New findings update WS Security Baseline

Topic

New Reply

	TOP STORY[/size][/font] Windows Secrets Security Baseline update[/size]
	By Robert Vamosi Our monthly update of the Windows Secrets Security Baseline focuses on anti-malware suites — all-in-one commercial packages that fight viruses, spam, spyware, and malware that’s still unknown — plus suites you assemble yourself. Regardless of your skill level — beginner, intermediate, or advanced user — you should be able to find security protection that’s right for your needs.[/size]

---

The full text of this column is posted at WindowsSecrets.com/2010/05/13/02 (opens in a new window/tab).

Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.[/td]

[/tr][/tbl]

Reply | Quote

Replies

The Online Armour Firewall is not supported for Windows 7 64 bit, as yet. Maybe next Year!

Also, according to Masoutec, all our efforts to protect ourselves will be a waste of time, as they have apparently created malware that can morph and defeat any Antivirus or Anti malware engine out there!

Reply | Quote

I happen to have been an Online Armor user for a couple of years, so with regards to Online Armor, it’s not mentioned in the WS article but they actually offer a paid version that includes antivirus. There’s three versions of Online Armor; Online Armor FREE, Online Armor Premium and Online Armor ++. Online Armor ++ incorporates antivirus, antimalware and a rootkit scanner in addition to all of the features of the Premium version.

The Online Armour Firewall is not supported for Windows 7 64 bit, as yet. Maybe next Year!

Also, according to Masoutec, all our efforts to protect ourselves will be a waste of time, as they have apparently created malware that can morph and defeat any Antivirus or Anti malware engine out there!

The paid versions are actually able to be installed on Windows 7 x64 by using the command line “/dragonslayer” when running the installer 🙂 The easiest way to do that is by creating a shortcut to the installer, and then adding space and /dragonslayer to the target. You should read the release notes in their support forum before installing on Windows 7 x64 though (the requirement of the commandline paramater is to ensure informed consent of this). Their forum also states that they are currently accepting beta testers for x64 if anyone is interested.

With regards to Matousec, there is a thread on Online Armor’s forum where the CEO of Tall Emu has replied to this concern here http://support.tallemu.com/vbforum/showthread/?t=13015 Hope linking to it is okay (the forum rules seemed to indicate it was okay as long as I’m not spamming to sell something and I don’t sell anything anyway).

Reply | Quote

Article was good up to a point but glaring ommissions such as AVG which is available in both free and paid editions and Avira which again is free or paid version – my personal experience among home users in the UK over the last 15 or more years is that AVG is the big favourite and does a very good job without problems.
A large number of PCs I get in to deal with are being strangled by a version of Norton or worse by one of Mcafee’s products.
I generally recommend AVG coupled with Malwarebytes, Spy Bot or Superantispyware free.
Martin
Tusker Technology

Reply | Quote

I normally do not get in to these type of conversations as they can get rather opinionated so I’ll keep it short and sweet. You’re speaking from your own experience which I appreciate. Both companies have had their fouls as do many in the AV sector and this is something to remember and most importantly it is how the company deals with the issue at hand and stopping any future fouls on the way. The public floor is very important as they’ll want to keep their reputation up to a high enough standard that they have a subscriber base to support

Some relevant articles for each product. Personally I am a fan of neither product.

http://news.cnet.com/8301-1009_3-10093875-83.html
http://news.cnet.com/8301-1009_3-10067148-83.html
http://news.cnet.com/8301-10789_3-9986453-57.html

http://news.cnet.com/8301-1009_3-20003074-83.html
http://news.cnet.com/8301-1009_3-20003247-83.html
http://news.cnet.com/8301-1009_3-20003399-83.html

Reply | Quote

Just wanted to get my 2 cents worth in here. I have been using Kaspersky AV for the past 3 years. I now have 3 pc’s using KAV. 1 with Windows XP Pro, 1 with Windows XP Home, and 1 with Windows 7 Home premium. Up until this year, I have been very satisfied with it. Since then it has become a CPU hog and the techs there don’t seem to either want to or can’t fix the problem. Also, over the past few months, 2 of the three computers (1 XP Pro & 1 XP Home) have been compromised with the malware “Virus Protector”. While KAV who claims to have the top of the line defenses for this type infection, I had to in both cases install the antimalware program…Malwarebytes Anti-malware…to get rid of them. KAV didn’t even catch it during the full scan which I do every night. Personally, I am looking to change my AV protection very soon. Years ago I used Norton System Works, and left them due to its processes hogging the CPU. I tried the AV program NOD32, but had a hard time working with it. Thats another story.
As I said, I just wanted to get my 2 cents worth in here.

Reply | Quote

Just wanted to get my 2 cents worth in here. I have been using Kaspersky AV for the past 3 years. I now have 3 pc’s using KAV. 1 with Windows XP Pro, 1 with Windows XP Home, and 1 with Windows 7 Home premium. Up until this year, I have been very satisfied with it. Since then it has become a CPU hog and the techs there don’t seem to either want to or can’t fix the problem. Also, over the past few months, 2 of the three computers (1 XP Pro & 1 XP Home) have been compromised with the malware “Virus Protector”. While KAV who claims to have the top of the line defenses for this type infection, I had to in both cases install the antimalware program…Malwarebytes Anti-malware…to get rid of them. KAV didn’t even catch it during the full scan which I do every night. Personally, I am looking to change my AV protection very soon. Years ago I used Norton System Works, and left them due to its processes hogging the CPU. I tried the AV program NOD32, but had a hard time working with it. Thats another story.
As I said, I just wanted to get my 2 cents worth in here.

I hear your pain, and can sympathize. I have used dozens of AV programs over the years and have recently gone with Vipre by Sunbelt Software. I like the size, the performance and the effectiveness of the program. But I also have several other layers of protection on my system. I own SuperAdBlocker, which also has an anti-spyware component. I also have AdAware, spybot S & D, and Malwarebytes that I use for periodic scans. I use Linkscanner and Mcaffe Site Advisor on my browser. It’s my opinion that the more programs you have watching, the more likely you are to catch the bad guys!

Reply | Quote

Good article, but I was a bit taken back that NOD32 or Smart Security by ESET was not involved in your discussion. I have been using both for several years and find either far superior to Norton, McAfee or Kaspersky. I believe without telling your readers about Eset you are only giving them half of the story. Just my 2 cents…………….

Reply | Quote

Good article, but I was a bit taken back that NOD32 or Smart Security by ESET was not involved in your discussion. I have been using both for several years and find either far superior to Norton, McAfee or Kaspersky. I believe without telling your readers about Eset you are only giving them half of the story. Just my 2 cents…………….

I would agree completely. Working for a consulting firm here in Canada, we have found ESET’s product suite to FAR surpass any other AV we have tested. We have deployed close to a 1000 seats of this product in the last year or so in legal, accounting, and even Oilfield construction companies. Interface is fairly simple, the corporate version allows centralized management, and it catches Malware, Virii, and other “potential threats”. One major benefit we found was very little system performance hits even on very old systems. (PIII and P4 Systems running Win2k, XP)

In fact one of our clients has switched from the Norton/Symantec products because his entire office became infected with “Antivirus 2009/2010” malware. When he contacted Symantec about it, the support technician actually told him that this was Malware and not a virus (even though it made the systems completely unusable) and therefore Symantec AV was not designed to catch it. After manually cleaning his systems to remove the Malware and removing Symantec, his users “caught” the same Malware with ESET before it was able install itself.

Reply | Quote

Let me add ZoneAlarm Internet Security Suite to the list of prominent products not mentioned in this article. Have also noticed that major reviews by CNet and other major publishers have omitted ZoneAlarm lately. When its firewall was free, ZoneAlarm always got top reviews and the suite continues to work well for me. One has to wonder if there is some kind of conspiracy to omit the product from so-called comprehensive reviews. Maybe they don’t spend enough on advertising?

Good article, but I was a bit taken back that NOD32 or Smart Security by ESET was not involved in your discussion. I have been using both for several years and find either far superior to Norton, McAfee or Kaspersky. I believe without telling your readers about Eset you are only giving them half of the story. Just my 2 cents…………….

Reply | Quote

Good article, but I was a bit taken back that NOD32 or Smart Security by ESET was not involved in your discussion. I have been using both for several years and find either far superior to Norton, McAfee or Kaspersky. I believe without telling your readers about Eset you are only giving them half of the story. Just my 2 cents…………….

I agree 100%. I’m using ESET products in my company for about 5 years and I’m very confident on them. Easy to setup, two or three updates per day. No article on AV is complete without referring to ESET.

Reply | Quote

In your article, you give the impression that Malwarebytes Anti-Malware is an antivirus program. You describe it as “One of the gold standards of standalone antivirus apps” and note that “It has not been evaluated alongside Norton, Kaspersky, or any other leading AV apps….” Repeatedly, the folks at Malwarebytes have emphasized that it is NOT a replacement for an antivirus program, that you should have an antivirus program IN ADDITION to Malwarebytes (MBAM). MBAM is not designed to be an antivirus program; rather, it is designed to look for and catch malware that many antivirus programs miss. It’s a great program, but you do it and your readers a disservice to suggest that it is an antivirus program.

I was also a little surprised that you list Microsoft Security Essentials (MSE) as a suite. I thought that a security suite included antivirus, antimalware, and a firewall, but as far as I know, MSE does not include a firewall.

Reply | Quote

I think you misrepresented the reviews of Kaspersky by calling them “middling”. This is what PC World actually said:

Kaspersky Internet Security 2010 was the second-place finisher in our 2010 security suites roundup, trailing only Norton Internet Security, and not by much. It earns high scores for strong malware detection, efficient performance, and a well-designed interface. While Kaspersky executes these features well, the price ($80 for 3 users as of 3/10/2010) is more than the cost of some other suites.

[…snip…]

In detecting active malware infections on a PC, Kaspersky performed well. It found all malware samples and disabled 87 percent, but removed all files for only 47 percent of the test infections (that score for removal is about average; no suite managed to remove all traces of every infection). And Kaspersky tied McAfee as the top performer in rootkit detection, finding and removing all inactive and active rootkits.

PC Mag was slightly more reserved, but perhaps a bit more positive than you implied:

I very much like the way Kaspersky Internet Security 2010 intelligently handles Application Control without hassling the user. The new “Safe Run” sandbox is another unusual and advanced feature. In my real-world anti-malware testing, the suite came out okay but not great, and it did have a measurable effect on system performance. All in all, however, this feature-packed suite is a good choice.

Reply | Quote

My 2¢: I started using AVG free on all my home PC’s/laptops as well as my kids, friends and business acquaintances, from a recommendation about 60 years ago in the Langalist. It has suited me fine, I don’t want to divert any energy from my other activities to change something that doesn’t seem broke. What worries me is that I never get a message saying “virus found” or “you have entered a dangerous site” or some such. Also I never get any Windows Defender messages. I periodically scan to see if the thing is working and it finds no problems. My computers work well, and nothing mysterious happens. Either I’m so blindly protected, or my clean computing practices are paying off, or my browser (Chrome) is THAT good, or something…to me, it aint broke. What bugs me is it’s not in the preferred list anymore. Should I change, or should I ignore?

free ¢: (Admins/Eds, I *love* the forums!!)

Reply | Quote

I’ll chime in with my $.02 regarding Symantec’s top rating, but it is not concerning the suite’s performance.

Instead, based on my experience with several generations of Symantec’s suites, both on my work- and home machines, Symantec’s marketing tactics and the way the bury their application so deep into the system that it makes it harder to remove than the worst malware, have soured me forever on that company.

As an example, I cancelled my subscription with Syamantec at the end of 2008. I confirmed this with a rep at Symantec. After quite a bit of work, I was able to (I think) completely uninstall their suite from my home PC. Then, just a few months ago – in early 2010 – I noticed that Symantec automatically tapped my Amex account for a software renewal, even though I hadn’t used their product for over a year! I was absolutely livid. I immediately called Amex and had all future Symantec charges forever blocked. I also called Symantec – again – to have them completely delete my account. My only other similar experience was trying to release myself from AOL’s slimy hold, back in the day.

Bottom line is this: if your anti-malware provider treats you like you’re some dope they can scam, and if their anti-malware app is harder to uninstall than the worst kind of virus, it’s time to find another anti-malware provider.

Reply | Quote

[…] Symantec’s marketing tactics and the way the bury their application so deep into the system that it makes it harder to remove than the worst malware, have soured me forever on that company. […] Bottom line is this: if your anti-malware provider treats you like you’re some dope they can scam, and if their anti-malware app is harder to uninstall than the worst kind of virus, it’s time to find another anti-malware provider.

I agree with Doug this. I am never using Symantec products again, based on several very unpleasant experiences with components that were near impossible to remove and equally difficult to get working right.

I note that, unlike many software vendors, Kaspersky’s tech support is excellent. I have always got pertinent, clear answers within 24 hours of an inquiry, usually much quicker.

Reply | Quote

ABC is best. No, XYZ is best. But what about QRS? Blah-blah-blah-blah-blah. No anti-virus, or anti-spyware, or anti-anything is 100% effective 100% of the time. Whatever tests are run today by whatever testing company you care to name, will not give the same results a month from now. Virus Bulletin might list ABC as best of show in their April 2010 tests and then list XYZ as best of show two months later. Does anyone on this forum really care if their anti-malware has a 96.4% success rate and mine gets a higher 96.7%? Are you really going to switch based on that test? How about if my choice always scores 0.3% higher than your choice? Will you switch then? Most of us will never be able to tell a difference in EFFECTIVENESS because there are too many variables involved. If your computer is not running the same OS as mine, the same programs, apps, if you don’t visit the same web sites, etc. etc. etc, we will never be able to get an objective test score. What we CAN determine is if ABC makes your computer run slower than XYZ. Or if you get more false positives with XYZ vs. QRS. Or if one is more expensive than another. Or which product your favorite tech writer recommends. That’s how most of decide which anti-whatever we’re going to use. Bottom line is running some kind of anti-malware is better than running nothing at all.

Reply | Quote

Why didn’t you review AV Grisoft? I have used their service for over five years without any intrusions into my security. Virus-free is the way to fly!

Reply | Quote

Working with 2 standalone desktop pc’s ,one with Avg free +Oneline armour firewall the other with Eset smart security +Comodo firewall, I received malware /virus detected by Emsisoft A-squared free!!
There is no 100% protection.
Keep your pc in good shape including protection by getting the recent updates asap!
I use Secunia PSI to keep my software up to date,use Iobit Advanced System Care pro to clean pc and Emsisoft to catch malware my regular av doesn’t catch.

Reply | Quote

Nowhere did I see Bullguard Security Suite mentioned which I have been using for some time to very good effect.

Reply | Quote

I assemble my own kit of free, specialty security programs including Malwarebyte’s Anti-Malware (MBAM), which I also recommend and install for others. To extend remarks by cyberdiva, MBAM is not only not an anti-virus program, but it’s search for malware produces a list of proposed items to remove which includes registry keys. This list should be carefully reviewed before clicking the Delete button or you may lose desired settings or functionality, as with any registry editing procedure.
In installing and maintaining personal and business systems, I have always had to remove Norton and have never had anyone ask for its re-installation.

Reply | Quote

Readers should be aware that Norton 2010 does not scan incoming email for spam or viruses if uses an SSL connection. Symantec states that they support Outlook and POP3 email clients, but they omit to say that the connections cannot use SSL encoding. If you are using SSL, the product does not warn you fo the hole. Apparently this will still be the case in 2011.

My guess is that the product interposes itself of ports 110/25 and does not make use of Outlook APIs for scanning. It seems to be oblivious to Outlook POP3/SMTP traffic that uses SSL.

Reply | Quote

A sandbox has been added to the newest version of Comodo…which I find to be very innovative especially for a free suite.

fnicholson

Reply | Quote

The article talked about Symantec’s Norton Internet Security 2010. I have Norton 360. Would the review comments be the same for this product?

Reply | Quote

Hi there;

Good article and good comments too!
One tidbit that nobody seems to dwell upon is what seems to be best for Joe Average and Granny OhMiGod out there.

I do have a bit of personal experience and contact with MANY very average home users. And for them the overarching criterion definitely is ease of use, period.
None of my many customers would even vaguely be able to answer any “question” from McAfee, Norton and the others.

In the ease of use department the combination of the default Windows firewall and MSE imho is unbeatable.

Another tidbit: Since August 2004 (release of SP2 for XP) current and up-to-date Windows systems have a stable and dependable basic firewall that just does the job. After all the trouble that I had with past new versions of Zone Alarm I am simply stunned by the persistence and staying power of a program that certainly had it’s day – in an “ancient past”.

Reply | Quote

Hi there;

Good article and good comments too!
One tidbit that nobody seems to dwell upon is what seems to be best for Joe Average and Granny OhMiGod out there.

In the ease of use department the combination of the default Windows firewall and MSE imho is unbeatable.

OH, my, may I chime in here and this is not just $00.02 worth of an opinion. I have used that ZA many years ago, Norton, McAfee, AntiVir, just to name a few, I now use Avast! and am waiting for them to make their pre-Windows Scan available for 64 bit like they have for 32bit, GMER was bought out by them and included it in their 32bit version. Along with that their software seems to be very user friendly because I am not technically oriented and if it gets too GEEKY I get lost. And I also run MSE along with Avast! and also use the Win7 Firewall as it is the easiest for me to setup and use. NOTHING to tweak for my use anyway.

Also each individual’s comfort is what will really drive what they use and as others have put it, just to let another know what I am using is all that this is for. One last point, I am a home user, not Joe but don, and Granny OhMiGOD is really MeMa, my Wife and we both get along just fine.

Thank you for reading my poster roasted,

"Infinite CREATOR" cast "Loving Light" upon thee
TIA, CU L8R, 'd' "LoneWanderer"
"Only you can control your future." Dr. Seuss
NOT a leader,
NOT a BLIND follower,
Join US and LIVE this LIFE as ONE!
Original author Unknown

Reply | Quote

Not really sure what is going on, but; when I was attempting to post that one just above with my NICK I got a short message that I needed to wait 10 sec. before posting. So I went back over my post and made some small changes. Then reposted, found my original had gone through and my last one did also. So I deleted the first one so if anyone was reading that one the one that is in the Lounge now is my final word.

Thank you for reading both of these prosted osaters

"Infinite CREATOR" cast "Loving Light" upon thee
TIA, CU L8R, 'd' "LoneWanderer"
"Only you can control your future." Dr. Seuss
NOT a leader,
NOT a BLIND follower,
Join US and LIVE this LIFE as ONE!
Original author Unknown

Reply | Quote

I have read this thread with great interest and I am intrigued by the great cross section of opinion. Over the years the AV and Internet Security Software industry has evolved and will continue to do so. Some companies, (Symantec in particular comes to mind), have a lot of ground to make up as a legacy of poor product quality that caused considerable heartache to many people in the early days. My personal preference is ESSET Smart Security, which I consider a far superior package to most alternatives – effective, intuitive interface, small footprint. I use this in conjunction with other utilities and, to date, have been very, very satisfied. I am surprised it did not rate a mention perhaps, therefore, a great quite achiever.

Reply | Quote