"...then reinstalled NIS..."
Seriously? You cannot fix that type of stupid.
Users of the world's second best* browser were forced to use alternatives after an overnight update to Norton AntiVirus prevented Internet Explorer from working at all. Aggrieved users who'd thought far enough ahead to install Google Chrome, Mozilla Firefox or any of the other alternatives took to Norton's official forum to …
Users of the world's second best browser...
Not sure that second most used necessarily equals second best.
It all depends on the meaning of best.
The list goes on.
I have my own preferred browser and it's neither Chrome nor IE.
One, because I trust Google about as far as I could spit 'em.
Two, I use Linux so couldn't use IE even if I wanted to.
I'll stick with Palemoon until something better suited to my needs appears.
Symantec must have hired someone from Microsoft to not test updates before they release them. I have started recommending to my customers to wait a couple of days after Windows updates are released before they install them. Not good to be the first to install Windows updates. Let Microsoft fix them first and now the same goes for Norton.
I have started recommending to my customers to wait a couple of days after Windows updates are released before they install them
@thatwasit, you might want to encourage them to set up a test environment, too, to round out their basic handling of change management. It's better to let the test boxes take bullets like these than to hope your production environment is bulletproof.
What with all the backdoors in everything from hard disks to cpus to the actual internet infrastructure and protocols. Not that I really know what I'm talking about, but is there at least one layer of the osi model that _hasn't_ been compromised? Right from the end luser and social engineering: usb sticks left on the floor in the car park that someone hopes, maybe, just maybe, if they are really lucky, will contain some smutty readers wives of the CEO (We live in hope!), to James Bond super villain cutting and splicing of submarinal cables with laser beams mounted on fricking sharks!
Even all your air gaps are belong to us now. Well, a few more than some realise anyway.
So why bother with AV? They aren't allowed to test for the really nasty stuff. They skirt around this issue, but I'm not convinced they haven't all had a little visit from the meninblack. Maybe they just aren't clever enough to pick up on the extremely sophisticated malware that has been in the planning and making for decades. I'll give them the benefit of the doubt and go for the latter.
Still, moot point. So why include an AV on your system anyway? Savvy users use system hardening and mitigation techniques (see EMET). Also VMs for your pronz is a great idea on a shared computer. Your missus won't even know your brand new computer runs a copy of WinXP-SP3. Sandboxing and semi-virtualisation (or light-virtualisation if you prefer) is another good avenue to explore. Programs like Returnil and the like to restore an image on reboot, all things being good. We are quite spoilt for choice these days and even buffoons like me can get their head around it with a bit of time spent. I sometimes even spend a bit of money and buy _stuff_ too.
So when El Reg commentard 'Cl3v£rC|()6z' pipes up: 'Oh, Anti-Virus, how quaint, how 20th Century, I've heard of it...', then maybe we can forgive them seeming a little arrogant and credit them with the fact that maybe they know something that the rest of us don't. I would imagine if you worked in Virtualisation for a living (and got your head around the wonders of that), or maybe data storage and retrieval, then with the prudence of off-site (off-computer) back ups on a daily basis, you probably would be feeling quite smug.
But I know a lot of bods who love to play 'Security Boffin' who still use AV quite a bit in conjunction with other layers of security of course. Only a fool would trust his entire system to the regimen of how it was a few years ago - 'oh if you got av - you're safe'. In fact, NAV has made considerable improvements of later years and many tech savvy people use it. The AV world seems quite volatile too, with reputed companies coming and going. I recently installed Emsisoft AM for someone and was shocked how they had cheapened themselves, going for the hard sell and scare tactics so beloved of their industry as a whole. They were the good guys, they had class. I bought their product. I won't ever again. It was almost sickening to see how they had changed their corporate strategy.
Then again, why buy the products? You can download that for free and just keep that On Demand. You can do this for many many top Av/Am softwares. In fact, after buying it (Emsisoft) I only ever use it on demand. Very few AVs don't slow your system down noticeably. Having said that, I run a HIPS (Defense+), an Anti-Logger (screen/cam/key) - Zemana, Live Malware protection (MalwareBytes), PLUS I run a real time Anti-Virus with a host of other included protections, and an excellent outbound firewall to compliment my in bound one. And they all work in concert and you hardly know they are there, most of the time.
When I do my audio stuff, I switch a load of stuff off and there is definitely a performance improvement (say 10-15 percent), but my setup allows me to browse the web willy nilly whilst rendering files, on a mediocre five year old laptop.
And all of that is without the other stuff I use - EMET, UAC, etc. etc. I could bore you to death, but I'm kind of hoping that this being a tech 'paper', someone might find it interesting.
Anyway, who needs antivirus when everyone surfs the web in full on administrator mode. You might not, but 90 percent of other people do. No sandboxing, virtualisation or backup. I'm surprised we don't see more people crying into their beer down the pub because, you know...
The real culprits in the AV world are programs like McAfee, that render machines useless and are practically impossible to uninstall (at least I couldn't figure it out in an hour on a win8 laptop) and then extort you for fifty quid for something that doesn't even work! Nice work if you can get it. Someone who I took the time to buy a laptop for (advising her) who never paid me the 'drink' she owed me, absolutely infuriated me when she told me she paid nearly 50 quid to renew McAfee when the laptop itself only cost a little over 200. And how much of that was also paid to microsoft for the OS? Some portion on top I would wager. That is the market microsoft were going for. You only need to gouge a small percentage of lusers for it to become lucrative. There's money in fear, and fear is everywhere these days.
A family member was running an old XP machine without any working AV/AM on it. They did shopping and banking on there (but only now and again, mind you! as if that made a difference). And they even got arsey with me when I 'system hardened' their browser with the main ghostery/adblock/noscript setup. Because they lost their disqus comments in the Guardian. Instead of phoning me up and asking me what to do, they let it fester. What can you do with people like this? I had to install an AV/Security suite for them last time I was there and I needed something practically invisible, so I used up my spare license for my main AV - WSA -Webroot Secure Anywhere. It is practically invisible on the system and has everything from firewall (outbound) to anti-keylogging/phishing/web site protection. It is the best AV by far today. I got a 3 user license for about 10-15 quid on eBay! I even keep it on when I am rendering stuff, it is the lightest AV by far.
I realise, at least for me, all this is a bit of overkill, but I've done it as an experiment in Full Spectrum Security. Everything is working just fine. As for those family members, well it's only a matter of time. Part of the reason they don't want to get a new computer is they don't want to transfer the files across, because they also refuse to backup their important documents. The computer still works so don't give in to irrational scaremongering, is their motto. What can you do?
So if you are looking for a full on security suite that does everything and does it well, then have a look at a quick review of it - http://www.pcmag.com/article2/0,2817,2470312,00.asp
And if you like the look of it, head over to http://www.webroot.com/gb/en/home/products/av
Don't buy from the site, as I said you can get 3 user licenses for a year, for the price of a few beers.
No, I don't work for them or know them. They seem like a decent bunch with a good attitude, though I have to say we definitely didn't hit it off together the one and only time I had to use support. But no complaints.
I'm kind of finished with my little experiment now. A lot of the licenses I have are for life (MalwareBytes, SAS, Sandboxie). A lot are free (EMET). And some like Hitman Pro or WSA I will renew as I need. But that's it. You don't even need to spend any real money to get the best protection going. But it's all folly anyway as I alluded to in the beginning of my little 'article'.
It's been fun though!
I was beginning to think you were on to something and then you went a spoilt it all by saying you use Webroot....
thats a useless piece of junk which spills scamware all over the machine. And more importantly it doesn't carry out its principal role of spyware removal.
Your post reads as nothing more but a clever piece of trolling / advertising on behalf of Webfoot
Everyone is entitled to their opinion. Feel free.
But you lost me at 'trolling on behalf of'. You really really lost me there.
I don't work for them, or know them. I paid for my software.
If you go back through my post history you will see me give serious support to many software 'houses'. And also criticise others. You will also notice that I take the time to back up any assertions I make.
Unless you are out and out calling me a liar or shill (again read my posts - you will find I have an in depth knowledge of audio engineering and production) why would I take the time to do that outside of my chosen profession? And cover all the other points I made (WSA was a small part and it being an AV thread thought might be of some use to someone)? Yes, I suppose that it's not beyond the realms of possibility I'm getting paid for this. Anyway you will see me singing the praises of lots of different types of software - so add them to the list of companies I shill for.
But what you meant by 'trolling' is beyond me. Are you suggesting I do this for kicks or fun? Getting paid - yeah, but intellectual stimulation?
Unless, unless, you really believe in that tiny mind of yours, that a technical 'paper', 'journal', 'wtf', shouldn't have commentards who are allowed to voice their honest opinion, with integrity, without fear of ridicule and schoolyard bully boy tactics of name calling. It wasn't even ad hominem. You just came right out and said it. I hope for your sake you are trolling and that I have been fricking trolled my good self, or your mind is in serious need of a good ol' fashioned spring cleaning, mister clever clogs.
Why should it bother you how I get my kicks, even if it does pay for a few beers at the end of a hard weeks trolling? Pimping ain't easy!
Also, I think you maybe perhaps give a little too much credence to the profile of this good 'paper' and the fact that very few people will bother reading my tripe because I dribble and drivel on like a mad man most of the time.
But never mind all that. I'm sorry your job at McAfee isn't working out for you! There's always Norton.
Anyway, you got an upvote from me, because I haven't seen a 'troll' of the quality of yours for some time at El Reg. I could read your back catalogue and backtrace you, but you know...
Well played Sir! Have a thumbs up too.
My comment was based on the simple fact that anyone who believes Webroot security products are actual real security products is either stupid, deluded, or else taking the piss either for fun, or for commercial misrepresentation.
I can't believe you're stupid, but which of the latter three is correct I don't know.
If you had had to clean as many machines as I have over the years you'd know why I say what I do. The Webroot AV signatures are useless, it doesn't remove spyware, and in the past has come bundled with multiple scamwares. In its own way its as bad as Norton or McAfee - possibly worse as Norton's AV signatures are generally more capable.
If in your first essay you'd settled on a AV product which has signatures which work, then maybe I could have taken what you said seriously.
I tell you what.
I'll give you the benefit of the doubt also. So far Webfoot has only found false positives. But my system is very clean.
I did say that my experience with tech support didn't go great, they were quite arrogant actually. Now, whether this was because I questioned their cult of personality or they were just having a bad day, I don't know.
So maybe you are right! I'm open to debate on this. I spend a lot of time at Wilders though I post there very rarely, and guys that have multi-thousand posts think that WSA is a pretty good tool.
So if it was as you are suggesting some kind of malware in itself, I think they would know.
I am genuinely asking you for some kind of proof or further reading at least for you to back up your pretty strong assertions. Would you be so kind?
I feel I have backed up my assertions to a degree by pointing to Wilderssecurity. I wonder how long you would last there posting what you have just said to me.
But honestly, if you provide me with something to go on, I promise you I will look into it and report back.
You have questioned my honour, Sir, please be so good as to have the courage of your aspersions.
And on my honour, I have made it a point to not downvote you, so as to possibly skew any personal bias.
Signatures that work.
Which one would that be then?
Comodo - very good according to some.
Emsisoft - excellent according to some and my own experience. (But them spamming me is going too far now)
Hitman Pro - excellent according to many and a standard for third opinion scanning.
Malwarebytes - excellent according to many, and also my personal experience. Saved my bacon many a time with its excellent website protection. The best in my opinion.
Super Anti Spyware - stop sniggering at the back of class there. Yes, good ol' SAS. If you had said what you said but said it about this product I might be able to entertain you more. As I said, things go in cycles in the av industry. It used to be good but is now a more efficient cookie killer and general utiility. I can't recommend it highly enough however after they have really upped their game lately. I got a lifetime license for two people and it's helped me and others from attack, catching things that no other av/am has. Yes. Such is the nature of the beast. It's a fourth opinion scanner, ok fifth, but it works.
Zemana - no idea if it works or not. I wish they would stop spamming my desktop though with their facefarce bs. I won't be renewing.
WinPatrol Plus - loved by many - I got the pro version for a fiver in a deal at wilders. Superb program and I bought the pre-release of WinPrivacy PLUS.
Plus EMET which is free and many more little tools like host file changes.
I really could go on.
Each of these I have on my system because they fill a niche, they don't interfere with each other and don't get in my way or drain resources (well Zemana does a bit).
I could sing the praises of any of these pieces of software.
I don't know, maybe you are an Emsisoft shill and this was either a case of projection or downright sabotage of an honest user that can back up everything he says. If you are, then stop spamming me! I'm not accusing you of anything, unlike you attacking me, but methinks I touched a raw nerve somewhere. Maybe I will have a little look at your posting history, but for now, I give you right of reply, and I will wait until that before I go sniffing. I'll give you a few days, as I hope you have given me, and then I'll post back here to see what you have to say for yourself.
The integrity of an honest man is above reproach. So, with respect, please give me some further information to back up what you have said, which is ever so slightly libellous as well, I might add, but I am not a lawyer and all that. I'm not going down that route. But I will defend my honour, Sir!
Methinks you are conflating cleanup tools with preventative security products. The two are very much different, though obviously some products try to do both.
Of those you mention
Back in the days when this existed solely as Webroot Spysweeper then it had a role as a secondary security product, concentrating on the kind of adware/malware that most AV programs then missed. However it didn't have a very high hit rate of finding infections, was pretty much superceded by Microsofts Windows Defender and really was made redundant by Spybot S&D and Spyware Blaster.
Things went from bad to worse when the product was expanded to become a full standalone AV product - they bought in a third-party AV engine, but not the virus definitions and simply cannot compete with the tech ability of the big boys. What over the years has made the situation worse is that may iterations of the Webroot software has been a huge memory hog, and often doesn't play nicely if installed alongside other security software. Often it came bundled with junk cleanup utilities as well - registry cleanup tools which would bork the machine as often as not.
These chaps used to offer a range of free security hardening products which were useful plugins. However after a change of ownership these were all binned, and only the mainstream AV and firewall were left. The firewall is supposed to be OK, but my experience is that customers find it impossible to configure. The AV definitions are close to useless and usually come way down in the monthly tests.
You have to remember that Comodos main business is CA certs - the security stuff is just an add-on, and a poor one at that. Given the recent revelations regarding their products, I'd suggest best avoided at present
Used to be very good as a cleanup tool, but too clunky for installation as the main AV defence. It seems to have a good set of AV definitions - possibly too good, as I've had several cases where false positives have borked a system. Not used it much recently - the last time I did I noticed that it seemed to be down to just one scanning engine, not the two it had before
Excellent as a clean up tool if used along with a sequence of other products. Note that in the last year the list of AV engines it scans against has changed - in my opinion detrimentally, making it essential that its used as only one of many tools
In the past I've used it surprisingly effectively as a cleanup tool. However I'd never trust it as a resident program - it looks too much like some of the fake products on the market, and its built-in advertising is intrusive
never heard of it until you mentioned it. However on looking at the website the program looks near-identical to some of the fake antivirus programs that were so popular infections a couple of years ago
Is that the program with the Scotty Dog? I've had customers who've used it and all found it annoyingly intrusive. Piece of junk in my view
never really used it. I'd appreciate your comments on how useful it is in real life.
Now what do I use?
First you have to differentiate between cleanup tools and resident primary security.
On a customers home-use machine I keep it simple: usually Avast! AV (the free one - its good enough) which I set to automate removal/deletion of ALL threats including PUPS (which is turned off by default). I usually throw in Malwarebytes anto-exploit (not the usual Malwarebytes program)Then I add a range of script blockers - exactly which ones depends on which browser the customer uses. I TRY to get them to use Firefox, and then lock it down with Adblock Plus, No-Script, Ghostery and a few others. I've never had a machine locked down like this come back to me as infected
Sometimes if the machine is low-spec I'll use Avira rather than Avast. Why those two? Because they constantly come in the top three or four of the regular competitive scan surveys. Despite being free, they work, carry little memory overhead and are relatively free of unwanted popups (though Avast is sadly heading down the wrong road there. And as I said above, since I started using them I've never had a machine come back to me as infected (and you're talking a large number over many years)
For cleanup, I use a wide range of tools, the choice depends on what I find once work starts. However the bottom line is, if in doubt, nuke it. But heres a list of what I find useful to start with
HijackThis (not much use on 64-bit though)
once these have been used up then you're onto the various file / registry repair tools.......
and also of course scanning with more mainstream AV products - usually Kaspersky and if I suspect something still hidden then Emsisoft's tools
In the early days Norton was good, really good. Then they sold out to Symantec who were in it for the money only, changing the cover every now and then to keep the plebeians happy.
What did they get? Well, they got the same un-updated program that slowed your computer to a crawl.
They took your cash and laughed all the way to the bank.
You mugs! The amount of real (good and free) malware programs out there are too numerous to name, but for god's (Odin's) sake dump this Norton trash and grow up!.