Best Anti-Virus Software for an HTPC?

[Makaveli6103]

Via this article http://www.av-test.org/en/tests/home-us ... vdec-2012/ MSE is a horrible program. I moved to AVAST but noticed problems with my PCIe Ceton tuning adapter. Which anti-virus will work?

[bobbob]

what are you doing with your htpc that requires you to prioritise protection over usability to that extent? MSE is more than fine

[lithium630]

Via this article http://www.av-test.org/en/tests/home-us ... vdec-2012/ MSE is a horrible program. I moved to AVAST but noticed problems with my PCIe Ceton tuning adapter. Which anti-virus will work?

I don't think an antivirus program is necessary on an HTPC unless you are using torrents. Even though its not the best, I still use Security Essentials because its free and doesn't interfere with anything.

[staknhalo]

Yeah I can't see why AV would be needed on a HTPC. If you're doing stuff on your HTPC that requires AV like browsing and running various programs, then it's not a HTPC and just a computer hooked up to your TV. I'm splitting hairs though. People like Microsoft Security Essentials. I'm a fan of MalwareBytes (paid version will be proactive defense, free is just on demand scanning).

[spanner]

On occasion i will minimize the windows media screen and check email and maybe even this forum, so even though it is a dedicated HTPC I run MSE. Its free and isn't in your face as much as other programs i have used

[foxwood]

Via this article http://www.av-test.org/en/tests/home-us ... vdec-2012/ MSE is a horrible program. I moved to AVAST but noticed problems with my PCIe Ceton tuning adapter. Which anti-virus will work?

You know all those reports you read of real users getting infected with viruses because they relied on MSE? I guess they don't read av-test.org either.

Lab tests are irrelevant - show me a report that says that MSE users actually get infected more often than users of other AV programs.

Just don't spend too long looking for it, because it doesn't exist.

[WarrenH]

I dont agree, whenever I've encountered a serious virus (twice in 14 years of computing) very expensive software hasn't provided any help - anti virus software is always "after the fact" - updates are made once virus' are identified. I now use MS Sec Ess on my 4 machines and it costs me nothing and I'll still get caught if I'd have spent the money.
Please note, I'm talking about serious virus', for lesser normal known viruses MS works just fine. I back up and image my drives so a virus may only require a reinstall. I'm convinced virus software is one of lifes big cons.

[makryger]

That's an interesting website... I realize these are all lab settings, and so it may not apply in real life, but it is worth taking a look, especially how terrible of a rating MSE gets.

I will say that I use MSE on all my PCs and it doesn't really interfere with anything. Thats the most important part for me- some basic amount of protection, without causing issues with installations or slowing down the PC. (Although I was expecting the 'slow-down' score on the AV-TEST site to be minimal for MSE, but apparently it slows down the PC on average by 9 seconds! That is below industry avg per the site, but still a lot in my opinion.)

I do like that MSE is free, and doesn't have any advertising. I'm not sure which of the free options on that AV-TEST site don't have advertising. I do recall using AVG for a period of time, and it's popups were very annoying. Not sure if thats changed. Though according to that site, it has a minimal slowdown time (6 seconds) and still protects quite well. Hrmm..

[STC]

No AV here on my HTPC.
Never ever had an issue.

[Motz]

AV is not really necessary on a HTPC. Even on Windows 8 now most of it is built all in. If you are rocking a Windows 7 HTPC you can go with Microsoft Security Essentials. This is the only AV i have ever and will ever recommend.

[barnabas1969]

I agree with most of what's been written here for a dedicated HTPC that is only used to occasionally browse well-known websites. Of course, I realize that even well-known websites can be hacked and trojans can be downloaded from those websites without your knowledge.

I have to question the validity of the "protection" score on that av-test website. They rate AVG with a protection score of 5/6 and Avast with 4.5/6, while MSE only gets 1.5/6. If you look at the detailed numbers for each of those products, you'll see that the x/6 rating is heavily weighted towards the "0-day" malware. I'm not sure that's a fair way to weight the rating. Detection of "0-day" malware requires some pretty good heuristics scanning, that's true. But how often are you going to find "0-day" malware on sites like Microsoft.com, Google, or many of the other common websites. I do occasionally bring up a page from TGB.tv on my HTPC, and I recognize that a site like this is more likely to be infected, but I rarely look at this site on my HTPC.

I use MSE on my HTPC because it is totally non-intrusive (meaning that there are no annoying pop-ups). I use Avast on my other PC's, but I hate the stupid pop-ups from Avast. They've become so intrusive with advertising lately, that I'm about to switch to AVG.

[foxwood]

I do occasionally bring up a page from TGB.tv on my HTPC, and I recognize that a site like this is more likely to be infected, but I rarely look at this site on my HTPC.

My understanding is that a lot of the problem of web-site based infections comes from infected ads, which are usally hosted by a 3rd party, not by the website that you're actually visiting. As this site doesn't carry ads, it's probably a lot safer than many more "mainstream" websites.

I also read that Kasperksy AV, which got a high score in that report, put out an update at this weekend that prevented XP users accessing the web, which in turn made it impossible for them to download the update that fixed the problem.

[barnabas1969]

I do occasionally bring up a page from TGB.tv on my HTPC, and I recognize that a site like this is more likely to be infected, but I rarely look at this site on my HTPC.

My understanding is that a lot of the problem of web-site based infections comes from infected ads, which are usally hosted by a 3rd party, not by the website that you're actually visiting. As this site doesn't carry ads, it's probably a lot safer than many more "mainstream" websites.

I also read that Kasperksy AV, which got a high score in that report, put out an update at this weekend that prevented XP users accessing the web, which in turn made it impossible for them to download the update that fixed the problem.

Wasn't this site hacked once, and the hackers managed to lock the admins out of the site (meaning that they had access to the database)? You're correct about the ads, but many sites that are operated by smaller companies and individuals simply aren't secure enough to prevent hackers from hacking directly into the server-side code on the site and/or the database. The same is true of many Internet merchants... even some of the larger ones (Monoprice anyone?). I wouldn't recommend ever using your HTPC to purchase stuff.

EDIT: And since this site is running free, open-source PHP code... anyone can get the source code and find the vulnerabilities. I would imagine it's using MySQL and PHPMyAdmin too, with an FTP service (which is not encrypted, even the passwords are sent in the clear) for uploading PHP and other files to the site by the site admins.

[makryger]

Wasn't this site hacked once, and the hackers managed to lock the admins out of the site (meaning that they had access to the database)? You're correct about the ads, but many sites that are operated by smaller companies and individuals simply aren't secure enough to prevent hackers from hacking directly into the server-side code on the site and/or the database. The same is true of many Internet merchants... even some of the larger ones (Monoprice anyone?). I wouldn't recommend ever using your HTPC to purchase stuff.

EDIT: And since this site is running free, open-source PHP code... anyone can get the source code and find the vulnerabilities. I would imagine it's using MySQL and PHPMyAdmin too, with an FTP service (which is not encrypted, even the passwords are sent in the clear) for uploading PHP and other files to the site by the site admins.

Lol, you've got quite the imagination, barnabas. We ended up deciding early on that the rarely-used TGB.tv homepage wasn't worthwhile, so we redirected to the forum itself. Somehow, there was a single instance when using Bing that did not redirect. A hacker found an exploit in the homepage, and put in his own redirect to a nonexistant site that resulted in a 404. It affected a very small subset of people searching for tgb.tv using bing, and didn't result in anything of consequence.

No hacked site. No locked out admins. No access to the database. No phpbb breach. Not saying that this cant happen, but all of your assertions are incorrect.

[richard1980]

I'd say a user placing PHP code where PHP code shouldn't be placed by users constitutes "a hacked site". Maybe it wasn't hacked the same way that barnabas imagined it, but it was hacked nonetheless.

Also, it wasn't limited to just Bing. The header redirect was output for specific pre-defined referrers, which included Bing as well as Yahoo and AOL (both of which I personally verified).

[Motz]

There are different of sites getting hacked and it is possible for any site to get hacked. A few of my word press sites got hit through a javascript exploit, and that same day thousand upon thousands of other sites did as well. It is all how you handle your backups and ensure your site is up to date. TGB.tv runs on phpBB which as long as you keep it up to date you are good to go.

securing the .htaccess is a great place to start.

However we could argue over website security all day. I stick with my original statement I am pretty against AV on most PCs, especially HTPCs as they just bog it down. Maybe it is just because I have never had a virus in the last 14ish years on any PC that sways me a bit.

[TeddyR]

.... .... ... Detection of "0-day" malware requires some pretty good heuristics scanning, that's true. ... ... ... ..

It is precisely the heuristics scanning that these other AV programs attempt to do that causes the issues with WMC and network tuners. The logic used for the heuristics seems to have many conditions that get easily tripped by the "by design" nature of how WMC work...

[AllanPep]

I'm using a different antivirus called Unthreat Antirivurs. It's not as well known as the other free antiviruses you mentioned but I really like it - mostly because it doesn't slow down my computer when it scans it. It has a good detection rate and I haven't had any issues with my computer since I got it so I guess it gets the job done.

[barnabas1969]

Wasn't this site hacked once, and the hackers managed to lock the admins out of the site (meaning that they had access to the database)? You're correct about the ads, but many sites that are operated by smaller companies and individuals simply aren't secure enough to prevent hackers from hacking directly into the server-side code on the site and/or the database. The same is true of many Internet merchants... even some of the larger ones (Monoprice anyone?). I wouldn't recommend ever using your HTPC to purchase stuff.

EDIT: And since this site is running free, open-source PHP code... anyone can get the source code and find the vulnerabilities. I would imagine it's using MySQL and PHPMyAdmin too, with an FTP service (which is not encrypted, even the passwords are sent in the clear) for uploading PHP and other files to the site by the site admins.

Lol, you've got quite the imagination, barnabas. We ended up deciding early on that the rarely-used TGB.tv homepage wasn't worthwhile, so we redirected to the forum itself. Somehow, there was a single instance when using Bing that did not redirect. A hacker found an exploit in the homepage, and put in his own redirect to a nonexistant site that resulted in a 404. It affected a very small subset of people searching for tgb.tv using bing, and didn't result in anything of consequence.

No hacked site. No locked out admins. No access to the database. No phpbb breach. Not saying that this cant happen, but all of your assertions are incorrect.

I must be thinking of a different site then. I received a weird e-mail from one of them once. I ignored it. A few days later, I got a new e-mail, apologizing for the first one, and explaining that their site had been hacked in the way I described above. Sorry that I got the two sites mixed up.

Richard is correct though... if someone was able to replace your PHP code, that was a pretty serious breach.

[richard1980]

I stick with my original statement I am pretty against AV on most PCs, especially HTPCs as they just bog it down. Maybe it is just because I have never had a virus in the last 14ish years on any PC that sways me a bit.

I'm with you there.