Thinkpads Forum

I went with AVG 8 Anti-Virus and am not sure about it. It constantly needs updating and attention. I also had a disaster with my computer (that in next question) and Comcast loaded Avast! So I researched and found BitDefender, Kaspensky and Nod32 are highest rated. My friend just got "XP Anti-Virus 2008" TWICE on his computer and it was a mess. (No, I didn't get it but I hear there are 1,500 new viruses out every day so....)

I'm willing to pay for Kaspensky or Nod, but one site at least says BitDefender is the best.

Can anyone please weigh in again on this. Lots of you did on my AVG vs. Zone Alarm thread but no one mentioned BitDefender.

Thanks, all.

Here is a site I use to check the current state of Antivirus software.
http://www.av-comparatives.org/

Most recently I have been using AntiVir (free version of Avira). It has a nag screen that appears about once a day, but otherwise seems pretty good. I've been thinking about buying the paid version (that does not have the nag screen).

When it comes to buying AV, a lot of forum members swear by Eset NOD32 (including me).

GomJabbar wrote: I've been thinking about buying the paid version (that does not have the nag screen).

GomJabbar, please let us know if you decide to buy it and how it works out. At the site you linked earlier Avira kicked some serious virus butt. I thought Nod32 was the best until I read those results.

I have removed Bitdefender from many machines. They were heavily infected.

I had Sunbelt Kerio software firewall on one of the family's laptops and ran into trouble with Adobe Reader Update. Turns out that they do not work well together. I am using Windows built in firewall at the moment. I would rather have a more comprehensive software firewall but just don't know of a good one. ZoneAlarm has caused problems for me in the past, so I've been steering clear of that one.

At home I have hardware firewall built into my router, but on the road with my cellular modem I rely just on the built-in Windows firewall (with AntiVir antivirus software). I faithfully apply Windows security updates. I also do 99% of my web browsing from a Power Users account rather than an Administrator's account in Windows XP. For Vista I rely on UAC. For Mandriva Linux, I use KlamAV (ClamAV) and Mandriva's built in software firewall.

Finally, I do nearly all my browsing with Opera - one of the most secure browsers available.

i moved from avg7.5free to eset nod32 antivirus. it's paired with comodo's free firewall and i' really quite happy with this combo.

fwiw...

Last night I decided to get the paid version of AntiVir. What I bought was Avira AntiVir Premium - cost $26.95 (19.95 €).
http://www.avira.com/en/solutions/home_home_office.html

You can download one of Avira's products and download a 30-day trial Test Key if you want to give one of them a test drive before committing.
http://www.avira.com/en/download/index.html
http://www.avira.com/en/products/test_licence.html

Below is a comparison of: Avira AntiVir Personal - FREE Antivirus, Avira AntiVir Premium, & Avira Premium Security Suite.
You can download the Free version (with nag screen) from the link below.
http://www.free-av.com/en/products/1/av ... virus.html

If you're looking for a decent Firewall:
I had bought Agnitum Outpost Pro for many years. Then they went downhill from V3 onwards, due to loads of incompatibilities.

Replaced it with the free Comodo 2.x. When they came out with Version 3, all sorts of problems happened on my machines.

Replaced Comodo with another freebie: OnlineArmor.
So far this has proven a very stable FW without any issues and it works very well with EsetNOD32.
Get OA here: http://www.tallemu.com/free-firewall-pr ... tware.html

I haven't looked into this topic in some time, so I was just curious as to what is wrong with Windows firewall? Outdated? Ineffective?

RBS, thanks for the info. I am taking a look at the reviews.

Harry, AFAIK Windows firewall only blocks inbound attacks. Other software firewalls also check for suspicious outbound activity.

I just ran a full system scan with Avira AntiVir Premium. It took 59:17 minutes. A total 449543 files on two partitions comprising 26 GB were scanned. I have a Hitachi, 7200, 60 GB hard drive.

GomJabbar wrote:AFAIK Windows firewall only blocks inbound attacks. Other software firewalls also check for suspicious outbound activity.

yep. that's why i disable wfw and install 3rd-party.

i tried online armor, but it gave me problems with off2k's help system that i couldn't resolve. the only ? i found on their forum that was similar had no solution. so, i went back to comodo3. i never had v2 installed, so maybe RBS' issues were upgrade-in-place related?

GomJabbar wrote:Other software firewalls also check for suspicious outbound activity.

To some extent. A clever virus/malware/etc will "inject" itself into svchost.exe service host process when is imposible to detect which particular service (a .dll) is accessing TCP services. You can not disable it for the svchost.exe process at all. Another level is a rootkit which is impossible to detect by antivirus programs in general. There are some special technics and tools ( http://technet.microsoft.com/sysinternals/bb897445.aspx ) but the results are not 100% sure anyway.

The general rule is to work with as least as possible privileges most of the time. Typically an account with User privileges does the job. Most of users logged as Administrators are completely hopeless even with tons of anti-everything installed. Windows Vista UAC does finally the good thing there. Windows Firewall is sufficient as long as you check "Disable all exceptions". Real firewall must be a hardware thing you connect your machine to. Any software "firewall" runs in higher abstraction layer level only. If there is a vulnerability in lower level (typically W/LAN driver etc.) you are spoiled.

Using a web browser A instead B is not about security at all. Every software is buggy. The limited privileges, regular updates and installing software from trust locations is the only way to apply real security.

I don't use any resident antivirus or antispyware because it makes troubles only. From time to time I scan the machine (actually it is mounted TrueImage image backup file) by Windows Defender and CA Antivirus.

In the last review of anti-virus software in the German c't magazin, F-Secure Anti-Virus was deemed to be one of the very best.

Being a member at my University, I get access to F-secure....but instead I use a combo of NOD32 and Spybot S&D.
I use NOD32 because of its minimal resources used.

For free antivirus...AntiVir free edition, much lighter and better detection rates than Avast or AVG

For paid antivirus, AntiVir Premium, Eset NOD32, or Kaspersky

For software firewall..if you need more than the built in Windows one....Comodo.

Cool information, everybody! I have a problem that may be complicated, and I'd like to get your opinions, please.
I have WinXP SP2 on a Thinkpad R61i. I have Online Armor and Avast running.

A couple days ago I went to a website that made my machine hang... it was trying to download "flashba.pdf", which opened my Foxreader (I used that instead of Adobe). I opened Windows Task Manager to stop Foxreader, and it stopped after several tries. I closed Firefox, and noticed it was still listed as running in Windows Task Manager, so I closed it there, too.

After that I ran PCTools Spyware Doctor, and it found a bunch of suspicious malware cookies (I think it was), and they were deleted. I also deleted flashba.pdf.

After all that, my Thinkpad booted very slowly, and sometimes Online Armor would not start. Then today I got a BSOD that said "kernel page error", but then it rebooted and restored a previous setting. I looked at Event Log, and copied a bunch of the text, mostly stuff relating to network connection problems, but not clear to me.

Not being sure what to do, I went into Online Armor and uninstalled the firewall (which leaves Program checking on). I rebooted and now the Windows Firewall went on, and things look OK, and no BSOD.

Any advice? I'm a little concerned that Windows system files could be messed up somewhere. I'm considering a number of options:
- get SP3
- try to do a system file restore
- reload from Thinkvantages backups somehow

I'll also read the XP recovery thread. Any good ideas appreciated! Thanks.

flamenco, It sounds like a dog's breakfast to me.

I'd be inclined to use R&R to recover the system settings to what they were before all this started. If it is only a matter of days then hopefully you won't lose too much.

Good luck.

BTW, I nearly forgot to say that I use Avira free edition and Comodo firewall.

My Vote: Avira Anti-virus Personal. I have the free edition so I get the nag screen, but it isn't that bad. It has no impact on system performance which I like. The nag screen really does not bother me. Scans are fast so you will not spend a whole day waiting for a scan to complete.

For firewall, I use to use ZoneAlarm until I got my linksys router which has firewall functions so I don't use that program anymore. I actually have three firewalls, the one on my DSL modem, my Linksys router's firewall, and the Windows Firewall. No problems, but it becomes a pain if I need to open up a port (DSL modem does not support UPNP for auto port confing).

The first thing to do is run Ccleaner . It is a nice all around cleanup utility that does some relatively safe registry cleaning.
Personally I would ditch online armor, avast and spyware doctor. Instead I would use Antivir personal, spybot search & destroy and Malwarebytes anti-malware. After that run JKDefrag to straighten things up and finish by running a chkdsk /r on the hard drive.
This quick tune up should get thing running right for you.

i am NOD32 guy

Maybe stating the obvious here, but recently I've spent a load of time removing multiple versions of old antivirus progs on customer machines, and in some cases multiple working versions.
Norton, Mcafee and I think Bit Defender have specific removal tools that get rid of the fag ends and make a load of difference in speeding up the OS.

Also Ccleaner comes recommended as does Raxco to defrag.

I run Ubuntu so dont need antivirus / spyware.......

But when I need it I use Nod32 as well