Best Antivirus Security Package?

[JPnyc]

Maybe I'm just uninformed, but what is the need for anti-phishing software? Is that really a threat? If your browser blocks xss, and you're not dumb enough to actually click on a phishing email and any links in one, then where are you in danger from phishing?

[morganlefay]

well...what would you suggest as a firewall computernerd22

When used with MS defender ...(which BTW actually informs you of chnages to your system start up files\reg and apps trying to call home..)
and limited accounts...the XP firewall works pretty good..

IMHO

MLF

[ShagDevil]

bottom line windows firewall IMO, is a ****ing joke

Well, I have to admit that one of the pros with the new Vista system is the ability of Windows Firewall to monitor both incoming & outgoing traffic now. Under Administrative Tools in Vista, there's Windows Firewall with Advanced Security options.

While I don't have the Windows firewall setup on our network, it is a significant improvement. Just from screwing around with the options, I can see that this new version is vastly improved. Even configuring rule sets has become much more intuitive. I think from what I've seen and used so far, Windows Firewall has become a much more reliable free firewall solution.

[vanman]

Guys this is my personal choice and believe me i have had a few rounds with spyware adaware and virusus..I use mwav or you can use e-scan the full product from microworld(as suggested by jpnyc),zonealarm pro(can be demanding at first and you have to have a little knowledge of pc,s to organize it with regards to permissions granted) and avg free edition..I have used them all but have found the last combination being the best one for me anyway..The following link http://antionline.com/showthread.php?t=275001 is the last time i had sh........Thanks to nihil and a few other good ppl here we were able to salvage most of my stuff..And before i forget NEVER USE THE INTERNET WITHOUT A FIREWALL!!!NB I have found that a lot of ppl switch them off for home use or lan gaming and never switch them back on!!so ya!!I rest my case..

[nihil]

Hi, ghostowl,

DjM has given you the link to the latest Symantec removal tool. It is for 2003 onwards, which is what you must have I guess?

Norton has a bad reputation for this but I guess it can happen to most of these complex security applications?

I spent two hours today uninstalling a corrupted installation of AVG AV 7.5, AntiSpyware 7.5 and Ewido.

OK, first problem was the file corruption, and the fact that it had tried to update it. Second problem was that the AS application had been installed on top of Ewido (its predecessor) rather than a clean install.

[JPnyc]

While we're on the subject, what's everyone's favorite rootkit scanner? I'm using rootkitRevealer at present.

[nihil]

There is the new AVG one that I mentioned here:

http://antionline.com/showthread.php?t=275125

[ech0]

I deal with a lot of people where the application control/out bound firewall is too confusing for novice users. I mean at work I've gotten a number of calls where someone has blocked iexplorer.exe because they had no Idea what it was.

I would say windows firewall with nod32 (its fast and its native spyware support out of the box is awesome).

JPnyc: rootkitRevealer is fun, AVG's anti rootkit isn't that bad. I try'd rootkit remover/uninstaller but I've never found anything with those so I think there bogus. I also used icesword but again, I don't see the big deal.

nihil: I pray one day avg makes a removal tool like Norton does. I hate trying to dig out avg from a system. Even using the installer then un-checking everything doesn't seem to work all the time.

[JPnyc]

Well rootkit revealer goes to the heart of what rootkits do, which is hide themselves and data from the windows API. That's why I tend to trust it more than something like the avg one. I don't know exactly what it's comparing/testing. Of course with RKR you have to interpret the results yourself, and you absolutely must leave the pc alone while it scans or you'll have a bunch of false info. That goes for automated processes that gather/store data as well.

[thehorse13]

I'm very surprised at the responses here. I will stick to the requirements of the question.

Suite.

I have used the big three and I found them equally sucky. I also looked at NOD32 which is a great product. The problem is that it's built for engineers, not Windows administrators. That killed it here as we would be turning the product loose on Windows admins.

That said, I went to the next tier and looked at the offerings. I selected Sophos.

High points:
Stateful firewall is very good.
Excellent AV and spyware removal and detection capabilities.
I know some of their researchers personally. They are on top of their game.
Very small footprint on the client side. Scans go virtually unoticed.
MD5 hash recognition of approved/disapproved apps. Neat.
Policy writing is easy. IMHO.

Needs Improvement.
No SNMP support (they don't have a MIB yet).
No web interface to the management console. This is a personal peav of mine but may not be for others.
Scans on notebooks seem to bog em down a little too much(I/O on a lappy is another discussion).
Deployment of the client is involved. They have a team of engineers that develop a deployment package for you.
Reporting needs a little spit shine.

There ya go.

--TH13