Main Area and Open Discussion > General Software Discussion

Does reliable PC security have to cost money?

(1/6) > >>

icekin:
A friend of mine brought over his virii (yup, there were plenty on board) infected external USB drive and plugged it into my laptop. Avast Home edition (free) was running, up to date with the latest definitions (updated daily). Before I knew it, I couldn't open msconfig or regedit from Win + R or any other way. A bunch of files called hfhludy.exe and meex.exe copied themselves to every freaking drive on my computer and the network. Needless to say, those on my network were not pleased.

I find this virus interesting because its also like a Trojan. If I went to Google and searched for how to remove it, it would close my browser (Firefox and Opera). If I tried to go to TrendMicro's Online Scanner, it would close the browser window again. It added two processes to the startup. Since regedit didn't work, I used Spybot S&D to disable them, but they appeared again on startup. Deleting or replacing the autorun.inf file in each drive did nothing either.

The bottom line is : Avast Failed against the TR/downld.B Virus. But, both AVG and Antivir were able to detect it when I plugged in the Hard drive into another computer through an external case. This isn't the first time. I've had the flashplay.dll worms on my computer from USB thumb drives and Avast kept scanning them, but said they were okay. It was only a week later that the worm was added to the virus definitions.

An anti-virus is only as good as it frequently updated by its manufacturer. I liked Avast and recommended it to all my friends whose machines I've fixed, but I will be emailing them with an advice to switch to AntiVir or AVG at the soonest.

Perhaps, it is indeed fallacy to think that free anti-virus solutions will stand up to their commercial counterparts. Multiple layers of defense by installing several anti-virus programs would be nice, but I've encountered conflicts while attempting that in the past. Not to mention the added resource overhead, which an old machine like mine does not need.

Does reliable computer security (on Windows) have to cost money?

iphigenie:
I don't think it is a free vs pay thing - after all avg, antivir and bitdefender (possibly more) all also have a free product, and avast has a commercial product.

It could be that Avast missed it, that avast was slow with updating their definitions for that one. Or it could be that you previously told it to ignore a kind of alert that was similar to that, or told it not to scan your USB drives quite as aggressively (if you rarely plug other people's drives) or some other config choice you made (level of protection, frequency of upgrades)... It is quite possible that your year-old config was no longer as good as the out-of-the-box config of these other products (or possibly even that the out-of-the-box config a new avast install would have)...

Every year, one or two of the av makers will have an off period where they start missing some viruses, i.e. be up to a week late compared to others with reacting to particular threats. They tend to then catch up and it happens to another one. A few products are more consistently good, but even them have phases where they fall behind on one kind of threat or another.

Avast is not top for detection, but it is solid. It is a good tool for people who go on the web etc. and arent very comfortable around computer lingo. It feels friendlier in its messages and approach for casual consumers. Some products have higher absolute security but could be less secure in "casual" hands as it is to hard to understand what the messages are saying etc.

iphigenie:
Although free/cheap security has to start with the user - if you are careful and on the paranoid side systematically, then you can do very well with just one free or commercial security tool..

if you want to do silly things like plugging unknown USB data sources into your system without previously telling your AV to be ready to do an in depth dont-trust-it scan  :P , or downloading things from shady filesharing places, open weird email attachments or saying yes to every popup... then you need to buy several layers of security software.

Any single product will always miss something.

f0dder:
One good piece of advice: disable autorun. completely.

If you do that and are a bit careful (and, sorry but it's true, stop using IE or anything IE-based) you really shouldn't be infected. Oh yeah, if you're on a LAN you'll want a firewall, but XP's native firewall is good enough for that.

icekin:
Actually, Avast was always set to high security level on my PC. This meant some false positives, but I was always okay with that.

This is the first time in the last 6.5 years that I have been hit by a virus so bad that I had to spend an entire day trying to get rid of it. I've always been careful with plugging in drives, but even when some were plugged in with a virus, Avast would clean it up. About 3 years ago, I was still on AVG, but I switched to Avast then for the same reason - AVG failed to detect some small worms and I started losing confidence.

I agree that all anti-virus makers undergo a period of missing definitions, but that's where the in-built heuristic detection comes in. The best programs can even detect virii that are not in their definitions purely based on the file's behavior. Kaspersky and NOD32 are two programs well advertised for their high detection rates.

On the freeware scene, my only remaining options are AntiVir (which I have now installed), Winpooch (clam-av based) and bitdefender free. Maybe I am asking too much out of a freeware program. What methods of multiple layering is recommended? I've tried installing two anti-virus programs at once, but they don't work with each other.

My ideal solution would be to have some program that prevented files on USB drives from being automatically copied over without explicit permission from the user. This would automatically stop all the trojans that spread automatically.

Navigation

[0] Message Index

[#] Next page