Ahnlab V3 Lite - Free South Korean Antivirus

Discussion in 'other anti-virus software' started by sg09, Apr 7, 2019.

  1. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    But in this case - if they are actually Java web apps, it is running on their own servers, not on your own computer. The articles you are linked to are about running Java locally on your computer, which of course requires the Jara runtime environment to be installed. This is a completely different situation to Java running on a web server, as the code is running on the remote server and not your computer.
     
  2. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Roger, I get your point & really appreciate your careful explanations. Also, I am quite sure that ahnlab's folks are fully competent to make sure that any & all the stuff that they run in their own shop is fully *safe*.

    I just wanted to make the point that Java is not a good option for me & other everyday web surfers. Incidentally, as my final OT post about Java in this thread, I would like to briefly quote part of Firefox's statement about their cessation of enabling Java...
    (source of quotation is at HERE.)
     
  3. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    @bellgamin This has got absolutely nothing at all to do with your computer. Java is used on the web server to generate the web pages. On your computer, Java is not used at all, as everything is generated on the web server.
     
  4. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    It's the Java plugin that is the door, & that plugin must be on one's computer. Roger, I have quoted just a few of many web pages wherein it is stated that Java is an acknowledged security target for computers (JRE) & browsers. Are you saying they are all wrong?

    If a server sends me a malicious Java program (on purpose), or an infected Java program (unintentionally), & I have the plugin (or JRE) & accept it, then I will become infected. I will become infected BECAUSE a Java program has run. If I do not have the plugin (or JRE), then my computer is incapable of running Java so I will NOT be infected. Simple.

    All things being equal, I advise against having the Java plugin on one's browser, and the Java Runtime Environment (JRE) on one's computer.

    I acknowledged the accuracy of your comments. Are we splitting hairs or having commo problems?
     
    Last edited: Apr 13, 2019
  5. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    @bellgamin But the Java plugin is not used. Java is used on their web server to generate a normal web page which contains no Java.
     
  6. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Did you miss my statement, in my post #27, where I changed my discussion FROM talking about what runs on ahnlab's servers TO talking about running Java on user's computers? Namely, I stated that: "I am quite sure that ahnlab's folks are fully competent to make sure that any & all the stuff that they run in their own shop is fully *safe*. I just wanted to make the point that Java is not a good option for me & other everyday web surfers."
     
  7. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    I did. Yes, it is better to avoid Java. If you keep Java updated, it's much harder to get infected, but it's still better to not use it, unless you really need to
     
  8. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Roger, your signature indicates you are still running Panda Dome. Are you still running V3 (I hope) & -- if so -- is it on the same computer with Panda?
     
  9. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    No, I need to update my siganture. I've been using 360 Total Security Premium (the paid version) on a few computers for a while now and I am no longer using Panda. I'm running V3 on another computer to test it.
     
  10. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    @roger_m Do you know how we submit False Positives and Bug Report, Translation Errors to the developers? And also False negatives?
     
  11. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Did you check Roger's post #20? He gave the address as e-support@ahnlab.com.
     
  12. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    Oh missed it. :p
    @roger_m I can't find the English online manual. The site is in Korean. Can you link it here?
     
  13. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    https://help.ahnlab.com/V3Lite4.0/en_us/start.htm
    Alternatively, you can click on ? icon in the top right corner and then click on Help. There are other options too, when you click on the ? icon, such as submitting malware samplles, but they all open Korean web pages, so are not of much use for now.
     
  14. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    Thank you. The English manual seems to be useful.
    Malware can be submitted through Global Website too. I think both are same although Global Website doesn't list V3 Lite.
    https://global.ahnlab.com/site/support/supportMain.do

    By the way @roger_m , do you think the Anti-Ransomware folder works as it is intended? I added a few folders in it and can still open files in those folders using a software installed in my PC. Shouldn't the Anti-Ransomware module deny that?
     
  15. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    8,627
    I haven't tested it, so can't help you on that one.
     
  16. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    I am no expert on this topic (far from it, in fact) but it is my understanding that *protected folders* are not designed to protect their contents from any & all apps, but only from those apps that are malicious or suspicious OR act like they are malicious or suspicious. If you put a file into a protected folder, and you yourself became unable to access it with legitimate apps, then it would not be a very helpful situation.

    The best eduction I have found concerning protection from ransomeware is on a Wilder's thread at HERE.

    Personally I think the best protection against ransomeware, infections, or hardware failure is to image often on a removable drive, & retain images for several weeks, minimum. I often use AVs but would never rely on them as my first line of protection.
     
  17. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    @roger_m No problem! :)

    @bellgamin Thank you. I will go through the thread. I missed it somehow. :thumb:
    I think determining the suspicious nature of a process/app depends on the efficacy of the software. So, IMHO a complete whitelisting by users is a more desirable option albeit annoying. :)
    Anyway, I was wrong about V3 Lite. Yes, it lets any app open the files on the protected folders but isn't letting them write anything on the folders. So, I can't modify/save files using any software to that folders unless I manually copy & paste. It offers whitelisting of trusted apps though. Only then the trusted apps can modify/save files in those folders.
    2019-04-14_142721.jpg
     
  18. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Great information, sg09. Thanks for testing this aspect of V3.
     
  19. sg09

    sg09 Registered Member

    Joined:
    Jul 11, 2009
    Posts:
    2,811
    Location:
    Kolkata, India
    You are welcome. :)

    This is the second kind of alert posed by Anti-ransomware folder.

    2019-04-14_201311.jpg

    The one I posted before was the pop-up I received while saving a file from Edge Browser to a protected folder. The alert indicated that V3 Lite can't whitelist the process (browser) as it often is exploited by Ransomware.

    In the current case I was saving a screenshot to the Protected Folder using FastStone Capture and here V3 Lite gave me an option to whitelist the process. Quite intriguing IMO how it decided to segregate the pop-ups.:thumb:
     
  20. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    It seems that ahnlabs has carefully crafted its anti-ransomeware component.
     
  21. guest

    guest Guest

    "Anti-ransomware" are just marketing tricks to attract customers.
    Any AV with a decent BB or HIPS module,(which all should have) shouldnt need this.
     
  22. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    Hello guest, good to see you.

    Laundry detergents do not need suds, but people doing laundry expect to see suds in the wash -- they regard the suds as a sign that the detergent is "working." So detergent companies ADD unnecessary ingredients to cause their detergents to make unnecessary suds, even though the suds are not useful in getting the clothes clean. If their detergent doesn't have suds, it won't sell.

    I take your word that Anti-Ransomeware (AR) is a marketing trick. But many leading AVs offer them so I suppose, like unnecessary suds, a competitive AV must include an unnecessary AR.

    Ahnlab's V3 does include a behavior blocker. I have no idea as to how good it is. Neither do I have the means to test it. I would very much appreciate yours (or anyone else's) opinion about the efficacy of V3's behavior blocker.

    Grace & peace to all. :-*
     
  23. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    True, and in fact, no single AV (non-sandboxed) has successfully protected zero-day against all ransomware.
     
  24. guest

    guest Guest

    Sorry to disappoint you, but I won't even waste my time thinking about installing it. There is no reason to me, to use obsolete and weaker mechanisms that what I'm using now....
     
  25. guest

    guest Guest

    If it were just ransomware...
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.