Best Antivirus Defense, Least System Resources, Auto-Update?

Discussion in 'other anti-virus software' started by digital, Sep 13, 2004.

Thread Status:
Not open for further replies.
  1. digital

    digital Guest

    I am looking to switch Antivirus software.

    I've used NAV for years, but lately it has been such a resource pig, and has not been very effective (despite it's vb100% rating)

    I'm running Windows XP SP2

    My priorities are:
    1. Detects the most bad stuff (real world).
    2. Least impact on system resources.

    Wish List (Nice but not necessary):
    1. Auto-Update
    2. Easy to Use

    Can anyone offer any suggestions?
    Thanks!
     
  2. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    F-Prot/Command
    NOD-32

    Those are probably the ones you'll hear about the most when it comes to high quality/low resources.

    Oh yeah, F-Prot & NOD32 both auto update. I've never tried Command, but I'm sure someone here will know.
     
  3. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    DrWeb is another that meets your criteria.
     
  4. digital

    digital Guest

    What about KAV?

    What about KAV?

    I've heard that it has great detection.
    How is it on system resources?
    I read a post about Alternate Data Streams, and KAV creating one for each file...can anyone explain what this is, and what the implications of this is?

    Thanks for the feedback!
     
  5. TAP

    TAP Registered Member

    Joined:
    Aug 17, 2004
    Posts:
    344
    Hi,

    In my opinion, if you mainly focus on " real-world threats " so I have to say that there're no anti-virus can do these for you, really. :)

    Because the ways that most anti-virus/anti-spyware/anti-trojan do to defense will still be one or two step behind the malware writers. You have to look for something that can be implemented/replaced the traditional anti-virus, something like behaviour blocking or host intrusion prevention that don't rely on old signature-based method or unreliable heuristics analysis. So it should better protect you from real-world-real-time threats and zero-day attacks.

    I'd like to recommend you to try Prevx Home Intrusion Prevention (freeware) to implement the traditional light weight AVs such as NOD32, AVG 7, F-Prot and other security suits. Prevx Home doesn't rely on signature-based method but detects potential attacks by their behavior so it can detect (theoretically) malware that can bypass your traditional anti-virus/anti-spyware/anti-trojan.

    It seems overkill but it works for me. :)
     
    Last edited: Sep 13, 2004
  6. sard

    sard Registered Member

    Joined:
    Apr 18, 2004
    Posts:
    175
    Location:
    UK
  7. Edson Miranda

    Edson Miranda Registered Member

    Joined:
    Sep 14, 2004
    Posts:
    1
    If you don´t know, I'd like to recommend you to try ViRobot Express 4.0 from Hauri Inc. :D
    You can download a demo thru http://www.hisecur.com.br/04_antivirus_hauri.asp
    It is a very good solution because has antispam and antispyware integrated, and it can recover all files infected by viroses.
     
  8. BrainWarp

    BrainWarp Registered Member

    Joined:
    Aug 26, 2004
    Posts:
    287
    Another vote for Dr Web---super protection with very low resources
     
  9. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Thx TAP,Prevx IDS looks interesting.
     
  10. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Been on the Prevx web site,if its free why do they have partners and resellers listed?
    I may be being cynical(again!)but it seems a little "too good to be true" type of program
     
  11. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    Prevx makes their money from their corporate product and soon to be release Pro version of the home product. It's almost too good to be true, but it's true and pretty damn good. :)
     
  12. FlashGordon

    FlashGordon Registered Member

    Joined:
    Jul 3, 2004
    Posts:
    27
    How's Prevx different or similar to ewido?
     
  13. lynchknot

    lynchknot Registered Member

    Joined:
    Jun 26, 2004
    Posts:
    904
    Location:
    SW WA
    What do yoiu think of turning off our AV monitors and just run "on demand" occasionally - since we are using Prevx?
     
  14. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    Prevx is generic detection that requires no signature updates. I would guess that is uses behaviour monitoring and some sort of heuristic anylisis to prevent malware infection. It also monitors registry activity, prevents buffer overflow attacks, and prevents dll modification. This software is ment for prevention as opposed to detection.
    Ewido, on the other hand, is geared toward trojan detection. It uses signature updates to detect trojans. Ewido seems to find other malware like some spyware & probaby some viruses but trojans is what the software is aimed at. It uses a real-time monitor and an on-demand scanner similar to an anti-virus.
    I'm guessing that the two products would work well together. I use prevx & ewido but I have ewido's background monitor turned off. I don't know how well they play together with ewido's monitor on.
     
  15. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Have downloaded and installed prevx(I put my cynicysm away!)seems like a nice program(especially for a freebie!)seems to be a combination of Ad-watch and ProcWatch from LavaSoft.
    Its quietly ticking away in the system tray at the moment,I will have to Keep an eye on the "Event History"logs to see if it does catch anything my other security programs miss
    Steve
     
  16. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    No need to watch Alert History. You'll get popup with Allow/Deny options when something suspicious happen.
     
  17. sard

    sard Registered Member

    Joined:
    Apr 18, 2004
    Posts:
    175
    Location:
    UK
    I've just installed Prevx and it has little descriptions of the various methods it uses to protect you. One method "Registry run key protection" seems so obvious I wish I'd thought of it before. When I was last infected by a trojan it had inserted lines into the registry to run itself, and this would have stopped that. There's nothing magical about Prevx, it just monitors several areas of the system that are often manipulated by malware, but does require extra user interaction when activities (often legitimate) are detected. I'm going to keep using it for the time being and to see if it does catch anything.

    After many recommendations on this forum I've also installed a 20 day trial of Dr.Web as my NOD32 subscription runs out next month, so it's time to make sure there's nothing better about.
     
  18. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    I have heard that Dr. Web doesn't like being installed after other AV apps have been used, particularly KAV, but I have never tried so I don't know for sure. You may want to make sure you clean the reisgtry of all other AV entries if you have any problems with it.
     
  19. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    I'll still have to keep an eye on history:-I've 3 kids(teenagers)that use my PC for web access,they dont always(read never!)let me know if a warning pops up about anything while they are using it!
    Steve
     
  20. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Well if thats the case,then i recommend you to create limited user accounts just for them.
     
  21. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    I won't say that this isn't factual. However, I have several AntiVirus programs on my computer, including DrWeb. DrWeb makes no complaint unless its Real Time Monitor (RTM) is run at the same time as another antivirus program's RTM.

    However, it's usually prudent to err on the side of conservatism -- so doing as flyrfan suggests might save you a bit of inconvenience.
     
  22. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Those three would be my choice also. command will auto update.
    bigc
     
  23. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    They are on limited user accounts but that doesn't stop them receiving nasties via email or malicious code embedded in web pages!
    My system is pretty secure and I know things should not get through but I like to know what attempts have been made:-so I log all events
     
  24. riot_blood

    riot_blood Registered Member

    Joined:
    Sep 1, 2004
    Posts:
    50
    Hello Everyone

    Digital try Trend Micro Internet Security 11
     
  25. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    F-Prot allows a user to buy it ($29) and then use it on ALL home computers for that one low price! I don't believe Command or Dr. Web does this. I installed a trial of F-Prot last night and so far I really like it! I like it much better than any other AV I've tried (except KAV 4.5 which costs a lot more and the license is just for one computer). It is faster than NOD32 and not bloated like NOD32 has become. In some ways it reminds me of the good ole days of NOD32. It right click scans a zipped file of 597 viruses much faster than NOD32 and finds considerably more (it only misses 11). It does a full scan in less time than NOD32 on my XP Pro box. I haven't tried it yet on my 98SE one.

    I haven't tried Dr. Web so I can't compare it to that one.
     
Loading...
Thread Status:
Not open for further replies.