Main Area and Open Discussion > General Software Discussion

AntiVirus with decent anti-spyware (realtime) detection

<< < (3/9) > >>

Paul Keith:
As far as recent reputation to my knowledge, only Avira is known for that but it's primarily sold as an antivirus scanner but it's been recently gaining more and more recognition as the antivirus scanner that I've read some even say it's one of the few antivirus scanner that can detect spyware but most of my impression was from this forum.

Just don't buy the premium version other than for supporting the product. Webguard can mess up your internet connection even when disabled. A problem not really exempt from Avira. Even Nod32 has it.

SKA:
FWIW, here's my two cents, all ideas from Wilders' forums :

1. Last 2 years use of software firewalls became very popular -now many antivirus players have added firewalls into their "suites". IMO best suites are : AVIRA, ESET, KasperskyIS (in increasing order of system impact). NortonIS 2009(now in beta) when released may also be a contender.

2. This year's fashion is HIPS (Host Intrusion Protection System) - many users adopted HIPS in various forms (Online Armor, Defense Wall, Geswall, SSM-System Safety Monitor, DriveSentry ,Threatfire etc) apart from antivirus/ firewal combos. HIPS rely less on daily updates/signatures and more on a whitelist approach, if my understanding is right.   

3. In fact a compatible HIPS(DefenseWall, Online Armor etc) + light Antivirus (Avira or Eset) may have less system impact & be more proactive than an AV+firewall combo.  For XP : it maybe worth to add a software firewall or use LUA(limited user account) + SRP (Software restriction policy) to "harden" systems. For Vista a HIPS does not seem critical (as yet), also its inbuilt firewall is quite okay. 

Some users on Wilders say they stopped using realtime AV's altogether-  relying on HIPS alone or with LUA/SRP . They use online AV services like Jotti,Virustotal etc to checkout suspect files reported by their HIPS .

Useful links on LUA & SRP:
http://www.wilderssecurity.com/showthread.php?t=200772
http://www.mechbgon.com/srp/

4. Spywares: No AV product has 100% or even 90% removal for the huge variety of spywares/trojans infesting the net.  I recommend two specific antisypware products to run on demand & which shouldn't conflict wth AVs(Avira or Eset).
   - SAS - Superantispyware.com
   - MBAM -  Malwarebytes.com

5. Special infections may call for custom fixes like SmithfraudFix, Vundofix, Combofix, SDFix, etc.
Running a HijackThis scan peridocially can help to locate suspects on your system with advice from experts at specialised forums like spyware warrior, bleepingconputer, castlecops, etc. 

SKA

Paul Keith:
Thanks SKA. Those seem to be in line with what I know except for HIPS in fashion. Wasn't there this new program, Recover something that was a System Restore like software even better that was all the rage back then?

Also Hijackthis De, a worthwhile companion to Hijackthis for those who don't know.

Edit: Also what's the best HIPS right now?

SKA:
@Paul Keith :
"recovery" could be: First Defense ISR, Returnil, Shadow Defender , Power Shadow, Rollback , Deep Freeze etc -
So many new products out esp from China with less publicity & support (english forums) - only at Wilders is where "beeding edge " products get announced /discussed <grin> . I really dont know any other forum where HIPS' are discussed in depth.
 
The Hijack de link is really useful for fast diagnosis - thanks  !

Best HIPS ? Difficult to answer as the "tech" is quite fluid,with lot of hype.
Geswall Pro - author missing in action ?
Defensewall HIPS - author Illya Rabinovich is quite active & popular on Wilders. 
Online Armor (HIPS + firewall) is what I use now.   
Maybe others can chime in.

SKA
 

Paul Keith:
Thanks. Those were really helpful! I've mostly been lurking on Wilders so I really didn't have a good grasp on many of the topics except when they talk mainly about antivirus software. Yeah, Returnil was what I was thinking of. I still haven't installed it but it does seem to be a more efficient alternative to HIPS since you actually get to test the software before rolling it back.

Navigation

[0] Message Index

[#] Next page

[*] Previous page