Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Ask Slashdot: Light-Footprint Antivirus For Windows XP?

timothy posted 1 year,12 days | from the tread-lightly-stomp-hard dept.

Windows 294

New submitter Bauermlb writes "I service computers for retired folks in my community, often older machines with modest speed (2 GHz Centron) and modest memory (512 MB). Adding AVAST to one of these machines slows it to a crawl. Any recommendations for a light-duty antivirus program with a low overhead? (These people do not tend to surf 'dirty' sites.)"

cancel ×

294 comments

Clamwin (1)

Anonymous Coward | 1 year,12 days | (#44295611)

http://www.clamwin.com/content/view/18/46/

Re:Clamwin (4, Insightful)

Bacon Bits (926911) | 1 year,12 days | (#44295865)

ClamWin is "light footprint" because it's no footprint. It has no on-access scanning, which for most people is indistinguishable from not having antivirus installed.

Snowden leak: Microsoft added Outlook.com backdoor (-1)

Anonymous Coward | 1 year,12 days | (#44296013)

NSA praises Redmond for 'collaborative teamwork'
There are red faces in Redmond after Edward Snowden released a new batch of documents from the NSA's Special Source Operations (SSO) division covering Microsoft's involvement in allowing backdoor access to its software to the NSA and others.

Documents seen by The Guardian detail how the NSA became concerned when Microsoft started testing Outlook.com, and asked for access. In five months Microsoft and the FBI created a workaround that gives the NSA access to encrypted chats on Outlook.com. The system went live in December last year – two months before Outlook.com's commercial launch.

http://www.theregister.co.uk/2013/07/11/snowden_leak_shows_microsoft_added_outlookencryption_backdoor_for_feds/ [theregister.co.uk] [theregister.co.uk]

Re:Clamwin (0)

Anonymous Coward | 1 year,12 days | (#44296313)

Unless you want false positives up the wazoo then no.

Hah (4, Funny)

J'raxis (248192) | 1 year,12 days | (#44295613)

(These people do not tend to surf 'dirty' sites.)

That's what they tell you, eh?

Re: Hah (0)

Anonymous Coward | 1 year,12 days | (#44295639)

Yeah what is a computer good for if it can't get a little dirty?

Re:Hah (2, Informative)

bill_mcgonigle (4333) | 1 year,12 days | (#44295787)

Re:Hah (1)

evilRhino (638506) | 1 year,12 days | (#44296347)

There is a difference between IRL and surfing activity.

Re:Hah (2)

simplypeachy (706253) | 1 year,12 days | (#44296077)

Whilst this might have been meant as a joke, I think the OP should take it into serious consideration!

all sites are dirty sites (4, Insightful)

Rosyna (80334) | 1 year,12 days | (#44295619)

Ad networks/common popular websites have been compromised repeatedly in the past and will be compromised repeatedly in the future. All sites could be considered "dirty sites".

Re:all sites are dirty sites (3, Informative)

Shoten (260439) | 1 year,12 days | (#44295755)

Ad networks/common popular websites have been compromised repeatedly in the past and will be compromised repeatedly in the future. All sites could be considered "dirty sites".

This is totally true, but not even the whole story; a site need not be compromised to serve up malware. For a while, Foreign Policy's website was serving up malware once in a while through one of the advertising networks. Google released a comprehensive study of drive-by malware attacks that explicitly stated that the nature of content a person looked at was no longer germane to their safety from such attacks.

No such animal (4, Informative)

dreamchaser (49529) | 1 year,12 days | (#44295631)

There is no such thing as a safe website. These days any site can wind up hosting malware via banner ads that inject code.

AVG is relatively lightweight but I would suggest you test it and others on some of your target hardware.

AVG (1)

ulatekh (775985) | 1 year,12 days | (#44295957)

I would also like to vouch for AVG being lightweight. I run it on all my machines, including a 7-year-old XP box.

Microsoft Security Essentials (5, Informative)

Anonymous Coward | 1 year,12 days | (#44295635)

I've seen way better performance with it than with McAfee, Avast, etc.

Detection benchmarks typically put it on par with the other free solutions, though it changes from month to month.

Re:Microsoft Security Essentials (2)

jfdavis668 (1414919) | 1 year,12 days | (#44295843)

I agree. Not real confident of its ability, but it does seem to be light weight. Run it on XP with Athlon 64 machines with 512MB, and some Atom based machines. Haven't had any issues on them.

Re:Microsoft Security Essentials (2)

Dins (2538550) | 1 year,12 days | (#44295877)

I'll second this. The thing I like about it is it doesn't bug you to renew/update/subscribe, etc. As long as you have a "genuine" copy of Windows, it just works. Odd, coming from MS and all, but I do like it.

Re:Microsoft Security Essentials (0)

LordLimecat (1103839) | 1 year,12 days | (#44295901)

Last time I checked it became basically worthless when Windows 8 was released, presumably because it is now on the "must evade detection" list of every virus maker out there.

Re:Microsoft Security Essentials (3, Interesting)

cyber-vandal (148830) | 1 year,12 days | (#44295985)

Will it still be available for XP after 8th April 2014?

Obligatory Linux evangelism (4, Insightful)

Curupira (1899458) | 1 year,12 days | (#44295637)

Do they *really* need Windows? Or would a lightweight distro with a windows-like interface do the job? Just asking :)

Re:Obligatory Linux evangelism (2, Informative)

Anonymous Coward | 1 year,12 days | (#44295729)

A very real and practical solution to be considered.

I find the biggest challenge is user expectation. When you say the word "Linux", many assume it's hard, weird or too different. If you can get past that and folks actually try it, they discover - to their delight - it's easy to use, intuitive and more importantly robust. At that point, the challenge is getting them to let go so someone else can have a run at it.

Re:Obligatory Linux evangelism (5, Funny)

SirTicksAlot (576078) | 1 year,12 days | (#44295831)

When you say the word "Linux", many assume it's hard, weird or too different.

It's a retirement community; when you say the word "Computer", many assume it's hard, weird or too different.

Re:Obligatory Linux evangelism (3, Insightful)

lesincompetent (2836253) | 1 year,12 days | (#44296025)

Why are they teaching "computers" with windows? Given those elders are not accustomed to computers at all they might as well start with something better, and better suited for those old machines.

Re:Obligatory Linux evangelism (0)

Anonymous Coward | 1 year,12 days | (#44295871)

Just say you upgraded the operating system and let them discover the rest. Mention it may look and feel different.

I found Linux Mint 15 XFCE is just released and should work down to 384MB of memory. I just installed Linux Mint 13 XFCE (because it is a LTS version with support to year 2017) to an old laptop with 512MB of memory, and it is now the most recent OS I have at home.

Re:Obligatory Linux evangelism (-1)

Anonymous Coward | 1 year,12 days | (#44295935)

As somebody who uses computers there whole life, and a professional developer for more then 10 years.

I still associalte Linux with hard, I've tried multiple times to get into it but everytime.
But everytime I'm having problems with drivers or software and I end up in the commandline entering strange complex commands which I do not want to learn nor should have to learn.

Re:Obligatory Linux evangelism (1)

SirTicksAlot (576078) | 1 year,12 days | (#44296117)

But everytime I'm having problems with drivers or software and I end up in the commandline entering strange complex commands which I do not want to learn nor should have to learn.

Which is a pointless argument here. This is a retirement community. These people have not used computers their whole life. Given that the OP is asking advice on administering the machines, I'm guessing the end user will not have to worry about drivers or software.

Re:Obligatory Linux evangelism (-1)

Anonymous Coward | 1 year,12 days | (#44296137)

Why shouldn't you have to learn the command line? You sound like me complaining that I shouldn't have to constantly relearn where all the buttons are on windows machines when emacs and gcc still take all the arguments I learned them with just fine.

Re:Obligatory Linux evangelism (4, Insightful)

Anonymous Coward | 1 year,12 days | (#44295923)

This.

A simple sylogism:

Any antivirus solution worth its salt will put a hook in the file open system call to scan each file as it is accessed.

Regardless of the footprint and efficiency of the program, anything that runs each accessed file through an additional filter will incur a significant performance hit.

Therefore, any antivirus solution worth its salt will incur a significant performance hit.

The solution is not to install an antivirus program. Ways to deal with potential virus infestations: (1) run with adblockers, noscript, and perfectly strict browsing discipline, or (2) don't use a virus-prone system, or (3) something else?

I do (1) and (2). What will do you?

msav/defender/whatthefuck (0)

Anonymous Coward | 1 year,12 days | (#44295641)

and change the browser to chrome - or better yet to opera or something more exotic than that.. and uninstall flash and java.

Avira? (4, Informative)

kinarduk (734762) | 1 year,12 days | (#44295653)

Re:Avira? (0)

Anonymous Coward | 1 year,12 days | (#44296125)

I second this. I recommend it for windows users since... Pretty much forever.

Re:Avira? (1)

armanox (826486) | 1 year,12 days | (#44296243)

Add me to the list for advocating Avira. Been using them since 2007.

Support is ending for Windows XP (0)

Anonymous Coward | 1 year,12 days | (#44295655)

Do a good deed today. Uninstall an XP.

Haven't found one yet. (0)

Anonymous Coward | 1 year,12 days | (#44295659)

I have installed Microsoft Security Essentials. It's something but a lot of the software out there is just bloated and slow. I know it's not what you asked but a Linux live CD would be a better option if they don't need to save anything locally.

Re:Haven't found one yet. (1)

bandy (99800) | 1 year,12 days | (#44296289)

Another vote for MSE. It Works.

MSE (2)

The MAZZTer (911996) | 1 year,12 days | (#44295663)

MSE was OK when I last tried it, but it made a footprint on a 1.8ghz single core proc machine. Of course anything will make a footprint on a low-enough-end machine. Previously I had used AVG which was also OK but the networking features tended to break Source engine games even if they were off (you had to deselect them entirely at AVG install time). Anyways not sure if the LATEST version of MSE supports XP still or not. You might be able to grab an older version that still does though.

MSE (1)

jdharm (1667825) | 1 year,12 days | (#44295691)

Microsoft Security Essentials It's pretty heavy to install on a limited machine, but once you get it going you don't notice the performance hit and it's as good as any out there. Before MSE came along I recommended F-Prot. It is a subscription, but nothing I found could touch it on an old slow machine for low overhead AND effectiveness.

Lightweight AV (0)

Anonymous Coward | 1 year,12 days | (#44295697)

MS Security Essentials, backed up with on-demand Malwarebytes Antimalware. I geek for a living and that's what I use at home and recommend to clients for home use. No AV program is 100%, but I've always gotten good results from it, the price is right and it doesn't bog down an old machine. Good stuff, IMO. .High*Ping*Drifter.

"The computer tech-support business is a cruel and shallow money trench, a long plastic hallway where thieves and pimps run free, and good technicians die like dogs for reasons that are never made clear. There is also a negative side." (with apologies to Hunter S. Thompson)

Microsoft Security Essentials (5, Insightful)

Toshito (452851) | 1 year,12 days | (#44295701)

I've been using it for the last 3 years on XP and now 7, very lightweight. No virus or adware problem (for now). From time to time I also scan my computer with adaware and spybot.

Upgrade (0)

Anonymous Coward | 1 year,12 days | (#44295703)

Windows 7 not only be more secure, but run faster on the same hardware.

Then install the Microsoft Security Essentials and turn on updates.

Re:Upgrade (0)

Anonymous Coward | 1 year,12 days | (#44296401)

Windows 7 not only be more secure, but run faster on the same hardware.

More secure, but not faster if the hardware in question has only 512MB RAM.

yes (0)

Anonymous Coward | 1 year,12 days | (#44295705)

Yeah, there is a good one out there that can handle all their facebook stalking needs. http://www.ubuntu.com/

MSE (3, Insightful)

puddingebola (2036796) | 1 year,12 days | (#44295709)

Not that I'm promoting it as effective virus protection, but MSE has a light effect on my Windows partition. Seldom using Windows, but I surf on it ocassionally. Don't know if MS will continue to support it after XP dies, but looking at my parents computer and the 4 websites they visit, I really wonder how robust an anti-virus program someone who is elderly actually needs. Good experiment for somebody: use XP with NO virus protection for a month, visit the same websites these people visit, use a modern web browser (not IE 8), and see at the end of that period if you are actually infected.

Microsoft (1)

ostrand (2660505) | 1 year,12 days | (#44295713)

Microsoft Security Essentials - http://windows.microsoft.com/en-us/windows/security-essentials-download [microsoft.com] - is free, quite light and actually good enough.

Re:Microsoft (1)

bandy (99800) | 1 year,12 days | (#44296303)

http://windows.microsoft.com/mse [microsoft.com]

Why yes, I do have that URL memorized. Sigh.

They all seem to kill performance (3, Insightful)

PoconoPCDoctor (912001) | 1 year,12 days | (#44295715)

It's not so much a memory issue as it is the nature of the beast. Active scanning hogs hard disk performance. I would ask these people if they might want to get a Chromebook or similar. The aging hardware might soon go to PC heaven so they will need to replace the system anyway.

End Of Life (5, Informative)

kelarius (947816) | 1 year,12 days | (#44295717)

Microsoft is killing updates for XP in a little under 9 months. Get them onto linux or a new PC or it may not matter how good of an antivirus you put on there after that.

Re:End Of Life (1)

bill_mcgonigle (4333) | 1 year,12 days | (#44295835)

Right. Giving an oldster an XP machine today is equivalent to giving them a car with some bearings that are starting to go.

Mint requires a 600MHz CPU and half a gig of RAM. That would be more kind. If they can afford to buy software they can afford a new cheap laptop, so that's not the issue here.

Re:End Of Life (1)

russbutton (675993) | 1 year,12 days | (#44296065)

I agree. Put 'em on Mint and give 'em Chrome to use. Especially for folks like that, a web browser is the only app they need to run.

My wife is a complete Luddite. Hates computers. She's a professional violinist and is most comfortable with 19th century technology. Ever look at a violin up close? It's a flimsy box of wood. You tune it by twisting a wooden peg. The thing hasn't even got frets!

I have her on an Ubuntu box. She runs Chrome and Thunderbird to read e-mail. She sometimes will look at a pdf file in evince. That's it.

Take one of your machines, put Linux Mint on it. Show an oldster how to run Chrome. The performance will be much, much, MUCH better than XP. Not even close.

Re:End Of Life (-1)

Anonymous Coward | 1 year,12 days | (#44296153)

you're a moron. sage advice from a y2k'er

Re:End Of Life (0)

Anonymous Coward | 1 year,12 days | (#44296267)

Let's be honest, that will be extended again.

Microsoft Security Essentials (3, Insightful)

MrKevvy (85565) | 1 year,12 days | (#44295721)

Yes, I know... it failed certification. But often what is used in certification is proof-of-concept or old and very rare samples that may not be "in the wild". It deliberately doesn't detect them to have a lighter footprint and be easier on resources. I use it on 1 GHz machines with 512MB of RAM with no noticeable slowdown. It doesn't miss the stuff that you're actually going to be at risk of getting infected with, in my experience.

You didn't state the OS you were asking about, but IIRC Avast is Windows-only. MSE may fit your requirements.

Re:Microsoft Security Essentials (1)

MrKevvy (85565) | 1 year,12 days | (#44295765)

I can't believe I posted "You didn't state the OS you were asking about" when it was in the title. This is what I get for posting before I've had my caffeine. :^p

As much as it pains me.. (0)

Anonymous Coward | 1 year,12 days | (#44295739)

Install Microsoft Security Essentials. It's super light weight, works really well, blindingly easy to use, automatically updates w/Window updates and generally a very night quality program. As much as I hate to admit, makes me slightly vomit in my mouth, I have to give credit to M$ for making a really excellent program. We install it on all the machines we service and everyone really likes it and are satisfied with it. I also use it on my gaming machine.

Microsoft Security Essentials (0)

Anonymous Coward | 1 year,12 days | (#44295741)

Microsoft Security Essentials is my goto anti-virus but it won't protect from the web as much as something like NoScript will.

Centron? (3, Interesting)

operagost (62405) | 1 year,12 days | (#44295751)

Sempron, Celeron?

And if you have only 512 MB of RAM, you don't have an older machine-- you have an OLD machine!

How does this stuff get on Slashdot? (0, Troll)

Anonymous Coward | 1 year,12 days | (#44295757)

#1: WTF is a Centron? Is it a low-end version of a Decepticon or something?

#2: Computers that old should be taken out behind the chemical shed and shot.

"But, but, they're still good!"

Nope, sorry, wrong. You're just gonna have to accept that. These things are connected to the Internet, which is vastly different now than it was when the machine was built. It's now obsolete and useless, and needs to be replaced.

Re:How does this stuff get on Slashdot? (4, Informative)

ZeroNullVoid (886675) | 1 year,12 days | (#44295925)

I think he is getting confused and meant to type Centrino which was, at sometime a marketing/branding term for an Intel Reference Design consisting of Chipset, CPU and Wifi. Either way, they wrote it wrong, but lurkers from the past would have recognized it. It was posted on a lot of laptop stickers in the same way Pentium 4, Core X, etc are.

https://en.wikipedia.org/wiki/Centrino [wikipedia.org]

As for /. letting this through... things have changed, have you been gone for the past 3 years?

Centron? (0)

Anonymous Coward | 1 year,12 days | (#44295771)

'Celeron', surely?

No reason to go for anything other than MSE, IMO.

you're an idiot (0, Troll)

slashmydots (2189826) | 1 year,12 days | (#44295773)

Avast isn't heavy on CPU usage. It relies on fast HDD access. All antiviruses do and if it seems like they don't, they're simply not scanning as much as they should. Avast is the king resource usage vs detection rate so you should still use it.
Oh and to the couple morons above me recommending MSSE, you're completely out of touch with reality. It is the dead last worst rated antivirus in the entire world and a resource disaster. It's the last efficient scanner I've ever seen in my entire life and the disk IO is absurd.

Re:you're an idiot (2)

RPGonAS400 (956583) | 1 year,12 days | (#44296101)

I completely disagree with you. I have used MSE on ALL my familys machines since it came out and I have yet to have it fail and yet to notice ANY slowing of my system other anti-virus programs caused. Any it is approved by my work VPN AV check. I am completely satisfied with it.

Re:you're an idiot (0)

Anonymous Coward | 1 year,12 days | (#44296301)

I disagree. I use Eset's Nod32 and have yet to see any performance hit on my machines. As far as I know, they don't do continuous scans of the HDD(or I've configured it not to do so). I have a scan scheduled daily, and that's the only time it runs - while I'm asleep.

Also, the most important bit, is that I've had only a handful of viruses in the last 7 years, and my policy is 'If someone sends me a link, I click on that link'. I've been to many dangerous sites. I've even double checked that Nod32 isn't just missing a ton of viruses by running external scans with symantec, avast, and various other AVs over the years. None of them point out anything that Nod32 doesn't, and some of them miss viruses that Nod32 caught.

Also, paid AVs are generally better than free ones.

Here's an idea (1)

GeekWithAKnife (2717871) | 1 year,12 days | (#44295791)


Considering how old WinXP is and considering how well researched its many holes are, you would be better off with almost any other modern alternative.

Securing/protecting WinXP will give you nothing but grief, pain, frustration and a bill.

You will do more for retired folk if you get them on a modern OS than if you try to run some free AV solution on a half baked OS.

If these are many elderly/retired people they can pool together you might want to contact you local software provider for a bulk license. Or better yet, just install Ubuntu.

If it has to be Windows - Win 7 works well on older hardware. Change is also healthy for the mind and will help them when they have to use other hardware that is becoming increasingly computerized.

No. (-1)

Anonymous Coward | 1 year,12 days | (#44295907)

Wrong. No Windows works well on any hardware.

who wrote this? A Centron? (1, Insightful)

slashmydots (2189826) | 1 year,12 days | (#44295805)

A "2 GHz Centron" huh? They glued a sempron to a celeron? Someone dumb enough to write that certainly is dumb enough to overestimate the impact Avast has on a system. And 512 MB of memory? That's not enough to run anything.
How about naming your celeron correctly, adding 512MB of DDR1 for about $4, and dropping in a socket 478 Pentium 2.8Ghz for about $9. That costs less than an antivirus license. Then keep Avast, since it's the best speed vs detection.

Sidestep the problem (3, Informative)

flyingfsck (986395) | 1 year,12 days | (#44295811)

In my experience it is so much easier to avoid the whole problem of Windows malware, simply by installing Linux. I tell my friends that I don't do Windows. They then assume I use a Mac - I use a Mac too, so that isn't wrong. When I tell them that I can install something on their computer that will make it work almost exactly the same as a Mac, then they actually get interested and once they have Linux with XFCE running, they never look back.

"I want an elephant the size of a mouse, please" (4, Insightful)

tlambert (566799) | 1 year,12 days | (#44295849)

"I want an elephant the size of a mouse, please"

Antivirus software sniffs the butt of ever filesystem write operation, as well as sniffing the but of every executable image load, as well as every browser plugin load; it also scans the contents of inbound network data, since it could have a known payload using an unknown zero day in the program requesting the data from the Internet.

Most of the code could be made significantly less overhead, but we are talking reducing it from elephant sized to water buffalo sized, rather than reducing it to mouse size. For example, if instead of checking the whole file when every write occurs, it could prevent the file being opened again until a scan-on-close occurred. Both Outlook and IE would hate that, and any browser that didn't operate "stage then interpret" would still have to be byte-stream interposed. As another example, it could decide to not react to every FS event; MacOS has this capability, since it integrates a mandator access controls (MAC) capability, but many OSs do not. And even on MacOS, most AV vendors don't take advantage of this, since it messes with their ability to use the same event streaming model as on their other platforms.

So: no such animal exists, if you want it to also be effective.

Bitdefender (2)

Tavor (845700) | 1 year,12 days | (#44295851)

Seriously. It's amazing. I'm using it on a PIII 1.0 ghz 512 PC133 box that I use as a server. It impressed me so much that I switched from AVG (which was slowing down my Core i5 box) and now don't even notice a scan.
I cannot recommend Bitdefender enough.

/bin/true (0)

Anonymous Coward | 1 year,12 days | (#44296235)

Seriously. It's amazing. I'm using it on an 80386. I don't even notice it's there!
I cannot recommend /bin/true enough.

(Oblig. XKCD [xkcd.com] .)

Re:Bitdefender (0)

Anonymous Coward | 1 year,12 days | (#44296257)

Seconded, fwiw. Just use the free [bitdefender.com] version

None. (0)

Anonymous Coward | 1 year,12 days | (#44295883)

Antiviruses are snakeoil tech. Last time I used one was over 10 years ago.

You might just want to suggest a memory upgrade (1)

voss (52565) | 1 year,12 days | (#44295949)

1gb memory stick for that computer is $12 on amazon. XP on 1.5 gb will run avast or mse just fine.

Old dogs can learn new tricks. (1)

goruka (1721094) | 1 year,12 days | (#44295959)

Maybe and just for some people, a lightweight Linux distribution might work.

I moved grandmother from Outlook/Word on a 486 to Gmail and Docs on a 2ghz athlon and she adapted fine. She is 92.

Buy new hardware (0)

Anonymous Coward | 1 year,12 days | (#44295973)

That's what the vendor tells you to. Why aren't you listening?

Money? Are you even allowed to use those old XP installs, anyway? What's the licence say? You could very well be in for a nice BSA raid, citizen.

The easy solution is to provide something that does what expected without the drawbacks. So what is expected? A bit of email, a bit of browsing, maybe a letter or two to the (grand)kids. So provide that, and do so without windows.

Note how I didn't say "use linux"; any other solution that isn't as horribly vulnerable as windows will do. You could be using haiku for all I care.

It's the services that count, and since you're using old hardware presumably you'd be using open source applications anyway--that, or you'll be in for another BSA raid. Do you really want your oldsters to run that risk?

Since you're supporting them, and if you do it right they probably won't notice just what you're giving them anyway, you're free to forego windows and thus forego all the virus and malware headaches.

Because, they may not be surfing pr0n sites, they will sure as fsck exchange the silliest things among themselves, and so one infection will get to most of the others.

Such an alternative solution can work pretty well, for example this outfit [simpc.nl] (site in Dutch, but you can read the links to s/w they're using) gives people a "simple pc" that pretty much is an appliance for the basic functions, complete with touchscreen menu GUI and nice and large icons and things for the elderly.

This got rolled out complete with helpdesk and user training, and was apparently succesful enough to end up being bought by the former state telco.

So change the question: Don't ask "how do I keep this horribly broken system afloat on underpowered hardware?", but ask "how do I provide what the people want me to provide, without the headaches to the standard bonehead solution?"

Don't bother (0)

Anonymous Coward | 1 year,12 days | (#44295975)

Keep backup images handy and re-blast them if something is fubar.

Filter at the Router (0)

Anonymous Coward | 1 year,12 days | (#44295977)

Invest in a Router with content filtering and botnet connection monitoring.

The machines are too old to support clever software and probably would croak if given a hard scrubbing with Bon Ami AntiVirus.

A smart router with a good reputation "subscription" to one of the sender databases like SenderBase, Ironport or one of the WebSense type products would serve you best. These days though you have to assume you've some infected unruly mechanial kids in the mix.. so make sure you also have a router "botnet" connection detector.. it basically shuts off Internet connections to sites with a known history of botnet traffic and notifies you of the IP or MAC address of the local machine that went to the Red Light district.

It would also help when they get gifts or mobile devices connecting.. you don't have to install anything.

Badware these days tends to "behave" itself like the random Poltergeist.. if you cut off its lifeline to the Internet.. no use in sticking its head up if it might get chopped off. So squelch it at the router.. even a decent gaming router has many of the basic features you need.. so it doesn't have to be expensive.

Just remember your maintaining an "environment" not the "patients"

Triage.. not major Open Heart Surgey.. should be the order of the day.

Microsoft Security Essentials (0)

Anonymous Coward | 1 year,12 days | (#44295979)

Free (as in beer) and hassle free.

MSE (0)

Anonymous Coward | 1 year,12 days | (#44295981)

Microsoft Security Essentials... not the best one, but quite free and well integrated

Re:MSE (2, Informative)

Anonymous Coward | 1 year,12 days | (#44296029)

maybe have a look at this:

http://www.av-test.org/en/tests/home-user/windows-xp/marapr-2013/

An ounce of prevention... (1)

icemaze (1865436) | 1 year,12 days | (#44295989)

...is worth a pound of cure. Install Firefox, AdblockPlus, maybe even NoScript if you wanna be hardcore, and 99% of malware is blocked in its tracks. Block the ability to download executable files and you'll be very close to 100%. No grandpa, you don't really need to install videoplayer.exe to see that porn clip.

Microsoft Security Essentials (1)

milage (881680) | 1 year,12 days | (#44296017)

I've not had any performance problems with MSE. Seems to do the job, is quiet about it and is free. I've moved the various family members I provide tech support for to it. http://windows.microsoft.com/en-us/windows/security-essentials-download [microsoft.com]

Re:Microsoft Security Essentials (1)

sasparillascott (1267058) | 1 year,12 days | (#44296293)

I agree on this, it seems lightweight on the resources, unobtrusive and free. As others have pointed out, Microsoft stops Windows XP security updates in less than a year. You want to have them transitioned to something else before that happens (Vista will take security updates into 2017 and Windows 7 will take security updates through 2020). Same story with Office as well (if they have that on their machines), Office 2003 stops security updates next year when XP does. Linux would be the lowest cost choice, but you probably don't want to be the training resource - they'll want something that works like the old computer.

"Dirty Sites" not the problem (1)

erroneus (253617) | 1 year,12 days | (#44296063)

At one time, long ago, it was most often the sites themselves which were hacked, hijacked and made to serve up malware. But lately, the methods have become more sophisicated. Ad servers are more often targeted and those servers are accessed by requests delivered by a wide range of sites out there. The thing about his is that the original site which might be blamed for the malware, would be uncompromised. The ad servers seem to take a lot longer to detect such compromise.

If someone is interested in setting up a secure station for email and web, I would recommend a nice Linux distro. This is not for the reasons believed -- that Linux is invulnerable. It's not. But when a site sends a "setup.exe" the user is less likely to unwittingly run the code successfully.

Don't use an Antivirus - block executables (0)

Anonymous Coward | 1 year,12 days | (#44296085)

It is possible to edit the Windows registry and block .exe , .bat, .reg, .com files. That would effectively make the computer immune to viruses. (Excluding zero day attacks and assuming the computer is not already penetrated). This can easily be achieved by simple registry modifications.

The trick is adding an exclusion list to allow some programs to run (the web browser, for example). This is achieved by telling the registry to run a checker program whenever an EXE is clicked. Basically, whenever an EXE is clicked, the checker program runs and the path of that EXE is sent as a parameter. The program has an exclusion list, if the EXE is white listed, it is executed, otherwise it is blocked. Such a checker program can be an extremely simple C program. Personally I programmed the checker like this: "If the parameter begins with c:\program files\, allow the EXE to run". This works great, all legitimate programs are in that folder, and all downloaded viruses are somewhere else (Usually the desktop / documents / downloads folder).

Panda Cloud (1, Informative)

Lawrence_Bird (67278) | 1 year,12 days | (#44296093)

I think it will still work under XP. After the initial scan it should be pretty light on local resources.

None (1)

tsa (15680) | 1 year,12 days | (#44296129)

None. Just don't use Outlook and IE. And teach the users not to click on anything they don't know. Works much better than antivirus programs which are viruses in themselves. They make your computer feverish and sluggish...

Panda Cloud (1)

dafradu (868234) | 1 year,12 days | (#44296135)

www.cloudantivirus.com

Light, no annoying popups, messages or sounds, i only remember he is there when i manually scan a file.

MSE is similar.

Use a ramdisk OS (0)

Anonymous Coward | 1 year,12 days | (#44296147)

Use a Ramdisk operating system such as Puppy Linux. Firstly, it would greatly improve those old machines' performance. Secondly, Linux viruses are extremely rare. And thirdly, even if a virus somehow reaches the system, it will be cleaned upon reboot.

The learning curve would be extremely, especially if you install familiar software. (If they were used to Chrome on their old PC, install the Chromium browser).

Not a joke (2)

aglider (2435074) | 1 year,12 days | (#44296157)

Install Linux

Maximum PC (0)

Anonymous Coward | 1 year,12 days | (#44296165)

Maximum PC recently pushed out a article about 2013 antivirus, discussing system performance impact (but not providing any hard numbers). Could be useful.

http://www.maximumpc.com/article/features/best_antivirus_2013

NOD32 (0)

Anonymous Coward | 1 year,12 days | (#44296179)

I haven't really cared in a long enough period for my info to be completely out of date, but ESET's NOD32 product used to be the go-to solution for a lightweight, small-footprint AV scanner for Windows.

WinXP is essentially EOL... (1)

InfiniteBlaze (2564509) | 1 year,12 days | (#44296227)

ditch it for Linux. So much of what we do on PCs now is through a browser, they won't really be able to tell a difference. Ubuntu is extremely easy to learn and does not need a powerhouse to run. Installation is a breeze and updates are as easy as on Windows.

Wisdom follows, pay attention! (1)

Anonymous Coward | 1 year,12 days | (#44296231)

The thing is, modern antivirus will not be satisfactory on single-core (single-thread) CPU, especially not Celerons, which are so low on on-die cache. First-generation Turion 2.0GHz is somehow still tolerable (if you are a buddhist), but early gen. (NW) Pentium-4 2.8GHz just sucks. Dual cores work wonders, except in case of Atom CPUs, where apparently nothing helps.

One must also forget about 512MB of RAM, which is often only 448MB, due to the effect of integrated VGA chips. Don't install Windows antivirus with on-access scan functionality under 768MB RAM and even then you will need patient. Practical minimum should be 1GB for WinXP or 1,5, rather 2GB for Win7 32-bit.

A big problem can be the regular (up to 4x workdaily) automatic updating of malware finger databases. Many AV vendors push these as delta-differentials, that kind of have to be recompiled with the already delivered database. When the database is 180-195 MB large, this can take almost all CPU for 3-4 minutes. Some AV vendors now have such memory problems that virus fingerprint databases loaded into do not even contain malware names. When a nasty object is found, the corresponding label (e.g. Trojan-Spy/YourMoneyGone.xyz) has to be read from disk, which can take suprisingly long.

All in all, a PC with a 2Gz Celeron CPU and 512MB RAM is no longer up to scrath to run Windows XP in a network-connected scenario. Please do not endanger other netizens by publishing such obsolete computers on the public net! I think they should be recycled the hard(ware) way.

Slashdot crowd is getting slow (0)

Anonymous Coward | 1 year,12 days | (#44296319)

This story's been up for an hour and nobody's posted the standard comeback "dude... Windows XP *is* a virus!"

Ubuntu (0)

Anonymous Coward | 1 year,12 days | (#44296359)

I have setup a number of machines, both young and old, for retirees and in my experience they have been quite comfortable migrating from their clunky old Windows environments to whichever version of the Ubuntu Live CD I happen to have demoed (and subsequently installed)

the single most frequent feedback I hear from them is an appreciation for not having to bother with ANY antivirus software...

Webroot (2)

blueapples (614410) | 1 year,12 days | (#44296369)

Very fast, very high testing marks. Not free but you get what you pay for - it is worth it.

Norton (0)

Anonymous Coward | 1 year,12 days | (#44296399)

so many people love to bash norton and/or symantic, but those people clearly have NOT used norton antivirus since prior to 2009.

since that revamp in 2009, norton antivirus is the lightest-weight, smoothest running antivirus on older, slower windows computers. period. yes, norton. not microsoft mce, not avast, certainly not avg, bit defender, kaspkersky, eset, or any others. norton.

download and try it.. i dare you to honestly, truly find an antivirus for an older windows computer that runs better... you wont. sorry to disappoint you norton haters. there isn't one.

http://us.norton.com/support/redirects/redirect.jsp?type=latestnav [norton.com]

in addition to this.. firefox + adblock with easylist, easylist privacy, and malware domains subscriptions. a must on any internet-connected pc.

I know your problem better than you (0)

Anonymous Coward | 1 year,12 days | (#44296439)

Despite your specific question, I will instead tell you you're wrong (AVAST won't slow down your computer, even if you already saw it doing so), suggest upgrading your hardware (if you really are serving the community, you should foot the bill for computer upgrades), tell you to switch to Linux (anyone who still uses Windows should be shot; if they can't learn a new distro, they don't deserve to be using a computer), or simply criticize other people's suggestions and comments without adding anything and changing the topic.

Sincerely,
every /. commenter

P.S. I would offer a suggestion of a good antivirus, but the score on my post would drop faster than if I just said "linux sucks, Windows ME 4ever!"

eset nod32 (1)

Jonathan P. Bennett (2872425) | 1 year,12 days | (#44296481)

I recommend Eset nod 32 for exactly this reason. They wrote portions of the program in assembler in order to be lighter.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...