Gaps in Coverage with These Tools?

Discussion in 'other anti-virus software' started by Hangetsu, Jan 5, 2008.

Thread Status:
Not open for further replies.
  1. Hangetsu

    Hangetsu Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    259
    Hi all!

    In my seemingly never-ending search for Vista security :D , I'm looking at AVG and Avast Pro. I'M NOT LOOKING FOR A COMPARISON, OR SIMPLE "X IS GREAT" posts (hopefully that satisifies the mods :D )

    What I'd like to know is what gaps in security remain in each tool on a Vista machine. For example, I don't think Avast Pro includes a firewall. In particular, are there any gaps with rootkits, keyloggers, and similar malware coverage with each tool? Reason I mention this is some tools have functionality that works with XP, but not with Vista.

    Thanks in advance for the help, its appreciated!
     
  2. computer geek

    computer geek Registered Member

    Joined:
    Oct 6, 2007
    Posts:
    776
    Avast free should be enough, although there is some gaps cause no script detection and firewall, but with comodo firewall alongside and spybot, should be fine! AVG does not have http scanning unlike avast. also, malicious scripts are very rare since it is contained within the browser and rarely get out.

    P.S. This thread may get locked.
     
  3. Hangetsu

    Hangetsu Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    259
    I was worried about that. I'm looking at both tools, and rather than creating two threads I hoped to keep it in one (since its really on the same subject).
     
  4. midway40

    midway40 Registered Member

    Joined:
    Jul 24, 2006
    Posts:
    1,257
    Location:
    SW MS, USA
    AVG doesn't have rootkit detection though it does offer a separate tool for that. Unfortunately the Vista version isn't ready yet.
     
  5. Diver

    Diver Registered Member

    Joined:
    Feb 6, 2005
    Posts:
    1,444
    Location:
    Deep Underwater
    A few around here (including me) have noticed a slowdown with Avast on Vista.
     
  6. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    You layed some valid groundwork for what can be a beneficial discussion and most are grasping what direction We are trying to achieve in these type discussions.

    in case it was missed in your initial post....
    I'M NOT LOOKING FOR A COMPARISON, OR SIMPLE "X IS GREAT

    Carry on,
    Bubba :ninja:
     
  7. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    AVG and avast are just antiviruses. You would still need a firewall and you may want a HIPS or sandbox for protection from unknown malware.

    As for rootkits, keyloggers, etc, I think a separate app may be better. Various antispyware have keylogger detection and theres numerous rootkit detectors to choose from.
     
  8. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    well, maybe im just old fashioned.

    ive certainly never felt the need for anything other than an antivirus.

    this is how it used to be, and how it still is.

    i would feel extremely comfortable using only an antivirus, probably ANY tested by av-comparatives.

    but of course, i do still have a hardware firewall with the router.
     
  9. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Well, assuming that you have chosen to maintain UAC active, there's really few gaps there. After all, you'll be explicitly approving installations. That goes a long way to controlling the situation. It's not an be all, but it's a big step, and you have an AV as an active security measure to provide some level of screening of the applications that you purposely choose to install.

    In jumping between OS'es, it's important to step back and look at some of the fundamental differences in the two platforms, and this is one. As long as you don't disable the functionality, it provides a positive benefit.

    Blue
     
  10. midway40

    midway40 Registered Member

    Joined:
    Jul 24, 2006
    Posts:
    1,257
    Location:
    SW MS, USA
    Blue brings up a good point. There are several differences in the security setup of XP and Vista. Vista has these new features in which some were borrowed from Linux:

    UAC--akin to the root/user accounts in Linux. For years I have been seeing complaints about MS's OS's not being as secure as Linux. And now that Vista has come out most people turn this most important security feature off complaining about the prompts o_O

    ASLR-Address Space Layout Randomization (also borrowed from Linux and BSD)-this is a proactive defense against exploits such as buffer overruns by randomizing the code into different memory locations on each boot. It makes it more difficult for malware to find certain codes in memory.

    IE7 Protected Mode--similar to a sandbox, IE7 runs with the lowest privileges. Nothing can be installed without your consent. When I was testing IE7 I visited a 'crack' site that wanted to install something called "Data Control Service" or such. You know this is bad news, lol.

    There are more new features such as Network Access Protection and Service Hardening. These are all explained here.
     
  11. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I've seen plenty of comments along these lines, and after purchasing my wife a new Vista based laptop, why anyone would even contemplate disabling this is simply beyond me. It's about as innocuous as possible, provides decent protection, and is a native facility.

    Blue
     
  12. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    why?

    because its a pain in the butt.

    some people dont use a computer to get annoyed by 2/3 pop up and clicks for every program they want to execute.

    + prevx vista beta requires it to be disabled.
     
  13. midway40

    midway40 Registered Member

    Joined:
    Jul 24, 2006
    Posts:
    1,257
    Location:
    SW MS, USA
    You do not get prompts for every program, only programs that make changes to your system. If you have something, for example, like a paint program that is requiring a prompt, that is more of the result of bad coding than Vista. For too long software writers have been given free reign over parts of the system they have no business in and UAC is forcing them to be more responsible in their coding.

    I can imagine that the reason Prevx is calling for UAC to be turned off is the fact that it hasn't been coded to work in Vista properly yet. I have never seen a finished program that requires you to turn off UAC.
     
  14. JasSolo

    JasSolo Registered Member

    Joined:
    May 9, 2007
    Posts:
    414
    Location:
    Denmark
    I really have to agree bigtime on this. Unless you really tweak Vista in all different way's, it's really a pain in the butt!.
    Vista is IMO still in beta stage.


    Cheers
     
  15. InfinityAz

    InfinityAz Registered Member

    Joined:
    Jul 23, 2005
    Posts:
    828
    Location:
    Arizona
    I agree that UAC can get annoying. Try using TweakUAC and set it to quiet mode (still get the protection but not as many annoying prompts and it's a standalone executable, so no install needed).
     
  16. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Absolutely. It's really the same reason behind LUA being something of a problem in XP. Although it has improved over the years, too many programs were unnecessarily coded with the presumption of full (and typically unneeded when you get down to it) administrative privileges. In past years, when most machines did not spend the bulk of their hours on the internet, it wasn't a major issue. Well, that situation has changed.

    Blue
     
  17. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    well, i aint too fussed that it needs to be turned off for prevx beta.

    prevx does exactly the same as UAC (and more....) as i have it set on Query at all times.
     
  18. midway40

    midway40 Registered Member

    Joined:
    Jul 24, 2006
    Posts:
    1,257
    Location:
    SW MS, USA
    When I was on XP my security setup consisted of a suite, Spybot, SpywareBlaster, Ad-Aware, MRU Blaster, and others I cannot think of at the moment. From the experiences I had the past year with Vista and UAC I feel that all I need is just a basic AV/AS/FW. Some people get by with even less.

    Vista reminded me of Linux when I first tried it out. You have to get yourself into a different mindset and throw away old adages from past Windows. To this end I believe those who have dealt with Linux or Macs would be the first ones to appreciate UAC. To me, taking a second to click approve/disapprove is worth the added security. It beats several minutes or hours trying to clear a nasty out of the system later.

    InfinityAZ has suggested a compromise with TweakUAC. This might help those trying to make the transition into the LUA world. For me, I rather get myself conditioned right to begin with. The only tweak I performed on UAC was to eliminate the "blackening" effect because it doesn't look good on my computer.

    I haven't tried the Prevx beta but if it does what you said it would it would be the first I have seen to require disabling of UAC.
     
  19. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    they are working on them getting to work together, but it does the same plus more than UAC.

    1.jpg
     
  20. midway40

    midway40 Registered Member

    Joined:
    Jul 24, 2006
    Posts:
    1,257
    Location:
    SW MS, USA
    Ok, I see now. It is an improvement of UAC which could actually use some more tweaking. I will definitely look into this when it goes final :)
     
  21. C.S.J

    C.S.J Massive Poster

    Joined:
    Oct 16, 2006
    Posts:
    5,029
    Location:
    this forum is biased!
    that query screenshot was only a windows update, yet when you have it set to query, it does what UAC does, plus checks for malware/behaviour etc.

    :thumb:

    i dont think i need more than just an antivirus, never have.... but i just love it (prevx 2.0), so why not use it. :D
     
Thread Status:
Not open for further replies.