Jump to content

PartTools 1.1 vs. Microsoft


robot_rover

Recommended Posts

Why not? Its an ok level scanner with very little performance footprint, good integration, very low false positive rates and it includes no malware like some paid AV suites that tear bigger security holes than they protect.

http://arstechnica.com/security/2015/09/security-wares-like-kaspersky-av-can-make-you-more-vulnerable-to-attacks/

http://lock.cmpxchg8b.com/Sophail.pdf

https://lock.cmpxchg8b.com/sophailv2.pdf

 

Given the fact that AV scanners can be seen as sort of snake oil anyway... (http://arstechnica.com/security/2014/05/antivurus-pioneer-symantec-declares-av-dead-and-doomed-to-failure/)

I only use it (in its different forms over the last MS operating systems, and do a deep scan from a linux based test bed on my disks now and then), and from the early ninetees to now I had 2 virus infections. One infecting lots of my floppy disks on my amiga 2000 and one floppy disk with some data a friend gave me, that had it from his uncle "very secure, he uses two different AV tools at once (which is BS by the way^^) - I was suspicious enough to first scan the disk (with defender) which reported a virus.

Security is a complex system of defences. AV scanners are only one of them, and they should not compromise other layers of defence.

Edited by InsaneDruid
Link to comment
Share on other sites

Sure. But everything I have read rates defender quite low, with poor malware detection. Each to his own. I run windoze in a VM completely isolated for that very reason. I'm no security expert but I work with them every day, and none of them speak highly of Windows defender. 

Edited by JPLRepo
Link to comment
Share on other sites

29 minutes ago, sarbian said:

And what do those security expert speaks highly of ? Symantec ?

:D (I'm going to assume sarcasm here)

A couple of years ago I bought a laptop that came with one year Norton anti-virus. I uninstalled it before anything else and happiky filled out the survey; "the last time i uninstalled it measurably improved the performance of my pc by 15%--your medicine is worse than the cure"

But yes, I do wonder, since AVG went downhill... What is good these days?

 

Link to comment
Share on other sites

I was under the impression that windows defender, having such a large user base would have a large database of definitions and would do just fine (especially for free) detecting malware. I think whats more important is not what program you have but how you use it. But I could be wrong. What do I know? I turn wrenches for a living after all.

Link to comment
Share on other sites

It does. Its a good, baseline AV scanner. Nothing fancy, nothing bad. No scanner gives you immunity versus unknown, zero-day exploits for the simple reason that they are per definition unknown. Heuristics can help, but only so far. Even if a scanner scores 100% at AVlab, this only means that the used virus/malware samples where detected. You can get an infection an hour later by 2 others, newer viruses. Better close down the weak points in the system. Adobe flash? Thanks, but no thanks. Even if that means that i use a greasemonkey script to watch twitch using HTML5.

Unfortunately, the ads by AV vendors fool the users to feel overly secure (when in fact some of these tools ADD more weak points in the system (see above), which leads to them being careless.

Link to comment
Share on other sites

43 minutes ago, Kerbart said:

:D (I'm going to assume sarcasm here)

Your detector is well tuned.

All the AV I recently used do not want me to disable feature I don't need and hide their option behind marketing talk and scare tactics. Worse than everything some of them actually lower the security by acting as freaking SSL proxy that hide the certs of the sites I connect to (which given my line of work is cause enough for burning alive whoever had that bright idea).

And I agree that MS Defender is a okay solution for home user at the moment. It has a rough start a few years back but now it works well and does not try to get you to pay for BS options.

Edited by sarbian
Link to comment
Share on other sites

Do a Google search for ESET Online Scanner.  It's a virus scanner that runs on-demand through a web app.  Nothing is installed on your computer, and it's got a decent chance of killing anything that's plaguing you.  For the really persistent stuff, there's MalwareBytes, and I used to use HiJackThis to check under the hood back when I still used Windows machines, but I'm not sure if that's still a thing or not.

Link to comment
Share on other sites

7 hours ago, JJE64 said:

Do a Google search for ESET Online Scanner.  It's a virus scanner that runs on-demand through a web app.  Nothing is installed on your computer, and it's got a decent chance of killing anything that's plaguing you.  For the really persistent stuff, there's MalwareBytes, and I used to use HiJackThis to check under the hood back when I still used Windows machines, but I'm not sure if that's still a thing or not.

I've used web app scanners like MalwareBytes, but I always worry about anything defence or detector that wasn't resident before the infection or isn't running from a read-only alternate boot device.

When AVG went downhill, I switch to COMODO Firewall and their Antivirus.  Irritatingly, the bloody installers have irritating opt-out features buried in drill-down menus I really really wanted to opt out of (change my browser and browser search).  But after that they're fairly well behaved (except for the odd obvious false positive that any of them get).  Not as secure as a virtual machine.  But I think it's clean...I hope. :)

Edited by Jacke
Link to comment
Share on other sites

On 28 April 2016 at 9:18 PM, sarbian said:

And what do those security expert speaks highly of ? Symantec ?

Hardware firewall And VM's.

ok, you want good home PC security? Bitdefender I use and have found very good.

Edited by JPLRepo
Link to comment
Share on other sites

Bitdefender is the one that proxy your SSL connexion and present you browser a special certificate for all the site you browse. And of course it added a custom CA for this cert to your thrusted CAs.

This is not improving security. this is lowering it.

 

And F5 and firewall are not AV. They are network appliance.

Link to comment
Share on other sites

Yes I removed that comment. Hence why I am only the humble Solution Architect and leave the Security for the Security Architect to worry about. I am not a security expert, I didn't claim to be. My original comment was a tongue in cheek stab at Microsoft with regard to the origins of Defender. If you ask me, there is no perfect solution. But I still think bit defender is better than a lot of those other commercial AVs.

Edit: damn thumbs too fat for my phone. I wanted to add I never intended to enter into a debate about Windows AV, given I don't even run it (except in a VM). So I will bow out of this thread. Cheers.

Edited by JPLRepo
Link to comment
Share on other sites

 

28 minutes ago, sarbian said:

You are not the frst on to say good things about COMODO. I should have a look and see if I can configure it like I want.

I know I don't take my home computer security seriously enough.  I've been lucky through a combination of a good hardware firewall, reasonable risk avoidance, and that I still read email as God intended: text and check those headers!  But only believe the last "Received from:" header.

I think COMODO Firewall and Antivirus are good.

But COMODO's opt-out options are slimy! :mad:  Maybe similar opt-out options cause those problems with Bitdefender.

Here's the install window for COMODO Antivirus:

Spoiler

COMODO-1.png

See that little "Customize Upgrade" at the lower left.  The one that many people will overlook.  Click it and you see:

Spoiler

COMODO-2.png

You only want the first one, to install the main product.  Slimy!  Need to deselect those other two.  But after that, it's seems okay.  Except from time to time mildly encouraging you to upgrade to the paid version.  And when it gets an AV positive, asking you if you want a GeekBuddy to help you deal with it (always decline).

Edited by Jacke
Link to comment
Share on other sites

In my experience the best way to avoid viruses is to not be stupid on the Internet, be careful with installers, and watch user account control. If you are careful online you probably won't ever get a virus. Just use reputable websites...

Link to comment
Share on other sites

33 minutes ago, robot_rover said:

In my experience the best way to avoid viruses is to not be stupid on the Internet, be careful with installers, and watch user account control. If you are careful online you probably won't ever get a virus. Just use reputable websites...

...with no ads, because *every* ad network has had malware in its rotation.  And the chestnut about avoiding porn sites, they (and their ad networks I imagine) have much better security on average.

Oh, 99% of the Internet runs on ads now.  Something's got to give....

Link to comment
Share on other sites

4 hours ago, Jacke said:

...with no ads, because *every* ad network has had malware in its rotation.  And the chestnut about avoiding porn sites, they (and their ad networks I imagine) have much better security on average.

Oh, 99% of the Internet runs on ads now.  Something's got to give....

Adblock Plus FTW

Link to comment
Share on other sites

On 4/28/2016 at 7:51 AM, Kerbart said:

But yes, I do wonder, since AVG went downhill... What is good these days?

I use Avast... I like the "Pirate" voice alerts... :D

13 hours ago, sarbian said:

You are not the frst on to say good things about COMODO. I should have a look and see if I can configure it like I want.

I use Comodo Firewall... But I sure do miss ZoneAlarm before CheckPoint got their hands on it... :(

13 hours ago, Jacke said:

 

I know I don't take my home computer security seriously enough.  I've been lucky through a combination of a good hardware firewall, reasonable risk avoidance, and that I still read email as God intended: text and check those headers!  But only believe the last "Received from:" header.

I think COMODO Firewall and Antivirus are good.

But COMODO's opt-out options are slimy! :mad:  Maybe similar opt-out options cause those problems with Bitdefender.

Here's the install window for COMODO Antivirus:

See that little "Customize Upgrade" at the lower left.  The one that many people will overlook.  Click it and you see:

You only want the first one, to install the main product.  Slimy!  Need to deselect those other two.  But after that, it's seems okay.  Except from time to time mildly encouraging you to upgrade to the paid version.  And when it gets an AV positive, asking you if you want a GeekBuddy to help you deal with it (always decline).

ALL Comodo's products are this way, for anyone who wants to try others besides the AV.

Edited by Stone Blue
Link to comment
Share on other sites

4 hours ago, Stone Blue said:

I use Avast... I like the "Pirate" voice alerts... :D

LOL!

 

Quote

I use Comodo Firewall... But I sure do miss ZoneAlarm before CheckPoint got their hands on it... :(

Me too, dude.  I used to have ZoneAlarm Firewall with AVG Antivirus.  I forgot which one got managled first.

Oh yeah, ZoneAlarm started to get too simple and stupid.

Then AVG pushed me to the limit with a major version change that made me say "No.".

So I punted both of them for COMODO Firewall and COMODO Antivirus.

 

Quote

ALL Comodo's products are this way [ stupid install options you have to find and turn off ] , for anyone who wants to try others besides the AV.

Frustrating.  As are the nudges towards the pay products and any whiff of a virus, including false, has them trying to stuff a GeekBuddy at you.

But that's controllable and rare compared to the crap of their late predecessors. :mad:

 

3 hours ago, Stone Blue said:

I also use NoScript, HTTPS Everywhere, Ghostery, and Blur (used to be DoNotTrack)

I also use CCleaner and various AusLogics products for regular computer maintenance

Much the same.  I punted AdBlock Plus and replaced it with uBlock Origin.  And I've included Request Policy Continued, which is like NoScript but to "Control which cross-site requests are allowed. Improve the privacy of your browsing. Secure yourself from Cross-Site Request Forgery (CSRF) and other attacks."

Multiple layers of web script (madness) control and protection.  Has its own overhead and needs to be managed to a degree, but it's whitelisting that gets remembered.

And I've only gotten mad enough once or twice to wipe all the whitelisting and start again. :mad:

Edited by Jacke
Link to comment
Share on other sites

This thread is quite old. Please consider starting a new thread rather than reviving this one.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...