OT: so, what free virus scan are you using these days?

[Magpel]

I'd just search, but it is such a moving target...and plus search doesn't really work...

 

I'm letting an AVG subscription go after a year. What's the congnoscenti's choice among freeware scanners these days?

[techristian]

AVAST on Windows and "Virus Scanner" for Linux.

 

Hope this helps.

 

 

Dan

[Cry Logic]

Microsoft Security Essentials (64 bit Win 7 Ultimate)

[Alndln2]

Avast.

[John Sayers]

Avira premium security suite.

[Phait]

Avast

[Gus Lozada]

OS X

[rasputin1963]

I've been using PANDA and CLAMWIN.

[Phait]

OS X

 

[rasputin1963]

 

I used to use Avast but it is a resource hog (unless it has changed). Avira Antivir is a far superior product to me. It has a small footprint and protects well ( www.free-av.com ). The only drawback is it shows a pop up (for their own products) when it updates but that is no big deal to me.

 

 

 

AVIRA only lasts for a certain time (like a month)..... then they turn off their update service and bombard you with nag-screens

[Cry Logic]

If you're using Win 7 on a PC, Microsoft Security Essentials is surprisingly good and also 100% free.

[dahkter]

Avast on one machine, Microsoft Security Essentials on the other.

I like MSE so far, no "virus database has been updated" voice

[Phait]

You can disable sounds in Avast.

[justcrash]

 

AVIRA only lasts for a certain time (like a month)..... then they turn off their update service and bombard you with nag-screens

 

 

I've put it on countless machines for the last several years and never once saw this happen.

[ggm1960]

I've never used a virus program on any of my computers but I did have Avast on my daughter's PC for a while. I have been known to use CCleaner and Spybot occasionally. There used to be another free spyware finder program but I can't remember the name of it. Virus's have never been a problem for me.

[blue2blue]

I practice safe computing.* I don't use background anti-malware scanning because it doesn't catch most of current threats (which are the ones you have to worry about) and it is a huge drain on system resources and CPU time. Even with those software packages that claim you can unload it, there are typically still background components sucking down CPU cycles.

 

I do always use a firewall. It doesn't put any significant additional load on the system. I do perform occasional scans typically using online scans or Malwarebytes Anti-Malware (local).

 

 

*Safe computing for those whose computer is connected to the net or in contact with external media, USB drives, etc:

 

always keep OS updated

(audio production folks who turn Auto-Update off need to take care of this manually, of course; don't put it off, there's a patch every month; turn auto-update on and use IE to force an update)

 

always keep browsers updated

 

use your browser's anti-popup options

 

always keep all other net-capable programs updated (and that's getting near most of them these days but it makes sense to pay attention to widely used programs like popular media players or utilities or entertainment programs, which are likely infection vectors from blackhats)

 

never install crackware

 

don't install software from unknown sources; many small software houses even distribute their software through places like CNET's Download.com and other well-known clearing houses, simply because there is a greater sense of trust; know your sources

 

sites that live 'outside the law' are potential infection vectors -- porn, crackware, unauthorized media download sites, even lyrics sites [most of them are technically copyright violators and often offshore beyond the reach of the copyright cops]

 

P2P (peer-to-peer) software (torrentz, etc) is particularly risky because it opens up a port straight onto your computer; it may claim to have built in protections, but it's like a wormhole from your machine to... well... who knows who?

 

Peer-to-peer software can be very useful, communications programs like Skype take advantage of the technology to form a giant voice and video communication network and appear to be pretty trustworthy and security concsious.

 

But you must trust any P2P client you let onto your machine or be prepared to face the potential conesequences...

[Ernest Buckley]

OS X

 

+1, No need to worry. That was taken care of when I put an Apple.

 

[nat whilk II]

Echoing Blue's comment about lyrics sites - yeah and verily some of them are really bad news as nasty places to pick up a computer something or other...

 

Best first choice for lyrics - I turn to the artist's website, IF they have one and IF they post up the lyrics.

 

Anyone know of other truly safe sites for lyrics?

 

nat whilk ii

[nat whilk II]

And as for virus software - I quit setting up the constant-scanning types. They eventually bog down the entire system.

 

So I keep the firewall up and perform regular manual scans with Avira.

 

And most effective of all - I back up and wipe the hard drive and reinstall 100% from scratch about 3-4 times a year.

 

nat whilk ii

[Jeff Leites]

I use Norton A/V. Almost free... once you buy it, someone, somewhere will have it on sale, so that with rebates, it only cost the sale tax. It's usually on sale like that, just before the next year's version comes out, but that's not a problem, because you can download the newest version as an upgrade for free.

[John Sayers]

 

OS X

 

 

I wonder how many trojans and malware you actually have on your computer without knowing it.

[MrKnobs]

And as for virus software - I quit setting up the constant-scanning types. They eventually bog down the entire system. So I keep the firewall up and perform regular manual scans with Avira. And most effective of all - I back up and wipe the hard drive and reinstall 100% from scratch about 3-4 times a year. nat whilk ii

 

I'm with you. A constantly running AV program (especially Norton!) is almost worse than the disease it's supposed to cure.

 

I scan with Malwarebytes frequently.

 

Terry D.

[blue2blue]

 

OS X

Charlie Miller has been the first to win in the last three PWN2OWN white hat hacking contests by attacking Macs running OS X.

 

His exploits are typically within the first few minutes when the competition opens to include the browsers and other software that ship with the core OS, in his case Safari.

 

In 2008, the Mac was the only OS to go down on the day open to software that shipped with the OS (Safari), although Vista was taken down the next day when the competition expanded to common third party add-ins. (Adobe's Flash, IIRC, was what brought down Vista.) The next year, the Mac went down within less than two minutes but Vista survived until late in the day.

 

This year, OSX/Safari, the iPhone, Win7/IE8 and Firefox were all taken down on the first day -- although the attacks on the iPhone and on IE8 failed to 'escape' the sandbox the OS has around them, so damage was limited to read access, while the OS X exploit would have allowed write access and, hence, the abilty to install programs, delete files, etc. Read access is still bad enough, though, since it could allow black hats to steal identity or other data from the victim machine.

 

http://arstechnica.com/security/news/2010/03/ie8-safari4-firefox3-iphone-fall-on-day-1-of-pwn2own.ars

 

http://dvlabs.tippingpoint.com/blog/2008/03/28/pwn-to-own-final-day-and-wrap-up

http://dvlabs.tippingpoint.com/blog/2009/03/18/pwn2own-2009-day-1---safari-internet-explorer-and-firefox-taken-down-by-four-zero-day-exploits

http://www.zdnet.com/blog/security/pwn2own-2010-iphone-hacked-sms-database-hijacked/5836

 

 

This time around, Miller seems to be getting a little fed up with Microsoft, Apple, Adobe, and others -- he's refusing to share the zero day vulnerabilities he found in software from those companies while preparing for the PWN2OWN contest, insisting that, instead, he'll merely show them the methods he used to find the weaknesses, methods he dismissed as nothing special -- "trivial," was a word he used for his efforts -- then wondering aloud why the teams of security researchers and specialists at Apple, Microsoft, Adobe, and others couldn't find them. Miller used a vulnerability sniffing technique widely known and used, called "fuzzing."

 

Miller's fuzzer quickly uncovered 20 vulnerabilities across a range of applications as well vulnerabilities in Apple 's Mac OS X 10.6 , aka Snow Leopard , and its Safari browser. He also found the flaws in Microsoft's PowerPoint presentation maker; in Adobe's popular PDF viewer , Reader ; and in OpenOffice.org , the open-source productivity [...] Miller used one of the flaws he found by dumb fuzzing yesterday to exploit Safari on a MacBook Pro, walking off with the notebook, $10,000 and a free trip to Las Vegas this summer to the DefCon hacking conference. Miller also won cash prizes at Pwn2Own in 2008 and 2009, each time by exploiting a Safari vulnerability on the Mac.

 

 

 

BTW... has anyone caught the news of the demonstration site that Apple created to show the splendors of their version of the not-actually-existent HTML5 standard?

 

Webmonkey has a piece on the site -- Apple

[Lancaster]

 

AVIRA only lasts for a certain time (like a month)..... then they turn off their update service and bombard you with nag-screens

 

 

That's not true for everyone.

 

I've been using Avira Free for a year and a half and havent had that problem.

 

It's very good software, much better behaved than what it replaced.

[D Charles]

Avira here and no worries. It tries to get me to buy the paid version when it updates but that's just a matter of hitting ok and it's gone.

 

Oh, and I also do about half of the things Blue told us not to do.