10 obscure antivirus tools worth a look

10 obscure antivirus tools worth a look

Summary: You know about the big players in the AV field — but a number of lesser-known tools may serve your needs as well (or even better). Jack Wallen runs through some of your choices.

SHARE:

You know about the big players in the AV field — but a number of lesser-known tools may serve your needs as well (or even better). TechRepublic's Jack Wallen runs through some of your choices. For more blogs like this, see TechRepublic's 10 Things blog.


Viruses come and go. Some of them are simply annoyances, but others are nasty little bits of malicious single-minded code that want to take down your machine or take away your data. Fortunately, there are plenty of tools out there that can help you deal with the problem. Some of those tools are well known: Symantec, McAfee, Norton. But you can also find tools that will serve you at a fraction of the cost or a fraction of the CPU processes.

I’m going to introduce you to some of these lesser-known antivirus tools. In the end, you will have more tools for your toolkit than you ever though you would have… all of which are ready to immunize you from machine-crushing code.

Note: This article is also available as a PDF download.

1: BitDefender

BitDefender is one of my favorites on the list. Why? Because it has one of the best graphical virus tools available for the Linux operating system. Of course it doesn’t offer just a Linux solution. BitDefender offers antivirus for both Linux and Windows, as well as for various server installations. In fact, BitDefender has solutions for mail servers, Samba servers, desktops, and much more.

2: Avira Antivir

Avira Antivir has, in many cases, found viruses where others have not. One of my favorite uses for this solution is to slap it on a Linux machine (the Linux version is command-line based, but does have a GUI if you prefer), attach an infected Windows drive externally, and run Avira on that drive. Much like BitDefender, Avira will find viruses many other solutions won’t find. And because it is mostly command line, it is also quite a bit faster than other tools.

3: ClamAV

ClamAV is mostly a mail server antivirus for Linux, but it does a bang-up job. If you’re hosting a Linux-based mail server, you will want to include ClamAV on it; otherwise, you risk winding up spreading the love of viruses around the globe.

4: Avast

Avast is not as much a wallflower as the other tools, but it certainly has never been crowned Prom Queen. It’s an outstanding tool that offers a lot of options many other tools over look. One of my favorite aspects of Avast is the built-in rootkit check. You can’t go wrong when you know your antivirus is keeping you safe from rootkits.

5: rkhunter

rkhunter is not so much an antivirus tool as it is an anti-rootkit tool. If you’ve never come across a rootkit on a machine, consider yourself lucky. Very lucky. Rootkits are the Mac Daddy of viruses. And if your current antivirus solution doesn’t protect you from rootkits, either add a rootkit protection tool on your system or uninstall and install one that does!

6: Dr.Web CureIt!

Dr.Web CureIt! is an interesting tool in that it requires no installation. It’s a simple binary file that, when double-clicked, will execute and scan your machine. The only drawback is that to get the latest definitions, you have to re-download the tool and use the newest version. But how easy would this tool be to use as a portable virus scanner?

7: ESET Smart Security

ESET Smart Security is from the makers of the NOD32 Antivirus tool that has been around for quite some time. ESET sets itself apart by being an antivirus and a firewall in one. But the firewall isn’t just a standard firewall. It’s a “learning firewall,” in that it observes how its users use the network and, theoretically, adapts to that usage. ESET also protects you from removable data and from viruses that attempt to disable your antivirus protection.

8: ZoneAlarm

ZoneAlarm is an antivirus tool that offers something others do not — DataLock. The DataLock portion of ZoneAlarm uses encryption on your hard drive so that it is readable only by those with the encryption key. DataLock also offers pre-boot authentication so that unauthorized users can’t even boot your machine. Yes, these features can be added from the BIOS or from other tools, but with ZoneAlarm, you have antivirus, encryption, and boot authentication all in one.

9: iAntiVirus

iAntiVirus is for — you guessed it — Mac. Like Linux, nothing is immune (no matter how much the media and the PR say it is). And that beautiful new Mac you bought can use protection as well as that new quad-core Windows 7 machine. iAntiVirus is as inherently Mac as you will ever find in an antivirus tool. Not only is it user-friendly, it has that same Mac interface that everyone has grown to love (or hate). And what’s best, iAntiVirus works like any other antivirus software you have ever used — only it does so on a Mac. So it must be better.

10: Microsoft Security Essentials

Microsoft Security Essentials has to be on this list. After all, it wouldn’t be fair of me to highlight inherently Linux and Mac tools without offering the Windows equivalent. What is really surprising about this antivirus protection is that it is free AND produced by Microsoft. Those two don’t usually go hand in hand. If you want free virus protection, and you want something that will seamlessly integrate with Windows, Security Essentials is your best bet.

Recommendations?

Those are just 10 of the less well known antivirus solutionsf. Of course, there are plenty more out there. Do you rely on a somewhat obscure tool for antivirus? If so, share it with your fellow TechRepublic readers. After all, the perfect antivirus solution is still out there, waiting to be found and enjoyed by PC users and admins across the globe.


Check out 10 Things… the newsletter

Get the key facts on a wide range of technologies, techniques, strategies, and skills with the help of the concise need-to-know lists featured in TechRepublic’s 10 Things newsletter, delivered every Friday. Automatically sign up today.

Topics: Software, CXO, Linux, Open Source, Operating Systems, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

256 comments
Log in or register to join the discussion
  • Microsft Security Essentials Needs Silent Updating

    Microsoft Security Essentials' biggest flaw is Microsoft's recent decision to share the same settings as Windows Update. If you don't have Windows Update set to install automatically, you get daily notifications to install the latest virus definitions. Virus definitions are something that you should be able to update automatically in the background while still requiring notification for major OS updates.
    annanemas
    • Are you sure?

      I use MSE and don't have Update set to install automatically and I don't get these alerts.
      Sleeper Service
      • SIlent update...

        I don't get any notification.
        MSE updates installs silently despite the fact that WU automatic update feature is turned off.
        didier.m.rousseau@...
        • MSE updates

          I have the latest version and it updates silently and my OS settings are on Notify if there are updates...and that is with three machines its on.
          EricVM
    • RE: Microsft Security Essentials Needs Silent Updating

      You are confusing Microsoft Security essentials with Windows Defender (now part of Windows 7). Defender does use the Windows Update feature to update its definitions once or twice a week.
      oldsysprog
      • I just got a message:

        "Definition Update for Microsoft Security
        Essentials - KB972696 (Definition 1.79.1379.0)"

        This is Control Panel in Windows 7 Ultimate 32-
        bit. I just noticed this change about a week ago,
        and don't like it much either.
        clfitz
    • Yes, MSE uses Microsoft Update (not Windows Update, like you mentioned)

      The reason is because if you have a real need to block Automatic Updates, which only includes bugs labelled 'Critical', and security updates which aren't intended to change operations, they figure the same reason would apply to antivirus updates.

      That is, if you need to manage security in a very controlled manner, as is what you mention, antivirus updates should be part of that same methodology.

      That's the reason.

      If you want finer control of updates, you can always implement a WSUS server, but then individual systems don't usually need that level of control. Likewise, Microsoft's best practise is to have Automatic Updates turned on for unmanaged PC's so that security updates are automatically applied. [b]Your antivirus should be one of the LAST lines of defense, not your first, and many viruses are mitigated or outright blocked by security updates.[/b]

      FYI: Updates that include changes in operation or functionality that are not directly security related are listed under 'Optional', and are never installed automatically. Drivers are the same, unless there is a major bug that causes stability problems (often Solution Center will notify you of a known problem with a driver), or a device is missing a driver that is offered on WU.

      AFAIK, WSUS is the only thing that can control deployment of updates based on categorization. I don't know of any way of doing that directly on the client, aside from what is already hard-locked into Automatic Updates.

      Really though, if you aren't installing Automatic Updates, you aren't getting baseline security patches for Windows, so I refer you back to the statement in bold.
      Joe_Raby
      • This response ignores important points

        AU only presents things periodically (a couple times a month) and has been seen [i]SEVERAL[/i] times in the past to apply patches MS thinks are good only to find out they break needed functionality. Additionally, a Service Pack update, which is listed as "Critical" since it contains the body of previously issued critical patches can cause significant negative impact to performance when it occurs.

        So, the reasons not to have AU do things automatically is so one can check out the updates in a managed manner 1) for applicability, 2) for negative impact (what may it affect for which I need to check another manufacturer's website for caveats), and 3) for convenient timing in the case of a service pack.

        Furthermore, A/V products can quickly defend against vulnerabilities before MS even has a patch. If MSE is updated independently and often, MS can devise a protective signature through A/V during regression testing producing significant reduction in the impact of 0day events. What a PR win that would be.
        Old Techie
        • No it didn't

          It was one of the most intelligent and well done posts I've seen on this site, makes a total of 3 people I'll listen to in regards to computer security.

          "
          The reason is because if you have a real need to block Automatic Updates, which only includes bugs labelled 'Critical', and security updates which aren't intended to change operations, they figure the same reason would apply to antivirus updates.

          That is, if you need to manage security in a very controlled manner, as is what you mention, antivirus updates should be part of that same methodology.
          "

          That's why AV updates are in with AU.

          You could still set up a server to download all the updates, then send out the AV updates to clients whilst keeping the Windows/MSFT Office/etc updates behind for testing if you really wanted to.

          Although there's no way an AV can take the place of Windows Updates. If a person can get root control of your computer, it's fairly simple to lock out the AV. Ye Old Windows Firewall on XP was a prime target, most viruses would disable it as default. :P
          Cyberjester
    • Microsft Security Essentials

      There are thousands of computers worldwide that have been taken over as Bots unawarely being used by people who have had their updates from Microsoft prevented by not passing the verification process or not even trying to verify in case they are traced back & the door broken down by the pirate police!This is perfectly correct of Microsoft's part (not the door break down the anti piracy part) but not allowing security updates from the largest used operating system in the world risking & causing untold problems for users worldwide against a small in comparison corporate loss,is morally or thought legally correct unacceptable.
      ronangel
      • unvalidated machines still get critical updates

        which invalidates your entire post.
        rtk
        • unvalidated machines still get critical updates

          Not unless validation has been attempted which would cause the "victim of piracy message" to be displayed. And increase paranoia of third world user who has not validated "just in case"...
          Maybe they know something we don't......
          ronangel
    • Unless the changed something...

      What you describe is Windows Defender. Totally different program, and a different concept.

      MSE is based on ForeFront/OneCare, and works largely the same, minus the advanced features required for networks/domains.
      ShadowGIATL
  • Bitdefender is just fine

    Bitdefender seems just fine as it is not intrusive and seems to run with much less resources that either McAfee or Norton which is what I used to use.

    Unfortunately it is unable to get rid of the viral version of McAfee which junk my wife keeps getting because she forgets to uncheck the box when she downloads a game or something. She then complains that her machine is unusable and I have to manually get rid of McAfee. I had subscription unexpired for McAfee but it was killing performance on our machines so I switched to BitDefender.
    gingoro
    • not for Win7 64 bit

      I'm a little leery about BitDefender after the recent update that BSoD'd Windows 7 64 bit.

      From the tools listed that I've used, AVAST seems decent, but it failed to find a rootkit that both Malwarebytes and Avira detected (I knew the machine was rootkitted by its behavior and started with MWB, but the system was so infected with malware and rootkits that I decided I needed to burn and clean with Avira on a liveCD - 3 rootkits and 164 viruses later, its clean - I also had to manually close a backdoor, fix some registry redirect entries and replace the Windows system32/drivers/etc/hosts file).

      I used ZoneAlarm a long time ago, but it was a bit more intrusive than I liked (slowing down system performance and constantly asking me to allow connections - added to Vista doing the same and it was the most annoying system ever).
      Clewin
      • I strongly agree

        If you are running an x64 flavour of Windows 7 keep you hands far far away from bitdefender.
        Its a bunch of sh..
        High CPU usage, deadly updates leaving your PC unusabme and so on.
        NOD32 was a good product until they release the 3.0 version.
        Avast is not a good choice, it fails to detect too many threats.
        I have no comments about any other product as I never used them
        didier.m.rousseau@...
      • If it's a good rootkit

        You won't see it, and if you think there's one on there, you won't be able to get rid of it. The whole point of a rootkit is that it intertwines with your computer at it's very base. Think a 100 year old tree with Ivy on it, where if you remove the Ivy you kill the tree. It's the ultimate in targetted malware atm.

        I personally hate Avast. Avira is ok, I prefer Malwarebytes though. Don't need to pay for it. Just keep a firewall up with good security practices and run the AV once a week.
        Cyberjester
    • BD is Good

      I have used BD for several years across XP/VIsta/Win7 32 and 64 bit.

      I recently have been running this and MSE on various machines with similiar use (ex: my son has BD, my daughter has MSE+MD).

      After a few months now, I am finding both are equally effective at protecting Windows systems.

      For the "Power User" I would lean towards BD, for the general user MSE (front end and setup is more user friendly).

      I'm slowly switching over to MSE on all my machines - reason: cost.

      .
      rhonin
  • Or you can look at ...

    ... using another OS.

    PS. You can use your time/money more wisely.

    ^o^
    <br>
    n0neXn0ne
    • Oh...? Seems like there were AV products listed for Linux, Mac as well...

      So what OS should I be looking at? All three have vulnerabilities.

      Don't bother saying OSX - because we all know it has swiss cheese for security. The lace variety. It also regularly gets majorly PWNED - read: HACKED - at the Pwn2Own compeition at CanSecWest. Usually by Charlie Miller and generally in under 2 minutes flat.

      If it can be pwned, it isn't any better.

      So, then, we're left with Linux which gives it's own set of challenges. Like for instance, the native apps suck. It can't run the stuff I need to get my work done natively. I'd have to play around with WINE in order to get it working. And even then it's a hit or miss if it's going to work properly or not.

      BEOS is extinct. OS/2 has likewise gone the way of the dodo. And even then, we've still got the same problem - it won't run my software.

      There are no other serious alternatives.

      So why would I want to ditch Windows? I make my money using Windows and Windows based programs and tools.
      Wolfie2K3