What's the best Antivirus?

[A Guy]

, but always remember to only ever have one active antivirus program installed at any one time.

I have Avast as my active AV (works for me), but have Avira Antivir installed with the active guard off. I use it for on demand scanning and the right click context menu scanning ability. Never any conflict scanning with Avast enabled. A Guy (no relation )

 

[GZ]

Earlier today I worked on a computer that had Kaspersky, Norton and TrendMicro installed and running... What a nightmare...

 

[JMH]

Earlier today I worked on a computer that had Kaspersky, Norton and TrendMicro installed and running... What a nightmare...

More must be best they think...:banghead:

 

[Kosh Vorlon]

I'm talking strictly about day-to-day proactive protection and not recovery from infections which is an entirely different subject.

I sometimes take more risks than normal trying to help people who have problems with programs (by downloading things I'd not normally consider so I can see the product myself which helps me). I'm also always looking for new and good products that can be recommended (or are being legitimately recommended by others) and while I'm reasonably cautious, some I might normally not consider. And when people post links where I mod, I often check them out if they aren't familiar to see if it's (another!) spammer or a potentially malicious site. Given this, I feel I need to do a bit more than the average user needs to do (more in terms of the frequency and variety of scans that the rest which I believe can help most people).

Here's what I do (and it isn't 100% but nothing is, and in some cases only catches things after they've already gotten into the system, but it's a good process while remaining reasonable and they can all work together - as proven by the fact that I use them):

I use MSE for real-time protection and run scheduled daily quick scans with a scheduled bi-weekly full scan. Never have more than one program installed that provides real-time AV protection (no matter what the vendors say is possible).

I update and periodically (every couple of weeks or so) run full scans with Malwarebytes: http://www.malwarebytes.org/ and SuperAntiSpyware: http://superantispyware.com/ and ESET online scanner: http://www.eset.com/us/online-scanner/. Get only the free versions. Any that also have paid versions include features like real-time protection that cannot be used along with MSE anyway (in these cases), so there's no point in spending the money anyway.

I use WOT http://www.mywot.com/en/download to help identify safe and dangerous web sites.

I use Secunia PSI http://secunia.com/vulnerability_scanning/personal/ to make sure all my programs are updated and current (since updates often plug security holes in the software and thus can be important as many people never check and/or update their software unless prompted - and this way I don't need to check everything since notifications and sometimes updates are automatic).

I always follow the following advice from Stephen Boots - MVP:

-Make sure that the Windows Firewall is enabled. No other firewall truly offers better protection or is needed. This one is perfectly fine.

-Make sure that all important/critical updates, including service packs for the operating system and programs are installed from Microsoft Update (Windows Update).

-Make sure Internet Explorer is at version 8 or 9 and updated with all patches.

-In Internet Explorer 8 or 9, use the SmartScreen Filter.

-Make sure that IE Internet Security settings are at least set to medium-high (default).

-Enable the pop-up blocker in IE.

-On Vista and Windows 7 make sure that User Account Control (UAC) ON and not running with elevated privileges.

-Make sure that Windows Automatic Updates are set to at least notify, but the preferred setting is to download and install automatically. If you update manually, be sure to update as soon as possible after being notified of available updates.

-Make sure that installed applications, especially Adobe Acrobat, Adobe Flash, and Java are at their latest versions. Many vendors are regularly updating and patching for security holes. Secunia PSI mentioned above can help automate this a lot.

-Never click through links from unknown sources and use caution even if they are from a "trusted" source.

-Never open unsolicited email attachments.

-Practice safe web browsing. No adult sites, no peer-to-peer file sharing sites, no sites offering cracks or free software that you know can't be true, ockdown Facebook to only Friends on EVERYTHING, use WOT mentioned above, use Task Manager to close all open instances of your browsers if you ever get a suspicious pop-up {as opposed to clicking the red button or Cancel to close it which could be all it takes to infect you as they may have other code than just what those things commonly do}, double check all links in browsers and emails by hovering over them or otherwise checking to see if what they say and where they say they are directed match what is really there {many scams say www.microsoft.com or user @ microsoft.com but turn out to really be www.youarehosedbecauseyouclickedthis.ru and when you click you find out why that's the name} and I could go on but you get the idea.

-Always use a standard user account unless you have a specific need for an administrator account. Then switch, do the administrative task, and return to the standard account. This greatly limits the access of any type of infection of intrusion into your system since administrative access isn’t in place.

Good luck!

 

[Britton30]

Earlier today I worked on a computer that had Kaspersky, Norton and TrendMicro installed and running... What a nightmare...

Since AV's work deep in system files due to their very nature, they will flag each other as malicious, which is one reason to have only one active.

 

[Patrick]

Earlier today I worked on a computer that had Kaspersky, Norton and TrendMicro installed and running... What a nightmare...

Oh dear God, that does sound like a nightmare! The hardest part is telling a user to uninstall the rest and choose one, and turns out they've recently purchased or renewed their license for said antivirus product. I always feel bad

 

[GZ]

No... This is one whos subscription ran out so kept trying Free ones (or free trials).

 

[Cayden]

Why can't Anti Virus / etc developers have code so that it will detect if it there is another similar product installed at the time and prevent it from installing?

 

[usasma]

That's the issue - they can't code for similar products. FWIW - some of the more popular "pay-for" antivirus' will warn you if there's another antivirus. But it can't always tell if one is there - just like the perfmon /report can't always tell if you have one installed (and that's from Microsoft!).

There's just too many different things that another developer can write - so the other developer can't anticipate what it looks like.

 

[F5ing]

My favourite geek magazine rates AV software based off of a few primary things:

1. Speed of a quick and full scan
2. Impact on boot time
3. Difficulty to be forcefully removed or disabled
4. User-friendliness of interface

This is a pretty good idea I think. However I stick with MSE as it's been one of the easiest to use.

I hear a lot of complaints from users about the difficulties encountered when trying to completely remove an AV product. But it just may be a necessary evil that must be dealt with when considering how important #3 is.

Seems they're missing one measurement though. What about detection effectiveness?

 

[Corrine]

Good point, F5ing. However, detection is only as good as definitions. Definitions depend on submissions and internal testing by the vendor.

 

[Patrick]

It would be nice if every modern day antivirus, anti spyware, malware, 3rd party firewall, etc.. had straightforward removal / uninstall tools. It'd make the lives of the user and analyst much easier. I still can't get over the headaches with Lavasoft and their firewall software :thud:

 

[Corrine]

There are removal tools provided by most vendors that usually do the trick. I updated the list I have at Antivirus Product Removal Tools in June. It includes links to Singular Labs Uninstallers and AppRemover.

 

[Patrick]

Awesome, thanks for the link Corrine! I had one before for reference, but yours go in-depth.

 

[Corrine]

You're welcome, Patrick. I prefer having people go the route of the vendor removal tools first, followed by AppRemover if needed, keeping Revo as a last resort. The reason is that I've seen Revo be more aggressive than necessary and causing problems.

 

[Anthony N]

I use several tools myself, I use OpenDNS, and Avast.

Avast while it updates daily, has also pointed out some nasty little bugs becuase of it's "scan every file" approch.

Back in the day we're talking about 4 or more years ago I had a little program called Comoto Internet security and antivirus, along with their firewall.

Well, I don't know how I did but my last windows install had the drive letter D instead of the typical C. About the time my software warned me of an intrusion I knew I was under attack. My computer had a mind of its own and the attacker kept trying to infect my C partition not realising that windows was on a different one. I had no choice but to pull the power plug, and deal with a BSOD, than to have damage done where I was storing my programs.

 

[Corrine]

Back in the day we're talking about 4 or more years ago I had a little program called Comoto Internet security and antivirus, along with their firewall.

Not my favorite vendor and also a very difficult program to remove.

 

[Anthony N]

Why's that corrine? I know about the removing part, but why the other part?

It did save my computer, but again, like you it's interface was least to be desired, so I went to MSE, but fealt I wasnt being protected so I switched to avast.

 

[Corrine]

I had a "run in" with Melih Abdulhayoglu, the President and CEO of Comodo, who apparently couldn't keep track of which blog it was where he posted a comment.

 

[Anthony N]

wow.