Welcome, Guest. Please login or register.

Author Topic: Antivirus  (Read 4126 times)

0 Members and 2 Guests are viewing this topic.

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Antivirus
« on: April 09, 2017, 07:13:14 PM »
Well AVG 17 is The Devil.  It upgraded against my wishes and started blocking Port 80 traffic causing me to have to reboot.  You have to understand I have 5' of monitors with several projects going on at once, so I only reboot about once every 90 days, and even then I'm ticked about it.  Then I realized that AVG is why we had lost audio on our cameras.  This was just the free AV version, not a security/firewall version.  So I had decided I was out of options and thought I might bite the bullet and load Microsucks Security Essentials.  I don’t know that I’ve ever read a software agreement before, but you can bet I checked out this one.  So get this:

·    Windows Update; Microsoft Update. The software turns on automatic updating from Windows Update and Microsoft Update. To enable the proper functioning of the Windows Update and Microsoft Update service in the software, updates or downloads to the Windows Update and/or Microsoft Update service will be required from time to time and downloaded and installed without further notice to you.

Well THAT’S not going to happen.  When it comes to Microsucks I'm more afraid of their fix than the threat.  We keep Windows Updates disabled by default and make our own decisions on patching.

AVG has gotten out of control, and I’m often having issues with Avast.  I'm loading Bitdefender Free for now. 

Any suggestions for a lean, mean, free AV? 

 
-I'm only here because my flux capacitor is broken.

Online silversam

  • Moderator
  • Location: NYC
  • Posts: 1137
Re: Antivirus
« Reply #1 on: April 09, 2017, 07:44:57 PM »
Virus/Antivirus problems was one of the 3 reasons I switched to a Mac (the other 2 were Registry issues and....i forget what the third was. Oops. [No that's me channeling Rick Perry] The third was upgrades ).

I realize that especially in commercial and industrial situations Apple sometimes just doesn't work. But if it does, I'd suggest biting the bullet and going for it.

I did a lot of work with Xenix and then Unix and loved the bullet-proofness of the OS. I looked at Linux but thought the GUIs sucked and I really didn't want to spend my life on the the CLI. When I saw the Mac was Unix with an excellent GUI I went for it. No regrets. If you've got specific Widows programs you can't do without, there are several alternatives.

I'm running Micrososft Visio on my machine using a program called Crossover. It works perfectly, you'd never know you weren't on Windows (except that it doesn't crash).

Also - support: Call Apple, get Americans or maybe Canadians on the phone. Every time. All speak perfect American English. All are pleasant, nice and extremely knowledgeable. I've called several times after the product was out of warranty expecting to get charged. I've never gotten a bill and no one has ever asked for a credit card. Try that with Windows.

My $0.02.

But then, I'm retired and don't give a shit.   :011:

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #2 on: April 09, 2017, 07:51:00 PM »
Sam, a friend of mine is working on trying to get a graphic artist's office back up.  They took a massive malware hit last week with Macs.  Besides, I'm more of a Linux guy.   :008:
-I'm only here because my flux capacitor is broken.

Offline ttech

  • Moderator
  • Location: Paoli, PA
  • Posts: 263
Re: Antivirus
« Reply #3 on: April 09, 2017, 10:43:12 PM »
I've used avast free for years.  No issues

Online silversam

  • Moderator
  • Location: NYC
  • Posts: 1137
Re: Antivirus
« Reply #4 on: April 09, 2017, 10:49:58 PM »
Massive malware on the Macs is bad. I hadn't heard of anything like that.

Maybe they should stay off the porn sites :002:

Seriously, I guess it's hitting everyone, though malware is probably the least bad of what's out there.

Still....


Sam

Offline RATHER BE FISHING

  • Moderator
  • Location: South Texas
  • Posts: 973
Re: Antivirus
« Reply #5 on: April 10, 2017, 05:36:08 AM »
Look up Avira. Good write ups. Just downloaded it yesterday for a trial run.

Online Keighlar

  • Moderator
  • Location: New Hampshire
  • Posts: 1633
Re: Antivirus
« Reply #6 on: April 10, 2017, 08:48:30 AM »
Trace is trying Avira now.  We've had some real issues with Avast lately being run at customer sites.  It recently decided to quarantine a core service for the voicemail server - after running fine for over a year.  Unfortunately, it's not as simple as removing the service from quarantine.  The entire database had to be taken offline and repaired.

AV seems to be getting more and more heavy-handed - even those with a reputation for being light, but effective.  I'm seeing it all over the place.  Perhaps it's in response to the uptick of ransomeware, but it makes normal operating procedures more of a challenge.
“You know you’re in love when you can’t fall asleep because reality is finally better than your dreams.”
Dr Seuss

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #7 on: April 10, 2017, 09:58:17 AM »
Thanks, Dave.  I'm giving it a try, and so far things seem stable.

I'm actually wondering what the connection is now between Avast and AVG.  Both are on Version 17, the menus are way too similar, and both caused the same issues on some of our older camera systems. We could view the cams and listen to live audio, watch recorded video, but it blocked the recorded audio.  As for Bitdefender, I flushed it becuase the free version won't do a scheduled scan.

Dave, please let me know if you find issues with Avira.  I'll do the same.

-I'm only here because my flux capacitor is broken.

Offline CMDL_GUY

  • Administrator
  • Location: Mt. Sidney Virginia
  • Posts: 8240
    • www.lscg.net
Re: Antivirus
« Reply #8 on: April 10, 2017, 04:00:48 PM »
I've very happy with Malwarebytes.
"Government is not reason; it is not eloquent; it is force. Like fire, it is a dangerous servant and a fearful master." - George Washington

“Remember democracy never lasts long. It soon wastes, exhausts, and murders itself. There never was a democracy yet, that did not commit suicide.”   -John Adams

K4LRM

www.lscg.net

Faster horses, younger women, older whiskey, more money.

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #9 on: April 10, 2017, 07:30:29 PM »
I've very happy with Malwarebytes.

Larry, I often use Malwarebytes for downed systems when we're having the battle, but I don't think I've ever run it long term as the AV solution.  Doesn't it lock things down?  I'm usually just running an AV with no obtrusive security.  Also, does the free verson have a scheduled scan?
-I'm only here because my flux capacitor is broken.

Offline CMDL_GUY

  • Administrator
  • Location: Mt. Sidney Virginia
  • Posts: 8240
    • www.lscg.net
Re: Antivirus
« Reply #10 on: April 10, 2017, 08:36:45 PM »
Doesn't it lock things down?  I'm usually just running an AV with no obtrusive security.  Also, does the free verson have a scheduled scan?

I haven't noticed (with what I'm running) any loss of operation.  But......you're correct, the free version does not have a scheduled scan.
"Government is not reason; it is not eloquent; it is force. Like fire, it is a dangerous servant and a fearful master." - George Washington

“Remember democracy never lasts long. It soon wastes, exhausts, and murders itself. There never was a democracy yet, that did not commit suicide.”   -John Adams

K4LRM

www.lscg.net

Faster horses, younger women, older whiskey, more money.

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #11 on: April 10, 2017, 10:01:49 PM »
That was my fear.  Like Dave, I'm running Avira right now.  We'll see how it goes, but so far so good. 

The one thing I will warn everyone about though is during installation Avira turned ON Windows Firewall.  Our workstations are all behind real firewalls so we keep that WinCrap turned off as it causes too many problems.  I was sitting at the machine locally in this case, but if you're installing remotely, make sure you have exclusions in the Windows Firewall for your remote program or you'll likely get locked out. 
-I'm only here because my flux capacitor is broken.

Offline Marc Haycook

  • Administrator
  • Location: Jefferson City, MO
  • Posts: 2675
Re: Antivirus
« Reply #12 on: April 14, 2017, 05:22:57 AM »
Symantec Endpoint Protection. Note... do not use Norton, there home version of SEP.

No problems and you can customize for your needs.
Marc Haycook
CCNA
Sport-Touring

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #13 on: April 15, 2017, 05:33:36 PM »
Symantec Endpoint Protection. Note... do not use Norton, there home version of SEP.

No problems and you can customize for your needs.

Marc,

Does Symantec have a free version now??? I have numerous computers around here.  Many that get used in the lab a few times a year.  They stay booted, but I don't want to flush money on licenses for these machines.

Dave,

HEADS UP, my friend!

I was using the laptop at my recliner today which is the one that has Avira loaded.  I got an email with the subject line: "UPS courier can not deliver parcel #6856590 to you."  I think it had a zip file, so I just shift deleted it.  A few hours later I remoted to my main machine at the office and saw the below warning from AVG.  It was Lockey.  I'm more than a little ticked that the Sonicwall Gateway Antivirus didn't catch it, but we start flushing the Sonicwalls later his year when they start hitting EOL.  I'm also not happy that our mail server's AV didn't catch it, but Avira didn't either.  I've been very happy with Avira so far, but this is disconcerting.  Not sure I'm ready to flush AVG which I HATE.

-I'm only here because my flux capacitor is broken.

Offline RATHER BE FISHING

  • Moderator
  • Location: South Texas
  • Posts: 973
Re: Antivirus
« Reply #14 on: April 21, 2017, 05:32:40 PM »
OK I have run Avira for a couple of weeks. I'd give it a B+ to A- grade. Not bad but nothing to feel secure about. I did also try the secure website browser add on for Firefox but didn't care for the delay in page presentation of 3-4 seconds more than usual. I disabled that add on. YMMV.

As far as Locky... that is getting to be a bear. Most variations are getting PUD (Previously Un Discovered) status as the code monkeys are rewriting the code patterns to disguise typical traits picked by virus detection software. PUD is as bad as zero day exploits since there is little you can do without robust security measures and hope you're not one of the initial infection sites. I just wish someone would build a reverse insertion package that would back haul to the virus writers command and control servers so that when you are infected you strike back harder. Sort of a public version of Stuxnet.

Thanks for the heads up Trace.

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #15 on: April 21, 2017, 08:53:18 PM »
It is getting nuts, Dave. 

I'm hopefully going to finish the migration to the new mail server this weekend which will help as we have some better protection there.  I wish Kespersky had a free version.  There's no free version I'm aware of, but how do you like Kaspersky?
-I'm only here because my flux capacitor is broken.

Offline CMDL_GUY

  • Administrator
  • Location: Mt. Sidney Virginia
  • Posts: 8240
    • www.lscg.net
"Government is not reason; it is not eloquent; it is force. Like fire, it is a dangerous servant and a fearful master." - George Washington

“Remember democracy never lasts long. It soon wastes, exhausts, and murders itself. There never was a democracy yet, that did not commit suicide.”   -John Adams

K4LRM

www.lscg.net

Faster horses, younger women, older whiskey, more money.

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #17 on: April 21, 2017, 10:19:33 PM »
Thanks, Larry.  I use it during the free 30 days when fighting malware, but always remove after the job is finished.  I guess the search continues.
-I'm only here because my flux capacitor is broken.

Offline RATHER BE FISHING

  • Moderator
  • Location: South Texas
  • Posts: 973
Re: Antivirus
« Reply #18 on: May 09, 2017, 05:35:00 PM »

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #19 on: May 09, 2017, 08:26:02 PM »
Very interesting, Dave.  Thanks for the heads up.
-I'm only here because my flux capacitor is broken.

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #20 on: September 03, 2017, 03:48:33 PM »
Well the AV search continues.

After a bad incident we have been testing the paid version of Bitdefender.  Unfortunately it's pretty obtrusive.  What's worse is that I use Windows indexing extensively.  Not only do I have it index the filenames, I have it index the contents inside the files which is how I find things.

I have rebuilt the file index several times, and magically the Users folder in indexing keeps going away.  While I can't definitively say Bitdefender is responsible, the timing coincides, and an online search shows problems between the two in the past.

Anyone else found anything they like lately?
-I'm only here because my flux capacitor is broken.

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #21 on: September 07, 2017, 07:57:28 PM »
Well just in case anyone is following the AV search, I did confirm that the paid version of Bitdefender was in deed breaking Windows Indexing/Search so I had to pull it like a bad tooth.

At Marc's suggestion I did install Symantec End Point, but it was just way too intrusive and too much overhead for me.  Marc mentioned a home version, but I never found it.  Maybe I had the wrong one.

To download Symantec End Point, first you have to fill out the paperwork.  Then you must download and install an installer.  After the installer, you download two files that install the control panel.  At this point it was taking up 3GB of space and I still hadn't installed actual AV to the client.  Live Update for the first part took 30 minutes or so with a 20Mbps connection.  Fortunately I had created a Restore Point.  I never got to the AV.  I just pulled it.

Had it not been for Dave's warning about Kaspersky I'd have probably tried it next.  I guess for now it's back to Avira, though we've had compromises with that.
-I'm only here because my flux capacitor is broken.

Offline oobie

  • Technician
  • Location: Central PA
  • Posts: 179
Re: Antivirus
« Reply #22 on: September 08, 2017, 03:00:38 PM »
What about webroot?
Gary Frisco

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #23 on: September 08, 2017, 06:51:46 PM »
What about webroot?

I saw something on that recently, but couldn't find any real info when I did a quick search.  Do you use it?
-I'm only here because my flux capacitor is broken.

Offline RATHER BE FISHING

  • Moderator
  • Location: South Texas
  • Posts: 973
Re: Antivirus
« Reply #24 on: February 18, 2019, 02:46:35 PM »
Raising this from the dead... :011:

Trace- have you tried the free version of Bitdefender? Curious if that has the same indexing issues. I am now trying that as it is less resource intensive that the previous free versions I have been testing.

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #25 on: February 18, 2019, 06:27:03 PM »
Dave, we actually did try it and yes, it was breaking the indexing as well.  Right now we're getting set up with an MSP console through PC Matic to try the White Listing route. 

https://mkt.pcpitstop.com/2018/MSPBrochure.pdf

They have a lot of features we like, so we'll see what happens.
-I'm only here because my flux capacitor is broken.

Offline Marc Haycook

  • Administrator
  • Location: Jefferson City, MO
  • Posts: 2675
Re: Antivirus
« Reply #26 on: February 19, 2019, 04:09:47 PM »
I never saw your question back to me, but there really isn't a home version. I just buy the small office version. It's under $100 and it gives me up to five devices.

As far as the overhead, during setup you can turn off what you don't want. I agree... there's way to much crap. I just run the anti-virus and Outlook filters.
Marc Haycook
CCNA
Sport-Touring

Offline MacGyver

  • Administrator
  • Location: Dallas, Texas
  • Posts: 4679
Re: Antivirus
« Reply #27 on: July 01, 2019, 09:54:56 PM »
Update:

We have the PC Matic platform rolled out at 4 client locations on our WAN.  We're administrating it from their MSP platform and so far it seems pretty okay.  We rolled it out for another client last weekend and this morning It blocked the time clock program as an unknown MD5.  Within 15 minutes PC Matic's engineers had reviewed it and white listed it worldwide. 

For the most part, the overhead seems remarkably low.  Users don't even seem to notice if it's scanning which is great.  I hate bloatware.  Time will tell I suppose, but for now things are working better than anything else I've found out there.  The real proof will be in what it catches or doesn't catch.

That said, one thing that royally pissed me off is that one of their marketing pontifications has been that their platform can be uesd to protect older, non-patched OS machines like XP.  Believe it or not, there are thousands of XP machines in the healthcare industry running proprietary programs that will not run on 7.  PC Matic's recent versions have dll's that will not run in the XP enviornment which was a huge fail for some of our clients.  In fact it cost them over 1000 end points on our account alone.

On a side note, when I uninstalled Avira on my main machine, I found it had apparently broken Windows Indexing like the others.   :035:

If any of you know of a low overhead option I can run on XP, please let me know.
-I'm only here because my flux capacitor is broken.