Largely starting this thread because I've recently wiped my bootable partitions and installed Windows 7 clean, and I've just become aware of Avira AntiVir being potentially incompatible with Mercurial (http://mercurial.selenic.com/bts/issue1820) - I'm not giving up Mercurial - and I'm interested in seeing where the comparatives and general techno-banter on AV is at this point in time, so I can pick out a suitable alternative (or even stick with Avira). I'm also considering what to do about firewalls, anti-spyware, et al.

The one thing that's going to shit me off the most is a program that does something unsupportable to the system in the process of achieving its goals, and/or leaves significant artefacts behind long after removal that create weird bugs and the like down the track. Conduciveness to long-term system stability is probably at the top of the list as far as desired features are concerned.
Good virus coverage and performance are on the wishlist too, obviously. I am also probably willing to pay money for something if it's good enough.

Also note that the above-noted Avira/Mercurial bug might be a problem for other AV programs, and I hear something similar might also arise with MySQL, so I'm not really sure that "pick a different AV program" is the end of it. I also don't make commits of some of the sizes talked about there, usually. >_>


So, condensing that down to some key questions:

What Anti-Virus program do you suggest/use/prefer?
Do you recommend any particular software firewall, if any at all? (as opposed to the hardware-based ones built into routers that nobody maintains)
Anti-spyware/malware/misc? Is Spybot still good?


btw, I don't mind this post being reshaped and sculpted into a cumulative Hyper go-to reference guide on the subject if the forum has any need for such a thing.

EDIT: some resources:

http://www.av-comparatives.org/
http://www.matousec.com/projects/proactive-security-challenge/

Ms security essentials is actually really good, apparently the best free antivirus/malware on the market - and really, what kind of chump pays for
antivirus these days?

Seconding MS Security Essentials, uses jackshit resources and it hasn't caused a single problem for me in using other programs. Perhaps only problem is that updates seem to take a little too long to download.

Just make sure it actually turns ms defender off, it didn't on my parents install and was running both at once. Derp.

Ms security essentials is actually really good, apparently the best free antivirus/malware on the market - and really, what kind of chump pays for
antivirus these days?
I think it's a legitimate service that'd be a pain in the arse to maintain - paying for it doesn't seem outlandish.

That said, what do I have to do to get my hands on MS Security Essentials? Admittedly I haven't looked very hard - I got some message about it not being available in my country when I tried some link from the other thread (http://www.hyper.com.au/forums/showthread.php?t=19449), but it may've just been an old link or something.
It's not bundled with Win7, is it?

Just google it. It's a pain to find from ms site, or was.

But what do you mean hard to maintain?

Just google 'microsoft security essentials' and go from there.

Here. (http://www.microsoft.com/Security_Essentials/)

Probably didn't work in the other thread because sausage was linking the NZ page.

But what do you mean hard to maintain?
For the vendors.

Anyway, yeah, I'll give Windows Security Essentials a shot.
Next, I assume third-party firewalls are still recommended? In which case, any suggestions?

and really, what kind of chump pays for
antivirus these days?

Ones that still value good heuristics engines.

@Fenrir:

For free I still recommend Anti-Vir, but I've heard good thing about Security Essentials too.

As for a firewall, comodo (http://personalfirewall.comodo.com/download_firewall.html). The installer comes with the A/V, but you don't have to install it (and I wouldn't, it's not that good).

What Anti-Virus program do you suggest/use/prefer?


Used to use avast, with ad ware, spybot and comodo but since using W7 I've only had ad ware and spybot installed but haven't used them.



Anti-spyware/malware/misc? Is Spybot still good?


Spybot's been giving me the shits with pop ups, uninstalling.

I've installed Microsoft Security Essentials, going to give it a go.

I was using Avira, but the stupid pop-ups and the fact that it has issues identifying some newer viruses put me off it, so I jumped ship to AVG because, well, it stays out of my way.

Might have a gander at Security Essentials though.

I was using Avira, but the stupid pop-ups and the fact that it has issues identifying some newer viruses put me off it, so I jumped ship to AVG because, well, it stays out of my way.

At the cost of not catching viruses Avira would have caught . . . if you're already worried about newer viruses than downgrading the actual protection offered is probably not a wise idea >_>'

My research suggested that AVG was better at catching new viruses than Avira is. Apparently the free version of Avira is quite underfeatured, and because I have a moral objection to paying third parties to "fix" a problem that Microsoft's OSes shouldn't even have in the first place, I'm not about to start paying for it. Also, having to explain to friends and family that the Avira popups are "normal" isn't something I look forward to doing.

I want a free virus solution that gets the hell out of the way so that users never notice it unless something goes wrong. AVG does that.

Just installed Security Essentials now. Will see how it goes.

(On the bright side, I've never had a virus even when I wasn't using a virus checker, so yeah.)

My research suggested that AVG was better at catching new viruses than Avira is.

Care to show where you found that? (seriously)

Apparently the free version of Avira is quite underfeatured

The only thing it doesn't have is spyware scan. It does virus and even has most of the heuristics engine intact.

and because I have a moral objection to paying third parties to "fix" a problem that Microsoft's OSes shouldn't even have in the first place, I'm not about to start paying for it.

Yes, because people writing viruses that require admin privileges to even run (which people happily give) that end up messing up the OS is MS's fault.

Honestly, it's not Microsoft's fault that viruses exist. OSX can even get them if someone grants them privileges.

Also, having to explain to friends and family that the Avira popups are "normal" isn't something I look forward to doing.

This is the only part I can agree on.

I want a free virus solution that gets the hell out of the way so that users never notice it unless something goes wrong. AVG does that.

While offering inferior protection according to virus.gr and av-comparatives. Though, it can have a high number of false positives, but for the most part they don't impact normal end-user systems.

(On the bright side, I've never had a virus even when I wasn't using a virus checker, so yeah.)

Hopefully. I stand by "never say never", because you haven't ran an A/V with the highest protection (NOD32 or Kaspersky). Just saying, there's no guarantee, even with those honestly.

As for MSE, it seems it would crash on certain sample during Virus.gr's August - September run >_<

As for a firewall, comodo (http://personalfirewall.comodo.com/download_firewall.html). The installer comes with the A/V, but you don't have to install it (and I wouldn't, it's not that good).
Ah, Comodo, I was using that at one stage. I recall it having some extra layer of firewall-age or something that doubled the program's performance overhead, which I was later told was completely unnecessary; and also, I recall it being an absolute bitch to remove. Also, what's with that UI?

I'll consider it, but Action Center has largely stopped complaining since I installed Security Essentials, so I might not bother.

a problem that Microsoft's OSes shouldn't even have in the first place
Bleh, this argument again.

I'm not sure what makes you consider malware a problem a popular OS shouldn't have. This stuff gets in via some combination of whatever vulnerabilities the system and/or running applications offer at the time - and a lot of systems stuff* is still written older languages like C which don't inherently protect against a lot of common vulnerabilities and mishaps at all - and good ol' fashioned social engineering. I don't think there's any real argument that the current viable crop of alternative operating systems provide any better strategies covering either avenue of ingress, unless you count lack of market penetration as a strategy.

*Including within Apple, and especially in free software.

Look, honestly, I don't think it's worth arguing whether or not Windows should be a Unix variant or not (I think it should, but that's a whole other thread).

My point was that it bugs the hell out of me that I even have to deal with this. I shouldn't. On any computer. Ever. The fact is that, on two of the computers I use, I don't get viruses. Both those computers run Unix. The one that's vulnerable runs Windows.

It's a pretty odd coincidence, don't you think?

EDIT: I'm also angry at Windows because I've spent the better part of the last month installing, configuring and supporting multiple computers that run it, and every single one was painful and annoying in some way. It just makes me want to scream "burn your computer and get a ****ing Mac" at everyone I know.

I think you're forgetting that Unix systems are designed from the ground up not to have the security flaws that Windows has. Viruses are simply things that Can't Happen<tm> on a well-designed system.

That's utter bullshit and you know it. OSX is based on Unix and, oh look here (http://www.tomsguide.com/us/Apple-Virus-iWork-Pirate,news-3343.html), a VIRUS.

Okay okay, it's really a trojan. It's really no better now is it? In fact it's much worse.

You really want to bring up security flaws though? Should we start talking pwn2own?

But this isn't really the thread to argue over OS superiority. It's a thread to talk about how to fix problems that Windows shouldn't have in the first place. :)

I'm not even going to bother with this part.

EDIT:

Sweet edit :rolleyes:

My point was that it bugs the hell out of me that I even have to deal with this. I shouldn't. On any computer. Ever. The fact is that, on two of the computers I use, I don't get viruses. Both those computers run Unix. The one that's vulnerable runs Windows.

It's a pretty odd coincidence, don't you think?

No, I don't. One has marketshare, the others have scraps.

EDIT: I'm also angry at Windows because I've spent the better part of the last month installing, configuring and supporting multiple computers that run it, and every single one was painful and annoying in some way. It just makes me want to scream "burn your computer and get a ****ing Mac" at everyone I know.

So you're pissed about something else entirely and deciding now to vent? What the hell happened to those poor machines that has you flipping out?

The problem with one was that it was a Windows box that a non-computer-literate family bought, and which got a virus because the mouthbreather that set it up didn't turn on Windows Update (which I hate with passion, but for these guys having it on automatic is the best option), so it got some virus that wrecked its operating system.

I've been fielding support calls from these guys for a few years now, and it can be really frustrating when they encounter a situation with Windows where something should Just Happen, but it doesn't because of an obscure "feature" or some crap. Not only that, but the family is actually scared of the computer because of how difficult it is to use.

Perhaps scared isn't the right word... paranoid, maybe? I know a few other non-computer people who are like that, too. I don't really understand what it is about Windows that inspires such paranoia, but I've never seen it with the non-literate Mac-using people I know.

My anger is really just because computers should all Just Work. Whether its Windows or Mac OS or Linux or whatever, it should all just work. I just wish that there was an easier, better way, where someone can just walk up to a computer, and have it do exactly as they want, without having to be afraid that it'll get viruses, or having to install obscure programs or whatever.

I really ****ing hate computers.

The problem with one was that it was a Windows box that a non-computer-literate family bought, and which got a virus because the mouthbreather that set it up didn't turn on Windows Update (which I hate with passion, but for these guys having it on automatic is the best option), so it got some virus that wrecked its operating system.

Well now we're getting down to it, it's a PEBKAC error. Given, Windows is more complex for many, and does require more tuning. So do other things though. There's the people that will go to a mechanic when the car is making a "sound", and then there's those that won't go till the hood is on fire.

I've been fielding support calls from these guys for a few years now, and it can be really frustrating when they encounter a situation with Windows where something should Just Happen, but it doesn't because of an obscure "feature" or some crap. Not only that, but the family is actually scared of the computer because of how difficult it is to use.

And you know what? Those people may benefit from a Mac. I won't lie. On the other hand, I've known some people that can even screw OSX up beyond belief. As hard as it may be, I've seen it happen . . . and yes, a part of me died inside.

Perhaps scared isn't the right word... paranoid, maybe? I know a few other non-computer people who are like that, too. I don't really understand what it is about Windows that inspires such paranoia, but I've never seen it with the non-literate Mac-using people I know.

Once again, some people are like that around various things. My mom and sister are more scared of Macs than they are Windows because it's familiar and they know it takes me nothing to fix it for them.

My anger is really just because computers should all Just Work. Whether its Windows or Mac OS or Linux or whatever, it should all just work. I just wish that there was an easier, better way, where someone can just walk up to a computer, and have it do exactly as they want, without having to be afraid that it'll get viruses, or having to install obscure programs or whatever.

Let's be honest though, this is really a pipe dream in this day and age. The only really "safe" system is a live OS, and only to a certain extent.

The biggest problems with security anymore though isn't the OS par-say, it's 3rd party mostly. That's the sad part in all of this.

I really ****ing hate computers.

IT jobs will do that. I'm going into a computer related field, my family knows my grades, my extended family knows my grades for Christ's sake, and apparently somewhere along the line it was decided I was free tech support.

****.

IT jobs will do that. I'm going into a computer related field, my family knows my grades, my extended family knows my grades for Christ's sake, and apparently somewhere along the line it was decided I was free tech support.

This is a known problem. (http://graphjam.com/2009/09/23/song-chart-memes-computer-science/) In my personal experience, the main difference between the platforms in terms of technical support is in the types of questions I get. With Windows, it's usually "I did this and the computer shat itself/some error message popped up that I don't understand". With Mac, it's mostly "I don't know how to do X on a Mac because I've always done it on Windows".

To make a more general argument, I think you'll find that the general landscape of threats has become rather less platform-centric. Platform-specific malware is still an issue, but there's much more cross-platform browser exploitation and social engineering being used to compromise computers and accounts these days. Security isn't only about not becoming part of a botnet, so I don't think any computer security discussion is helped by getting too caught up in which platform is most vulnerable to which specific type of threat.

WRT the Windows-specific security suite discussion, I currently run the free versions of AVG and ZoneAlarm as well as Spybot and Ad-Aware for my malware needs. Is there better software out there or will my current configuration do the job?

WRT the Windows-specific security suite discussion, I currently run the free versions of AVG and ZoneAlarm as well as Spybot and Ad-Aware for my malware needs. Is there better software out there or will my current configuration do the job?

Free or paid? If free I prefer Anti-Vir over AVG for anti-virus, but some can't stand the pop-up after update. Zone Alarm has been pretty poor IME, I'd suggest Sunbelt Personal Firewall (Kerio), Comodo, or Outpost. Others will have varying experiences with these though, and firewalls are definitely more preference based than A/Vs.

If you're looking at paid A/V, ESET NOD32 or Kaspersky are my top picks. Just using them with a free firewall should be enough.

Last but not least, another malware tool would be malware bytes. I don't used any paid ones since they shift around in actual usefulness so much.

My anger is really just because computers should all Just Work. Whether its Windows or Mac OS or Linux or whatever, it should all just work.
The warcry of the Mac user, and I don't see why learning to use a computer is any different to any other piece of tech that people learn to use. Cars, for instance.

Cars are way, way easier to learn, understand and use than computers are. Orders of magnitude, even.

I do agree that people should be required to get a licence before they're allowed to connect a computer to the internet, though.

Zone Alarm has been pretty poor IME

Is Zone Alarm the one Steve Gibson writes entirely in assembler? If it is, then you should avoid it because Steve Gibson is a total crackpot.

My mom and sister are more scared of Macs than they are Windows because it's familiar and they know it takes me nothing to fix it for them.

My Mum is always really impressed when she sees how stuff works on my Macbook. I tried to convince her partner and my sister to get Macs, but apparently everyone uses Windows, so why be different? :(

Cars are way, way easier to learn, understand and use than computers are. Orders of magnitude, even.

Just to make it clear, I'm referring to maintenance of a car. Like "oh shit you just blew a head gasket" type issue that most people would not be familiar with. Personally between repairing cars and repairing computers I find the latter simpler -- I really no shit about car repair (thankfully something my dad is good at, so we balance).

I do agree that people should be required to get a licence before they're allowed to connect a computer to the internet, though.

Actually, considering the amount of damage they can do by not protecting their systems to other systems . . . sometimes I wonder.

Is Zone Alarm the one Steve Gibson writes entirely in assembler? If it is, then you should avoid it because Steve Gibson is a total crackpot.

I don't think so?

My Mum is always really impressed when she sees how stuff works on my Macbook. I tried to convince her partner and my sister to get Macs, but apparently everyone uses Windows, so why be different? :(

Why "be different" is a good question. Is there a need to switch over to Mac if one is capable of working on a Windows system just fine? Now if they're not able to, then the question is whether one should learn how to use Windows or switch. This opens a door for cost to benefit analysis too.

Why do you insist they switch over to Mac?

Wouldn't this particular discussion be better suited to a different thread?

Just to make it clear, I'm referring to maintenance of a car. Like "oh shit you just blew a head gasket" type issue that most people would not be familiar with.

I know more people that could replace a head gasket than could replace a CPU, tbh. Then again, I grew up in a car family, so that's possibly not the norm.

I don't think so?

You're right. I was thinking of Shields Up. Gibson is a nutjob, though.



Why do you insist they switch over to Mac?

They're not "switching" to a Mac (or they wouldn't have been, at the time). They didn't own a computer at all, and had no real idea of how they worked. I wanted them to get a Mac because, for someone with no existing computing knowledge, it's a better system. My sister is rather stubborn, though, and often does the opposite of what I say just to spite me.

And yeah, this is way, way offtopic, and I apologise for that. I didn't realise such an offhand remark was going to raise such ire.

Whoa, I gather I missed a meltdown.

Generally making claims that something in IT should "Just Work" or claiming that a multi-billion-dollar software architecture is broken* is a good way to raise ire - especially if you're a power user. Those guys really seem to rub people (including each other) the wrong way.
I'm of the impression that most of the deep system-level stuff (read: kernels, Unix, Linux, BSD, NT et al) with high levels of deployment these days is extremely solid and rarely makes for a good target anyway. Most of the trouble occurs higher up.


*Relatively-speaking, obviously - only the wankers working on L4.Verified (http://ertos.nicta.com.au/research/l4.verified/) have the hubris to claim to be making a system that isn't broken at all. Bleh, something about UNSW makes my blood boil...
It's pretty rich to claim that something as dated as Unix has an inherent and signficant architectural edge over something more recent like NT, though.

To make a more general argument, I think you'll find that the general landscape of threats has become rather less platform-centric. Platform-specific malware is still an issue, but there's much more cross-platform browser exploitation and social engineering being used to compromise computers and accounts these days. Security isn't only about not becoming part of a botnet, so I don't think any computer security discussion is helped by getting too caught up in which platform is most vulnerable to which specific type of threat.
^Something along these lines.

The real blackhats are out to either damage or scam the naive insolent computer-illiterate masses out of either spite or opportunism, and they know most of those people are on Windows, so of course Windows is going to be the main target. The whole dynamic of it parallels Islamic terrorism and the West, really.

Wouldn't this particular discussion be better suited to a different thread?
I personally don't want to have another one of those threads.

Largely, Macs just confuse and irritate me. A few things about the brand definitely grate with me, too: as a software developer, I find the "Just Works" slogan offensive; and the cutesy curved-for-your-safety aesthetic lacks the sleek, high-tech cutting-edge look of awesomeness I've been raised to find awesome. So everything I say on the subject is going to be heavily tainted with bias.
I could level several legitimate criticisms at Apple, Mac etc, but I think I'd be blowing things out of proportion because of said bias.

Has anyone else noticed an increase in startup time using MSE with Win7?

Mine has gone from about 30 seconds on the dt loading programs (messenger, ESET, etc) to over 5 minutes :/

Nothing so drastic over here; but do you mean to say you're running the ESET AV suite and Microsoft Security Essentials on the same machine, at the same time?


Hmm, this is only related insofar as the only Hyperians likely to give a shit are probably trawling this thread already, and it doesn't seem reasonable to start a new thread on the subject - but is it worth the effort to learn to use Windows PowerShell?
I need a CLI for various tools (compilers et al), as well as to fire up script interpreters in interactive mode (Python, PHP etc); and I'm also throwing together batch scripts for automating and organizing shit (eg copying over web projects to my test server, calling tools I cbf adding to PATH), though I might start writing these in Python or something instead. Is there any compelling reason to use PowerShell instead of good ol' fashioned Command Prompt?

@TAT: I haven't noticed any startup time increases today. I'll try to pay attention to it when I boot this computer tomorrow, though.

@Fenrir: I love the concept of PowerShell, but I've not really learned much about it yet. There's some ideas in it that I'd love to see put into bash, though.

Hmm, this is only related insofar as the only Hyperians likely to give a shit are probably trawling this thread already, and it doesn't seem reasonable to start a new thread on the subject - but is it worth the effort to learn to use Windows PowerShell?
I need a CLI for various tools (compilers et al), as well as to fire up script interpreters in interactive mode (Python, PHP etc); and I'm also throwing together batch scripts for automating and organizing shit (eg copying over web projects to my test server, calling tools I cbf adding to PATH), though I might start writing these in Python or something instead. Is there any compelling reason to use PowerShell instead of good ol' fashioned Command Prompt?

I don't use scripts that often honestly, but I guess the real question is whether or not what you're doing is working for you. If it does then it's up to you whether you want to learn powershell for the sake of it or not.

I searched on the subject and found an interesting topic here (http://stackoverflow.com/questions/573623/powershell-vs-unix-shells). It might help you figure it out and decide.

@Fenrir: yes. I uninstalled avast!, but I'm happpy to leave ESET running for the time being. Aside from the initial loading delay (see below) I'm happy with the way it's all running

@TAT: I haven't noticed any startup time increases today. I'll try to pay attention to it when I boot this computer tomorrow, though.
Thanks, dude. I noticed a massive reduction in time today.

Maybe the delay was because it was my first restart after installing MSE? Odd.

Yeah, I've definitely not noticed any increase here, so it may have just been a transient glitch.

@Fenrir: I love the concept of PowerShell, but I've not really learned much about it yet. There's some ideas in it that I'd love to see put into bash, though.
Hmm, interesting that you're showing some enthusiasm for it.

Anyway, I think I'll be able to cover most of the shit I listed with either script interpreters (I don't think I could safely guess how many of these I have), or facilities provides by IDEs (NetBeans could probably jerk me off if I interfaced it with the right device for the job >_>), so the command-line is pretty much back to trivial little stuff - which is good, because I've never liked how firing up command prompt sends you back to the beforetime when we didn't have cushy text-editing and pop-up method lists, and PowerShell seems to be more of that.

@Fenrir: yes. I uninstalled avast!, but I'm happpy to leave ESET running for the time being. Aside from the initial loading delay (see below) I'm happy with the way it's all running
I'm pretty sure running two AV solutions at once is a huge no-no. At best one's redundant, at worst they don't play nice together.

Honestly, if I were running ESET I'd probably stick with it and drop MSE. ESET's firewall is apparently terrible, so look elsewhere for that; but last time I used NOD32 it kicked major arse.

Just made the switch to MSE yesterday, am impressed so far. Is running well on Vista, but I'm getting 7 tomorrow so we'll see how it compares then.