Trying new AV & Firewall packages

  • Thread starter Thread starter Andy
  • Start date Start date
A

Andy

I have been a long term user of Norton Internet Security and have duly
purchased NIS 2001, 2002 & 2003. I have liked the integration and
reliability, indeed NAV has saved my backside on several occasions.

However, NIS 2003 has caused problems with the user accounts and I'm
hesitant to upgrade to the latest version due to the activation of NIS 2004.
I have 2 machines running XP pro behind a Linksys router/firewall
(BESFR41). I therefore only really need the software firewall to limit
outbound communication. If I do go with Norton, I will buy the "Pro"
version, as you get a licence for 2 machines.

Over the last week, I have experimented with Zone Alarm Pro, which works
well once configured. However, I have been less than impressed with other AV
offerings. Ignoring McAfee (never going back there!), both NOD32 & Kapersky
could not delete the Eicar test file from a compressed folder and the
default settings of NOD32 missed it completely. NAV 2004 found it and
deleted it without problem. The interfaces of NOD32 and Kapersky could both
do with improvement.

Does any body have a suggestion of a decent AV package, which will work well
with Zone Alarm?
 
I have been a long term user of Norton Internet Security and have duly
purchased NIS 2001, 2002 & 2003. I have liked the integration and
reliability, indeed NAV has saved my backside on several occasions.

However, NIS 2003 has caused problems with the user accounts and I'm
hesitant to upgrade to the latest version due to the activation of NIS 2004.
I have 2 machines running XP pro behind a Linksys router/firewall
(BESFR41). I therefore only really need the software firewall to limit
outbound communication. If I do go with Norton, I will buy the "Pro"
version, as you get a licence for 2 machines.

Over the last week, I have experimented with Zone Alarm Pro, which works
well once configured. However, I have been less than impressed with other AV
offerings. Ignoring McAfee (never going back there!), both NOD32 & Kapersky
could not delete the Eicar test file from a compressed folder and the
default settings of NOD32 missed it completely. NAV 2004 found it and
deleted it without problem. The interfaces of NOD32 and Kapersky could both
do with improvement.

Does any body have a suggestion of a decent AV package, which will work well
with Zone Alarm?
Click to expand...

You could always try ETrust or AVG, but you are going the right way
about it by trying different ones until you find the one you like.
 
Andy said:
I have been a long term user of Norton Internet Security and have duly
purchased NIS 2001, 2002 & 2003. I have liked the integration and
reliability, indeed NAV has saved my backside on several occasions.

However, NIS 2003 has caused problems with the user accounts and I'm
hesitant to upgrade to the latest version due to the activation of NIS 2004.
I have 2 machines running XP pro behind a Linksys router/firewall
(BESFR41). I therefore only really need the software firewall to limit
outbound communication. If I do go with Norton, I will buy the "Pro"
version, as you get a licence for 2 machines.

Over the last week, I have experimented with Zone Alarm Pro, which works
well once configured. However, I have been less than impressed with other AV
offerings. Ignoring McAfee (never going back there!), both NOD32 & Kapersky
could not delete the Eicar test file from a compressed folder and the
default settings of NOD32 missed it completely. NAV 2004 found it and
deleted it without problem. The interfaces of NOD32 and Kapersky could both
do with improvement.

Does any body have a suggestion of a decent AV package, which will work well
with Zone Alarm?
Click to expand...

If you're behind a router, why not try System Security Monitor? It monitors
and controls changes to the registry and allows you to control which
applications you permit to run. It is a little high maintenance; it isn't
for those who don't want to do their homework, but it's a nice compliment to
a router or XP's firewall. As far as AV is concerned, TrendMicros IS will
definitely detect a double-zipped eicar test file.
 
I have been using F-prot for windows for about 16 months. They have
numerous updates(maybe 2-3 a week during a bad week).
It does the email, too. Latest ver is 314b.

I also use Kaspersky. tHE OLDER VER 3.5X VERS.

http://www.avp.ch/E/dlwin35.stm

KAV AVP 3.5
for Windows95/98/ME/NT workstation/win2000 workstation
Swiss/International Distribution archives, Metropolitan
Network BBS Inc.

Description:
Includes antivirus-database updates up-to May-14-2003
Newly updated components: Updater 3.6, newer Monitor
drivers.

This version can be used with the following license key
types:

Silver, Gold, Platinum
Personal and PersonalPro
KAV for Workstation (Business Optimal)
 
Dit you tell it to check inside archived files?
Click to expand...

Thanks all for your replies.

With regard to the downloaded Eicar test files
(http://www.eicar.org/anti_virus_test_file.htm), they all reported them, but
NOD32 &
Kapersky were unable to delete the infections as they stood, whereas Norton
simply found and deleted the files.

I should mention that the second machine is used by my teenage daughter, so
I need both the firewall & AV package to be straight forward and fairly
automatic. Whilst I like the idea of System Security Monitor, it won't suit
her!

I will certainly give the other AV packages a try.

Andy
 
I like Panda Platinum 7.
http://www.pandasoftware.com/

It comes with a built in firewall made by Sygate

If you set the program to scan compressed files it will not only scan them
but will also automatically remove the infected file from within the
compressed folder be it in in-coming or out-going email or any other
compressed folder on your computer. (Scanning compressed folders is not
enabled by default. You have to enable it which just takes a click of the
mouse. Just go inside "configure permanent protection" and enable it.)

It's a nice program. I like it very much.
 
[snip]
Ignoring McAfee (never going back there!), both NOD32 & Kapersky
could not delete the Eicar test file from a compressed folder and the
default settings of NOD32 missed it completely. NAV 2004 found it and
deleted it without problem. The interfaces of NOD32 and Kapersky could
both
do with improvement.
Click to expand...

I am surprised with your result. On my Win XP machine, Nod32 immediately
detected Eicar as soon as it started downloading and if I remember
correctly quarantined and deleted it (but I might have deleted it manually
- can't remember). Note however, that I've changed the default settings
for "Objects to diagnose" on demand scanning, to include emails. I think
this only affects on demand scanning, not active monitoring(?)

Did you first update Nod32 with the latest virus signatures and search
engine, before your tests?

Regards,

Mick
 
[snip]
I am surprised with your result. On my Win XP machine, Nod32 immediately
detected Eicar as soon as it started downloading and if I remember
correctly quarantined and deleted it (but I might have deleted it manually
- can't remember). Note however, that I've changed the default settings
for "Objects to diagnose" on demand scanning, to include emails. I think
this only affects on demand scanning, not active monitoring(?)

Did you first update Nod32 with the latest virus signatures and search
engine, before your tests?

Regards,

Mick
Click to expand...

It detected Eicar, but was unable to delete it from a zipped folder whereas
Norton was able to delete the document from within the folder. Whilst I
appreciate that I could manually remove the document, I would prefer the AV
package to have the ability to remove any infection automatically upon
detection. I was using the latest version of NOD32, and had downloaded the
latest definitions. The option was selected to scan archived files. For the
purposes of evaluation, I downloaded the various Eicar test files to desktop
than scanned them.

If I have missed an option, please let me know.

Andy
 
Hi Andy,

Whilst I
appreciate that I could manually remove the document, I would prefer the
AV
package to have the ability to remove any infection automatically upon
detection.
Click to expand...

Of course. However, when using heuristics false alarms are possible. I you
are prepared to have the odd file deleted then it's your call.
If I have missed an option, please let me know.
Click to expand...

You need to go to the Nod32 Control Centre (in your system tray) and check
the different settings of the Resident Modules & Filters. You could set it
from there to deal with infiltrations as aggressively as you decide.
Default settings are an attempt to reach a balance between catching as
many infiltrations as possible, minimising false alarms and avoiding loss
of data. I am not a particularly experienced user of Nod32 - I am
currently using it on trial. Perhaps others could comment on optimum
settings?

Regards,

Mick
 
Back
Top