Removing dependency on single AV

Discussion in 'malware problems & news' started by rpk2006, Sep 25, 2016.

  1. rpk2006

    rpk2006 Registered Member

    Joined:
    Jan 29, 2003
    Posts:
    35
    Location:
    India
    Regularly I come across files which skip detection by AV. These sophisticated malware even bypass heuristic detection. Dependency on single anti-virus is not sufficient.

    I want to know which additional tool can be used with AV which can seamlessly work with existing AV and also adds an extra layer of behavioral detection.
     
  2. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    2,158
    Location:
    in a remote land :)
    if you want stick with an AV, you have Avast, webroot, kaspersky, emsisoft, etc... all of them uses additional protection, because they know that the signature-based models is obsolete.

    I personally dislike AVs, i kept Windows Defender in Win10 because it is build-in and recently not so bad ; i prefer 1000 times using anti-executables or isolation softwares instead.
     
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,060
    As I remember Webroot could be used alongside other AVs in past with no conflicts. I don't know if this is still true.
    Personally I use Virustotal to check files before running/opening. I know it doesn't offer behavior detection but it can still give you some info about files.
     
  4. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    2,872
    Location:
    Australia
    You're right. No AV can, or ever will, detect every threat out there. Common sense can go a long way to keeping your machine safe, being careful what you click on and where you go.

    An anti-exe can be used along-side an AV. I have only experienced VoodooShield and I do believe Dan has a great product which would compliment an AV well, but there are are other products that will also work. Anti-exploit tools too.

    One point to remember, there is a pay-off with security. The more secure we make our machines the less user friendly they become. We all have to find that balance that satisfies us.
     
  5. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,239
    If you keep Windows and software you use up to date, and are very careful about you programs you open, e.g. don't open random email attachements and be careful about what you download, the chance of getting infected is going to minmal. It's much better to avoid being infected by being careful about what you let run on your computer rather not being careful and hoping your antivirus will protect you.
     
  6. Behold Eck

    Behold Eck Registered Member

    Joined:
    Aug 23, 2013
    Posts:
    438
    Location:
    The Outer Limits
    What about Comodo firewall with Cruel Sister`s settings(with hips off and autosandbox on) ?

    You also get a ratings scan for all the files on your system, any unrecognised leave them as untrusted.

    It`s also very light(and free) so no system impact.

    Regards Eck:)
     
  7. rpk2006

    rpk2006 Registered Member

    Joined:
    Jan 29, 2003
    Posts:
    35
    Location:
    India
    @roger_m Even if you keep Windows and software updated, there might be a chance of a Stuxnet type of malware lying dormant.

    @Krusty13 Thanks for your suggestions

    @Behold Eck I will have to try Comodo. I am using ESET SmartSecurity which comes with a firewall. ESET AV's detection rate is superb and works well with unknown malware also. But my concern was regarding Stuxnet type of malware or highly encrypted Ransomware, which skip heuristics.
     
  8. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    2,872
    Location:
    Australia
    Stuxnet, really? Do you have a nuclear power plant?
     
  9. Behold Eck

    Behold Eck Registered Member

    Joined:
    Aug 23, 2013
    Posts:
    438
    Location:
    The Outer Limits
    @rpk2006 good luck with whatever you choose to go with but I would advise not to use Comodo FW on default settings.

    Do a bit of homework first.

    Though once "tweeked" correctly it`s pretty ferocious and well able to deal with the type of attacks you mention.


    Regards Eck:)
     
    Last edited: Sep 25, 2016
  10. rpk2006

    rpk2006 Registered Member

    Joined:
    Jan 29, 2003
    Posts:
    35
    Location:
    India
    :) I mean stealthy like Stuxnet.
     
  11. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    2,872
    Location:
    Australia
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    Your only choice is to learn more about using HIPS. I always scan files on VirusTotal which also isn't bulletproof, but still better than depending on a single AV, no matter how advanced. And after that I run apps "sandboxed" while monitored by HIPS. If everything is OK, then I install it on my real system. Obviously, it's best to only run apps that are a bit more widely known, and are listed on trustful download sites. Common sense will help a lot.
     
Loading...