The question has become in my mind, and in the mind of others like me: Is it worth having antivirus software at all? It seems like every computer I fix (clean viruses), has antivirus on it. Also antivirus is the cause of much problems themselves. Even today, our Pastor's Computer would not work. The culprit, no, not a virus, but the antivirus software by Comcast. My friend who fixed it, said it basically pegged the Processor and you could not do anything at all.
I still believe in Antivirus, but in a layered approach. I think you are better off stopping as many as possible before they even get to the PC. Then isolating the browsing as much as possible, or using third party software to stop the scripts that are the cause for so much malware taking over the PC.
That aside, someone else asked this week for rating on Antivirus. Funny because I had just read an article in Maximum PC where they rated various packages. They gave Symantec a real good score, which to me is funny because I really don't care to much for Symantec. Here is another point. Opinions may differ based on the mileage that you have received. If at any point you experience trouble with antivirus software, you then form a bit of an opinion towards it.
Well, here is my little rant on what I think of various packages. Keep in mind that I am not trying to sway anyone to or from a package, although I would argue strongly for the point of Firewalls, isolation, and sand boxing when it comes to protection.
Generally this is some of the criteria I would evaluate Antivirus Software on:
1. Performance on the client: low cpu/mem (footprint), but good ratio of protection.
2. Ease of install.
3. Should not be intrusive.
4. Ease of use (schedules, updates, interface)
6. *Important to larger installs* Management console: Roll out ease, upgrade, Maint!!!! Can't stress this enough.
7. Tech support or some kind of availability of Vendor.
1. Performance: 1. NOD32, 2. AVG (Workstation) - 1. Sophos (Server)
2. Ease of install: 1. On client they are about even: NOD32, AVAST, AVG (Standalone) 1. Sophos Workgroup or Enterprise - (but only because it works, it is still more complicated.)
3. Should not be Intrusive: 1. NOD32, AVG (Standalone) 1. Sophos (Workgroup or Enterprise).
4. Ease of use: 1. NOD32 2. AVG 3. AVAST (Worstation, Standalone) 1. Sophos (Workgroup or Enterprise).
5. Price: FREE is good for home, but not for Work: Home - I vote AVAST. Work: I do not vote. They all play games with pricing, but I would not pay for Symantec or McAffee.
6. Management Console - for home not an issue, for larger work-groups: 1. SOPHOS 2. Trend Micro 3. Pick your poison.
7. Tech Support: 1. Sophos Hands down (but you need to be under contract).
I use in my daily arsenal home/free/paid:
AVIRA (CD), AVAST (Windows and Linux) and NOD32. Also always install Malwarebytes. I also carry the slew of other Antiviurses and Spyware scanners including Combofix.
I highly recommend always setting up OPENDNS as the DNS service and turn on filtering.
I highly recommend Scanning emails AT the source: Postini or Google or whatever.
I highly recommend Scanning port 80 traffic at the source in/out - something like Barracuda or even something cheap or free.
I highly recommend Firefox with NoScript or Chrome (highest rated for security) - stay away for Internet Exploder and only use for what is needed.
One thing that at least the techies can do is sandbox your selves in a virtual machine for browsing and downloading - preferably a Linux VM with above mentioned browsers. because then, the chance of getting bit is pretty darn low.
What say you?