Antivir

I cant find webgaurd settings i think i installed it ok? it also detected my spywareblaster exe during scan hlp

 

You need to run Modify in Add/Remove Programs after install to add Webguard...

 

It has been stated that the detection of SpywareBlaster is a false positive and will be corrected.

http://forum.avira.com/wbb/index.php?page=Thread&threadID=72035

You can find the Web Guard settings by going into configurations in expert mode. At least according to the help file.
I don't use the Web Guard myself so it's not showing in my window.

Dan

 

thanks..Danny why dont you use webgaurd can i ask?

 

I just don't like the lulls caused by web guards when surfing.
I am a fairly safe surfer and visit several sites quite regularly.
Generally, your av should catch any nasty that a web guard would have caught on the web.

On one computer I use the Avira suite with Ges Wall and I don't install the web guard.
On the other I use Avira free with Online Armor paid which automatically installs the web guard but it can be turned on and off like a light switch.
Now if I was taking a trip to the dark side, well that would be an entirely different story. LOL
All a matter of preference.

 

lol the dark side, ok do you think the webgaurd slows you down anymore though?

 

Yes I do.
Some more so then others depending on which software you're using.
To be truthful, none of the lulls or delays are that bad.
I'm not a very patient person and expect the web pages to jump from one to the other.
As I mentioned earlier, it's a matter of preference, just as one's surfing habits or choices.
No harm in using web guard for the extra protection.

 

I use WebGuard just because it doesn't slow down my surfing (not noticeably at least)

 

But the spywareblaster false positive is a drag...How long must it take to solve this?! It started over 24 hours, and many updates, ago.

 

Webguard does slow down web page loading to some degree- albeit a fraction of a second-but it is slower than not having the webguard.

My view is that you don't need it since the guard will catch anything that executes. One school of thought is that the webguard is totally irrelevant (in terms of protection) but was added because of the wishes of an ignorant public. It is argued it provides another "layer" of protection, but does it really?

I simply don't install webguard in Avira Premium.

 

I totally agree with you in that

 

Without a HTTP scanner, an antivirus cannot block malicious scripts before they are read and executed by a vulnerable network program, even if the scripts can be detected. By the time the scripts hit the local cache to be scanned, the browser will already have interpreted them, and their work is already done. Many products include signatures for malicious scripts in their databases, but some of them have no way of stopping these scripts even though they can detect them.

The people who follow the school of thought quoted above, are actually no wiser than the "ignorant public" that they hold in contempt.

 

I for one would rather let webshield stop at the virus at its tracks than let it enter and get detected. Far better approach. One of the reasons I used Avast for a long while, they were among the first to implement web shield and the idea of the network shield is good as well as it keeps junk from a dirty public LAN at bay.

 

If an AV-scanner can detect a threat, it has already entered your system You can't scan files without them touching your computer - that would require some voodoo-magic that none of today's products have.

Not that it matters, as the threats are still blocked before execution.

 

This may or may not be true, depending on the browser you use. Some browser behave like you describe, while in other browsers the files are read from cache so that a regular file-monitor will give enough protection, without the need for a webscanner.

BTW, the job of stopping malicious scripts is not really up to an AV, but should be handled by the browser itself, by not allowing dangerous scripts in the first place. So if you browser is fully updates with no known vulnerabilities you should have nothing to fear. Unfortenately some vendors (*caugh* Microsoft *caugh*) are a little slow in their patching departement.

So basically, wheter you feel the need for a dedicated webscanner is entirely up to what kind of browser and settings you use (and browsing habbits perhaps )

 

Yep most likely its in the cache and nowhere else.

 

That is not correct- it depends on your browser and settings and most all properly patched browsers will protect you. Http scanners are relatively new and few AVs have them- so there would be countless past and present infections if your premise was true- there aren't- so your premise is false.

 

This is Stefan Kurtzhals opinion about HTTP scanners.

More then clear.

 

Exactly what I feel.

 

Yes, that pretty much sums it up....

 

So show us how to configure, say, IE, so that AntiVir (minus its HTTP scanner) can scan scripts before the browser interprets them. I'll save us the time and tell you what the inevitable outcome is: you can't.

A patched browser is one of the many methods to stay safe from exploits, but it doesn't make your erroneous statement any less wrong. HTTP scanners are neither irrelevant in terms of protection, nor are they added because of the wishes of an ignorant public.

Also, what do "countless past and present infections" have to do with the fact that some antivirus scanners are unable to block exploit scripts before they are interpreted by the browser?

 

So, for example, when AV companies added wmf exploit sigs to their progs they were doing it for decoration only, since it would be too late according to Stefan?

Even if I used an HTTP scanner, I woudn't rely on it to prevent expoits based on unpatched browsers, since the during the last wmf fiasco, many AV vendors were slow in adding the detection:

http://news.cnet.com/Antivirus-makers-catch-up-to-Windows-bug/2100-1002_3-6018696.html?hhTest=1

I would be interested in seeing some detailed tests (using more than one AV) if anyone has any links showing how a browser exploit can be prevented with an HTTP scanner but allowed to do damage when only the active monitor is enabled. Is it possible that the sigs used for the HTTP scanner are easier to make than the sigs for the active monitor?

 

avira's webguard is very light on resources compared to other product. it's lighter than AVG and AVast Web Shield. But compare to ESET Real time Threatsense technology it's only 2nd place.

Avira is better than Avast that for sure.

 

+1 on this... Also, haven't had any issues w/ their webscanner so far, can't say that about Avast. AVG 8.0 is plain horrible, will be replacing everyone's AV with an alternative solution.

 

Clearer than water