i.e. desktop, laptop server etc) - a lot of clients ask me what is good so I always keep an eye on such products.
As part of my role I participate in internal testing. That includes our ability to pickup malware. With products like MSE it could be anything up to TWO MONTHS before it identified malware samples we had detected on our systems.
-
Looks like we have 2 camps here.
WRT Windows Defender, don't forget that my OP refers to a Windows 7 installation. According to Wikipedia, WD is just anti-spyware in Windows 7, and is in any case disabled if one uses Microsoft Security Essentials for Windows 7. So if one wanted the official MS solution, wouldn't Microsoft Security Essentials for Win7 make more sense? (Either alone, or in conjunction with Vulcan's idea).
MH
Sorry TDeacon, I didn't catch the Windows 7 part... (Even though you have it in the Title) :bolt:
Coogan
-
FWIW feedback I have been getting is ESET is failing.
The sad news is most consumer AV is rubbish right now, all the good stuff is exclusively enterprise. What you should be looking for is signature-less protection (unless your hardware firewall can do Advanced Threat Protection/Sandboxing).
If you want something really good then this is probably the best out there right now: https://www.malwaremanaged.com/ (Cylance based, but cylance does not provide a consumer/SMB version). I would recommend it be used in conjunction with Windows built in AV as cylance uses no signatures, so Win AV is good just to keep the old stuff out.
Alternatively I've been trialing Malware Bytes full version and it seems alright.
I looked at your link........this interests me.
Can you elaborate on this some more?
PM me if you deem necessary..................
:salute
-
If you want something really good then this is probably the best out there right now: https://www.malwaremanaged.com/
Interesting, but the "request pricing" link looks ominous WRT a single-user home system...
MH
-
I looked at your link........this interests me.
Can you elaborate on this some more?
PM me if you deem necessary..................
:salute
AFAIK they run a managed service using Cylance. Cyclance doesn't come in SMB or home form (I think the minimum license is 250 nodes). Quite possibly may not be the right product for home, but for a small business of 5-10 users. If you're a small business and you've had crypto-ware issues this is a great option.
The only reason I mention products like Cylance is that these are the features you should be looking for going forward. Products like Cylance and Carbon Black are the new benchmarks for AV. I had Cylance running for a year and it picked up EVERY SINGLE MALWARE SAMPLE I was playing with while McAfee and MSE were clueless for weeks.
Trend Micro has some similar tech I think but afaik it doesn't exist in the home user platform. Webroot might be another to look at.
For the layman, typical AV tech relies heavily on signatures. Signatures are derived from the malware itself. So you have to know about a virus to protect against it. These days a new piece of malware is release every second on average. Say it takes an antivirus vender 24 hours (very optimistic) to find this new malware, then write a signature and test it. That is around 48 hrs from malware release to a signature being available). That means you are typically exposed ~160000 malware apps at any time.
The AV products use behaviour testing and 'AI' to look for new malware. So no signatures required (though I like to have signature based AV to quickly clean out old well known malware stuff that pops up occasionally).
Right now the AV market is a bit of a train wreck.
edit: after all that I had a look around at stuff again, for SMB/Home I would look at Webroot.
-
(text removed)
Right now the AV market is a bit of a train wreck.
In my experience, it usually has been this way, at least with the Symantic products I used with XP.
(text removed)
edit: after all that I had a look around at stuff again, for SMB/Home I would look at Webroot.
QUESTION 1: If I don't want to pay $500. for the latest Enterprise AV technology, and am therefore stuck with signature-based, you are recommending Webroot instead of say ESET Nod32?
QUESTION 2: Why, from a technology perspective?
Mark H.
-
In my experience, it usually has been this way, at least with the Symantic products I used with XP.
QUESTION 1: If I don't want to pay $500. for the latest Enterprise AV technology, and am therefore stuck with signature-based, you are recommending Webroot instead of say ESET Nod32?
QUESTION 2: Why, from a technology perspective?
Mark H.
Webroot and Cylance are using big data, heuristics, AI, behavior recognition to identify malware. This method detects unknown malware (and known malware).
Eset primarily relies on signatures. This method only really detects known malware.
AV such as Eset, McAfee, Symantec are all based signatures with a little heuristics and behaviour thrown in. However this usually picks up minor variants to known malware. Not something completely new or a significant changed variant to a known malware.
This is essentially why people get raped by crypto-ware infections. They are usually changed enough to get past signature based protection.
Eventually the signatures catch up, but until they do there is a window of opportunity.
As an example, one of my customers is sending me samples that are coming into his email server. He is a reseller who manages IT for a handful of small business users. He currently scans with Eset, McAfee, Kaspersky, and Cyren. From this month alone I have around 30 new not seen before malware samples that sailed through the above AV engines. And remember this small business stuff from a single site in New Zealand.
How do I know they are malware? Because I'm testing a new email scanning version of one of our products and it picks them up.
-
As far as malware goes, Malwarebytes is much better than ESET. ESET has an edge over Norton and McAfee in that it also has a significantly smaller footprint and really has almost zero impact on games when they are included in the ignore list.
Personally, I detest all of them and just live with disabling the delivery mechanisms for it all.
-
Webroot and Cylance are using big data, heuristics, AI, behavior recognition to identify malware. This method detects unknown malware (and known malware).
Eset primarily relies on signatures. This method only really detects known malware.
AV such as Eset, McAfee, Symantec are all based signatures with a little heuristics and behaviour thrown in. However this usually picks up minor variants to known malware. Not something completely new or a significant changed variant to a known malware.
This is essentially why people get raped by crypto-ware infections. They are usually changed enough to get past signature based protection.
Eventually the signatures catch up, but until they do there is a window of opportunity.
As an example, one of my customers is sending me samples that are coming into his email server. He is a reseller who manages IT for a handful of small business users. He currently scans with Eset, McAfee, Kaspersky, and Cyren. From this month alone I have around 30 new not seen before malware samples that sailed through the above AV engines. And remember this small business stuff from a single site in New Zealand.
How do I know they are malware? Because I'm testing a new email scanning version of one of our products and it picks them up.
We just picked up a new client whose last MSP had them on Webroot. We spent a lot of time on the phone with Webroot yesterday trying to get it removed. It had for an as yet unknown reason to us started growing the c:\windows\temp\wrlog.log file until there was no room left on drive C on all of their Windows 2012 servers. I personally use Avira.
-
I currently use Bitdefender. I'm reasonably happy with it.
I used to use Avast up to a year ago or so, which previously I was fairly happy with, but there was something that cropped up that I didn't like (don't remember the details anymore).
At that point, I looked at
https://www.av-comparatives.org/
and based on ratings there tried out Avira (which I hated), Trend Micro (which I merely didn't like), and Bitdefender (which I liked).
With antivirus software, I find that there's a product I'm happy with, but they continue to add features, complication, and more resource/performance burden; and then I switch to something else that I'm happy with, but they continue to add features . . . and so on in an endless loop with periodicity about 2-4 years.
For free antivirus, I'd probably try Avast again.
-
(text removed)
For free antivirus, I'd probably try Avast again.
Just to be clear, the OP is perfectly willing to pay up to $100. per year, but it would need to be unobtrusive, and something more than signature-based. If just the latter, then I'll have to settle for less than $50. per year, and reinstall Windows every 3 months (...).
MH
-
I've used Norton, AVG, Avast, and for the last 8 years our so I've used ESET. So far I've never had any known problem and I think ESET does a good job. However, I'm still of the opinion that the best AV software is the person behind the monitor and I (for lack of better terms) don't venture outside of a small circle of websites and game programs.
I think Skuzzy has the best solution of just closing down all the loading docks so to speak but I'm not computer smart enough to fine tune my machine. I just use AV software, malwarebytes scans and safe web-surfing to hopefully keep my machine clean.
-
Just to be clear, the OP is perfectly willing to pay up to $100. per year, but it would need to be unobtrusive, and something more than signature-based. If just the latter, then I'll have to settle for less than $50. per year, and reinstall Windows every 3 months (...).
MH
Even though it's free, I think Avast is decent -- I just liked Bitdefender better back when I switched about 1.5 years ago.
Both use heuristics, signatures, content filtering, etc., and AV comparatives tests how well they do on real-world viruses and malware, testing more than just signatures but all the other stuff, too.
We've things like Avast and Bitdefender for many years at home and on lots of machines at work (about 50 computer-years of operation doing lots of browsing and e-mail use every day). In all that, one machine (as far as I know) got infected with something, and that was the result of opening a malicious e-mail attachment.
-
I use ESET smart security and have done so since about 2004 or so, along with using Malwarebytes <---- scanning with it about every 1 to 2 months with it
Also have a hardware Firewall in my router
I also am a firm believer in that the PC users are the most important part of any anti-virus/anti-malware software being used for protection.... the software is only as good as the knowledge of the person using it while on the internet/checking emails, etc....
Most think "now I got anti-virus/anti-malware protection installed, I'm now safe from everything and can do anything I want without fear of getting infected!"..... this is where most make their first mistake...
TC
-
As far as malware goes, Malwarebytes is much better than ESET. ESET has an edge over Norton and McAfee in that it also has a significantly smaller footprint and really has almost zero impact on games when they are included in the ignore list.
Personally, I detest all of them and just live with disabling the delivery mechanisms for it all.
This :aok
I'm an IT Manager for my company and we have used MalwareBytes for many years and I still consider it one of the best (if not the best) for anti-malware detection & removal. You can also tweak it for more in depth items like PUPS (Potentially Unwanted Programs). I'd highly recommend this and you can get either the free version (does not scan realtime and you simply have to execute manually to scan your machine on a regular basis) or the paid version which does realtime scanning.
Cheers!
Elec1
-
I liked Malwarebytes a lot, too.
I had a problem, though, in that, when I used both an antivirus and Malwarebytes, a reboot of the computer took forever, with the disk thrashing for a long time at startup. Uninstalling one or the other greatly reduced that (even though Windows does suck at startup).
-
However, I'm still of the opinion that the best AV software is the person behind the monitor and I (for lack of better terms) don't venture outside of a small circle of websites and game programs.
Which is a completely incorrect assumption to make.
I have seen malformed PNGs come into email, and try to pull in an infection with zero user interaction at all. I have seen the 'safest' of websites quietly hacked and silently server up malware.
-
At that point, I looked at
https://www.av-comparatives.org/
av-comparatives used to be OK.
But when you consider their retrospective tests only for ~1600 unknown malware samples over a 5 month period. Today we added 37418 signatures to our GAV signature set (these are heuristic signatures). That extrapolates to 5.6 million new malware apps identified in that 5 month period. And they only test for 1600?
I also wonder about how honest their testing is now, they did one of Symantec vs Cylance, Cylance lost by a long shot. Yet IRL I'm seeing Symantec fall flat on it's face detecting malware that Cylance happily blocks.
So I take av-comparatives with a big grain of salt these days.
-
LOL that is the biggest pile of smelly brown stuff I have heard in a long time.
Yeah, I thought the same thing. However, Steve Gibson is one of the best at what he does.
https://www.grc.com/securitynow.htm
The episode in question is labeled "Traitors in our Midst."
-
AFAIK they run a managed service using Cylance. Cyclance doesn't come in SMB or home form (I think the minimum license is 250 nodes). Quite possibly may not be the right product for home, but for a small business of 5-10 users. If you're a small business and you've had crypto-ware issues this is a great option.
The only reason I mention products like Cylance is that these are the features you should be looking for going forward. Products like Cylance and Carbon Black are the new benchmarks for AV. I had Cylance running for a year and it picked up EVERY SINGLE MALWARE SAMPLE I was playing with while McAfee and MSE were clueless for weeks.
Trend Micro has some similar tech I think but afaik it doesn't exist in the home user platform. Webroot might be another to look at.
For the layman, typical AV tech relies heavily on signatures. Signatures are derived from the malware itself. So you have to know about a virus to protect against it. These days a new piece of malware is release every second on average. Say it takes an antivirus vender 24 hours (very optimistic) to find this new malware, then write a signature and test it. That is around 48 hrs from malware release to a signature being available). That means you are typically exposed ~160000 malware apps at any time.
The AV products use behaviour testing and 'AI' to look for new malware. So no signatures required (though I like to have signature based AV to quickly clean out old well known malware stuff that pops up occasionally).
Right now the AV market is a bit of a train wreck.
edit: after all that I had a look around at stuff again, for SMB/Home I would look at Webroot.
Thanks!
I used to use the free version of Webroot about 10 yrs ago when it was still free..............
May give it another look................
PS--Webroot has an AV package specifically designed for PC gaming at a very good price w\ many good reviews on it..........have downloaded the free trial version to test it out. Will post on the results when I do install it.
:salute
-
Seems Webroot bricked (not able to boot,...I believe) a number (not all) of enterprise business computers with a recent update.
-
Likely the wrlog.log file that grew to fill up the boot drive. Often a machine won't boot with zero free space on C. We worked around it on non-domain controllers by booting to a safe mode command prompt and deleting the file. Of course webroot starts all over on the next normal boot if you let it.
-
For removing malware (not preventing), malwarebytes is the best imo.
-
Seems Webroot bricked (not able to boot,...I believe) a number (not all) of enterprise business computers with a recent update.
Every major AV vendor does that at least once every 5 years :devil
-
I don't trust any AV software that is harder to remove than a virus. :old:
Coogan
-
Update:
I went ahead & purchased a 1 yr subscription of Webroot Secure Anywhere Antivirus for PC Gamers to use it in place of the Kapersky Internet Security series AV software that I have been using for the last 8-9 yrs and have installed it and got all set up then deleted Kapersky and rebooted my box to bring all up as clean as I could get it all.
The very 1st thing that I noticed is the SPEED\SNAPPINESS improvement of Windows running on my box since this AV swap. I mean it was VERY noticeable. Every app that is running is running MUCH crisper and smoother under Webroot AV for PC Gamers than under Kapersky Internet Security. This AV client software is showing to not impede any computer performance at all when compared to what I've been used to when using Kapersky.......night & day difference.
AHIII runs beautifully under this AV software w\o any special exclusion settings to enable.....just as Webroot said in their advertisement. I've had this AV running for approx 20 mins & it has already made 3 scans of my box taking only 20 secs to complete each 1 and so far all are clean.
So far, so good.
This particular Webroot AV version looks like a winner at this time. Will monitor to see how it all holds up but right now it looks very good.
Now that I've experienced this I definately ain't going back to Kapersky.....................
:aok
:salute
PS--Here's the link: https://www.webroot.com/us/en/home/products/gamer-av#reviews_summary_consumer-reviews
-
I liked Malwarebytes a lot, too.
I had a problem, though, in that, when I used both an antivirus and Malwarebytes, a reboot of the computer took forever, with the disk thrashing for a long time at startup. Uninstalling one or the other greatly reduced that (even though Windows does suck at startup).
Malwarebytes Premium claims to be an antivirus program. So, I would expect some potential for interference if one runs 2 competing products simultaneously.
MH
-
Malwarebytes Premium claims to be an antivirus program. So, I would expect some potential for interference if one runs 2 competing products simultaneously.
MH
Back when i was uding it abou 1 year ago they said it wasnt antivirus but to be used along with antivirus.
Ill keep an eye on v3 and higher. Thanks for the info.
-
Update:
I went ahead & purchased a 1 yr subscription of Webroot Secure Anywhere Antivirus for PC Gamers to use it in place of the Kapersky Internet Security series AV software that I have been using for the last 8-9 yrs and have installed it and got all set up then deleted Kapersky and rebooted my box to bring all up as clean as I could get it all.
The very 1st thing that I noticed is the SPEED\SNAPPINESS improvement of Windows running on my box since this AV swap. I mean it was VERY noticeable. Every app that is running is running MUCH crisper and smoother under Webroot AV for PC Gamers than under Kapersky Internet Security. This AV client software is showing to not impede any computer performance at all when compared to what I've been used to when using Kapersky.......night & day difference.
AHIII runs beautifully under this AV software w\o any special exclusion settings to enable.....just as Webroot said in their advertisement. I've had this AV running for approx 20 mins & it has already made 3 scans of my box taking only 20 secs to complete each 1 and so far all are clean.
So far, so good.
This particular Webroot AV version looks like a winner at this time. Will monitor to see how it all holds up but right now it looks very good.
Now that I've experienced this I definately ain't going back to Kapersky.....................
:aok
:salute
PS--Here's the link: https://www.webroot.com/us/en/home/products/gamer-av#reviews_summary_consumer-reviews
Update:
All still looking good here since the AV swap.
This version of Webroot shows to work very well in tandem w\ Windows Defender and is showing to be VERY resource-friendly.
Thanks Vulcan for the tip!
:salute
-
150,000 printers hacked. Hmmm, might want to tighten up, huh?
http://www.forbes.com/sites/leemathews/2017/02/06/hacker-forces-150000-printers-to-print-a-warning-to-their-owners/#7a140cf1b853
-
Well, I'm giving Webroot a try on my new Win7 install. It seems to work (or at least it claims to be working). Don't seem to be able to turn it on and off, though, which is bad. Slow downloads, but that may be due to other factors. I will be doing tests comparing downloads in Win7 with Webroot and downloads in Linux MInt.
MH