Back in the old DOS/win3.x days I used Norton. That just did a HD scan, looking for a few hundred virus signatures. Very occassionally it would pick up a false signature... usually from really old code e.g. a version of OrCAD which pre-dated NAV by 10 years 
Then, for many years, I used Kaspersky. This worked solidly. The false detections were as above, plus some silly joke programs I had which made me wonder why KAV bother when they obviously knew they were not viruses. Presumably some corporate sysadmin reported them?
In recent years, KAV started to go off the rails. The program digs ever deeper into the OS and at each stage more unwanted things happen.
We run several "relatively mission critical" machines on winXP, and the last straw was a few months ago when KAV caused these to BSOD about once a day. All of them!
So I moved to AVG. This is a "low IQ dumb user" type of product, but with tricky config. I always config AV software to never delete anything automatically (because false detections outweight real ones by 100x IME) and it is easy to misconfig this on AVG because it has to be done in about 10 different places. Every scan mode has a separate config for it; no global config.
But AVG seems to work OK on winXP - once we put in a load of exceptions on directories to not scan... We have disabled everything in the overbloated scan functionality except simple file checking and infected website checking (which is really all you need in most applications).
But on a new win7-64, AVG suddenly (a week ago, and after an update) found some false virus called alexa.51. Well, Alexa is a tracking cookie. It "found" this in a whole load of progs which have not been used in years and definitely are clean. It then deleted some files somewhere.... the first manifestation was that the Windows Key + E no longer opened Windows Explorer. It just said Explorer could not start, do you want to restart.
The issue is all over the internet e.g.
http
/www.bleepingcomputer.com/forums/t/604632/idpalexa51-detected-by-avg-please-help/
and there you get the usual conmen / fake computer specialists telling people to use various software (usually not free
) to remove the "infection".
Obviously the damage could be extensive...
There was no way to restore the deletions. They were done under the "Identity protection" feature which has its own well hidden config for whether to delete automatically or not.
Luckily I had a 1 week old Trueimage backup of the whole PC so I restored that, immediately uninstalled AVG (with no internet connection so it could not update and do it again) and have about a day's work to do to restore data created during that week.
I was also always able to boot the machine with an Ubuntu DVD, as Plan B.
So where to go now? Kaspersky is probably OK because win7-64 is a current OS for many users. Especially if I disable most of the features.
There is also the argument that AV software is not needed, if you get a well filtered email feed (Messagelabs, $600/year), are behind a NAT router, avoid probably dodgy websites, and don't use any Microsoft products especially Outlook.
Then, for many years, I used Kaspersky. This worked solidly. The false detections were as above, plus some silly joke programs I had which made me wonder why KAV bother when they obviously knew they were not viruses. Presumably some corporate sysadmin reported them?
In recent years, KAV started to go off the rails. The program digs ever deeper into the OS and at each stage more unwanted things happen.
We run several "relatively mission critical" machines on winXP, and the last straw was a few months ago when KAV caused these to BSOD about once a day. All of them!
So I moved to AVG. This is a "low IQ dumb user" type of product, but with tricky config. I always config AV software to never delete anything automatically (because false detections outweight real ones by 100x IME) and it is easy to misconfig this on AVG because it has to be done in about 10 different places. Every scan mode has a separate config for it; no global config.
But AVG seems to work OK on winXP - once we put in a load of exceptions on directories to not scan... We have disabled everything in the overbloated scan functionality except simple file checking and infected website checking (which is really all you need in most applications).
But on a new win7-64, AVG suddenly (a week ago, and after an update) found some false virus called alexa.51. Well, Alexa is a tracking cookie. It "found" this in a whole load of progs which have not been used in years and definitely are clean. It then deleted some files somewhere.... the first manifestation was that the Windows Key + E no longer opened Windows Explorer. It just said Explorer could not start, do you want to restart.
The issue is all over the internet e.g.
http
/www.bleepingcomputer.com/forums/t/604632/idpalexa51-detected-by-avg-please-help/and there you get the usual conmen / fake computer specialists telling people to use various software (usually not free
) to remove the "infection".Obviously the damage could be extensive...
There was no way to restore the deletions. They were done under the "Identity protection" feature which has its own well hidden config for whether to delete automatically or not.
Luckily I had a 1 week old Trueimage backup of the whole PC so I restored that, immediately uninstalled AVG (with no internet connection so it could not update and do it again) and have about a day's work to do to restore data created during that week.
I was also always able to boot the machine with an Ubuntu DVD, as Plan B.
So where to go now? Kaspersky is probably OK because win7-64 is a current OS for many users. Especially if I disable most of the features.
There is also the argument that AV software is not needed, if you get a well filtered email feed (Messagelabs, $600/year), are behind a NAT router, avoid probably dodgy websites, and don't use any Microsoft products especially Outlook.
Facebook
Twitter