Need HIPS Advice for AntiVir

Hi guys,

Long time no see. Have some quick questions.

I finally decided to ditch KAV AV. The latest version broke my system which is running ZoneAlarm. New versions of KAV have always been a pain, and I got sick and tired of their lackadaisical approach to customer support.

Anyway, I installed AntiVir Personal Premium Trial on Windows XP as a temporary measure to keep me going. I've been away for a while, so I would like a quick update. Here are the questions:

1) KAV has always been excellent for AV protection. Will AntiVir Personal Premium give me comparable?

2) Since the days I used ProcessGuard, I have always felt safest with some HIPS, e.g. the one that is included with KAV. Right now, I temporarily installed OA Free. However, I would prefer some registry protection. I looked at SSM, but in the old days, when I was testing HIPS, SSM use to crash my system. Is it more stable now? Does it give me additional protection lacking in OA (e.g. registry protection)? Is there a better choice.

Thanks for any help that you can give.

Rich

 

1)Yes
2) I think that the best combo would be with Mamutu.

 

Combo's really working well

Comodo free (with D+ as a HIPS) + Antivir free, when you want to replace ZoneAlarm

EQS free (search WIlders/see CastleCOps) 3.41 is really an excellent HIPS, when you want to keep Zone Alarm (so EQS free + Antivir free)

You maybe want to use Antivir free for a while, until A2 Malware (has the IDS of Mamutu) version 4 will come out (with excellent Ikarus AV engine also)

 

It's out https://www.wilderssecurity.com/showthread.php?t=221982

 

Thanks for the info. Mamutu is new to me. Is it well supported and stable on XP. HIPS is more of a luxury for me than a necessity, since I am a pretty safe surfer, so I would like to minimize any problems caused by security software. Thanks for any additional info.

Rich

 

yes Avira is a excellent replacement and far as hips you may want to check this new contender.http://www.torchsoft.comon going thread here.https://www.wilderssecurity.com/showthread..php?t=217522

 

Yes, Mamutu is very stable. It doesn't conflict in any way with Avira, since Avira doesn't have any behaviour blocking functions.

 

Hi,

Thanks for the info. I will have to check this software out. It looks like I am going to have to do a bit more investigation than I would like, but this always seems to be true, when I am switching security software. I hate this, but I guess I have to do it. Thanks for the suggestions.

Rich

 

Hi,

I'll check it out, though I am reluctant to use anything new. HIPS is more of a luxury than a necessity, so I do want something that is very stable and well supported. Thanks again for your suggestion.

Rich

 

If you want something free, you could always stick with ThreatFire if you don't mind it's been taken over by the yellow behemoth...

 

I don't mind paying for the software, if it is reliable and stable. I just want something running in the background that gives me a nice, safe feeling, just in case. My friend, just got a trojan which is causing him all kinds of troubles. He was running McAfee. KAV was a bit of a pain at times (especially the Proactive Defense), but it didn't cause me too many problems. I want something comparable. Thanks.

Rich

 

Take a look at Prevx 2.0 if you are looking for something that is pretty well set and forget and works good alongside Avira.

 

Avira is an excellent choice for an AV. Id also suggest to replace Zonealarm with Outpost Pro 2009. It has a fantastic HIPS module built into the firewall.

 

I have been using SentryDrive alongside AVG free. Runs very light although I am not sure if its classed as a full HIPS Program. I am sure that would run well with Antivir. My Father is using Antivir premium with comodo firewall wall which works well together.

Cheers

Jlo

 

Rich,

What also compliments each other nicely

OA free with DriveSentry free (includes registry and data access protection which free version of OA is lacking) combined with Avira.

This combo is a real easy to install and use, since they both use black and white lists of applications. You could drop ZoneAlarm (since OA is FW)

 

Rich, I guess you already have considered running in a restricted account and applying a software restriction policy, which together are a HIPS in itself.

/C.

 

For me it is clumsey to run a restricted account, since I am installing software fairly frequently. Am I missing something?

Rich

 

Thanks for the advice. DriveSentry seems to be new, and the forum has pretty light activity. I am wondering if it is reliable and stable. I remember OA from a ways back, and they strike me as a company that has a history of strong software engineering. Does DS have a similar history?

Rich

 

I am a bit reluctant to jetison ZoneAlarm for Comodo, since ZA has been very reliable for many years now. Are there reasons I should consider replacing ZA if reliability and stability are priorities for me?

Rich

 

Thanks. I will consider it, though I am a bit reluctant to complete turnover all of my security software. I would need to go through a learning curve with Outpost.

Rich

 

I had terrible experiences with Prevx, back when, and I don't think I want to revisit their company, unless there is a very good reason to do it. Thanks for the suggestion, I will investigate.

Rich

 

New OA has this incredible feature (it is an option), allow without pop-up AND run this unknown program in a limited user environment. So other users on the PC are not bothered with HIPS questions.

Same applies to DriveSentry they sold their software to a few big customers. So this will generate cash for on-going development. In its current status of development (third release) it has all the feautures you are missing in the OA free (registry protection), plus additional data protection. Those two features are the basic functionality of the initial program, so this is stable. They are developing the software further, nut when using it with OA this extra are irrelevant.

 

Out of curiosity, what was your bad experience with Prevx and is there anything I can do now, retroactively of course, to help alleviate your bad feelings?

 

To supplement Avira, I recommend Mamutu (behavior blocker/IDS) or Malware Defender (classical HIPS).

Before considering Prevx, I strongly suggest you visit their support forum and read comments by their actual customers.

Prevx reps are making many promises here on Wilders forum, but their customers still are not receiving consistently adequate support on Prevx's own designated support forum. By reading several posts at Prevx's own forum, I think you will see that their so-called "support" has often consisted of one or the other of: (1) no reply, OR (2) unfulfilled promises of fixes & better things to come (month after month after month of unfulfilled promises).

I now have hopes that Prevx actually WILL come through with a new version some day, but until that ACTUALLY becomes reality instead of mere promises -- caveat emptor!

I find it odd that Prevx's own forum is all but abandoned by them whereas they are actively posting here at Wilders. Prevx should either remove their stagnant support forum at CastleCops, or else act to make it a TRUE support forum with prompt and workable help provided to current customers.

 

I have no clue who's behind CastleCops operation but their "uptime" (or should I say rather downtime) is so totally ridiculous that the whole site would better be moved to /dev/null...