How to select a good anti-virus product

Well, if you didn’t receive emails with viruii attached, or surf to “dubious” websites, you wouldn’t get infected. For the rest of us, we would be looking at either Microsoft Security Essentials, or something which costs money.

Or you’re a corporate customer, who has “business” needs, you’ll be needing to spend money.
If for no other reason that most anti-virus prohibit the use of their “free” products in a commercial setting.

The following are the questions I ask myself when I’m looking at an anti-virus product.

Personal use.

  1. Does it have a history of “false positives”?
    False positives are when the anti-virus product detects “good” files as being a virus.
    For personal use I wouldn’t buy Symantec, McAfee or CA eTrust products.
    Far too many false positives for my taste, which I wrote about here.   Heck, McAfee can’t even be bothered to test their product updates against known good Microsoft Windows PCs.
  2. What choices does the product give me if it finds a virus?
    Does it give me the choice to ignore the issue, quarantine the file, or just delete it?
    This is an important point for me, after having had McAfee delete some files I wanted to keep.
  3. Is it from a vendor I trust?
    This is a personal choice, but I wouldn’t ever buy McAfee products.  Ever.
  4. Will it slow down my PC if I install it?
    You used to pay a performance penalty for running an anti-virus product on your desktop.  But not so much now, with computers having gotten faster over the years.
    It is useful to be able to exclude programs from anti-virus monitoring, if you know the program is trustworthly.

For home use, I’d recommend Microsoft Security Essentials.

(Click here to continue reading How to select a good anti-virus product)

June 30th, 2010 | Tags: , , , , | Category: How To, Software | View Comments

SMS 2003 Server running slow, check your AV exclusions.

We had a problem with one of our SMS servers today, it was not processing DDR records.

All 19,000+ of them.

After some investigation, a co-worker found it was a corrupted DDR record which caused SMS to get stuck. 

After we fixed it, SMS started processing them records at 1 DDR per [...]

November 26th, 2009 | Tags: , , | Category: How To, Windows | View Comments

eTrust AntiVirus, and directories / processes you should exclude from scanning.

Computer Associates used to recommend excluding particular processes and directories from eTrust anti-virus scanning.  This, I found, was very important with Microsoft SQL Server, as it would cause a significant performance hit.

You would do this via setting the following registry keys, under HKEY_LOCAL_MACHINE\SOFTWARE\ComputerAssociates\eTrustITM\CurrentVersion\Realtime

szExcludeProcessNames

Reason for exclusion List of processes to be excluded, separated by “|”
Microsoft SQL Server sqlserver.exe  sqlservr.exe
Microsoft Exchange store.exe
Microsoft SMS 2003 SMSEXEC.EXE  CCMEXEC.EXE
and some others …

(Click here to continue reading eTrust AntiVirus, and directories / processes you should exclude from scanning.)

September 28th, 2009 | Tags: , , , , | Category: How To, Software | View Comments

The Microsoft Loopback Adapter, NT4 & Windows 7.

Reading a Microsoft blog post recently, I was reminded of a customer request from late 2002.  The emailed request was something like this:

Had to use the generic Win NT4 install on a Toshiba laptop yesterday.  There were some issues.

No network adapter is installed at the time of the Win NT4 installation.* This [...]

May 21st, 2009 | Tags: | Category: Networking, Windows, Windows 7 | View Comments

How to debug CA eTrust’s INO_FLTR.SYS

With eTrust 8, those pack of clowns at Computer Associates seem to think it’s a good idea to distribute eTrust Anti-virus system file updates via the automated virus signature update process.

So, in the past, you as an eTrust AV admin might have distributed DRVUPDi.exe updates manually (or not at all).  CA  now forces [...]

January 14th, 2009 | Tags: | Category: How To, Software | View Comments