Advice Request Does oneself really need an Antivirus?

[Local Host]

A good combo can rely on Windows Defender and OSArmor, if you know what you're doing online. Can't think of lighter combo.

We all know how Windows Defender has problems with On Access constant scans, crippling HDDs performance, is the reason I'm forced to use a third-party AV program.

I find myself in the same situation as OP, I don't remember the last time I had a problem with a Virus myself and an AV is simply wasting resources in the background for me.

I do acknowledge modern malware and it's risks, but an AV program is not the answer on my book (I don't need signatures nor real-time protection for common infections). What we advanced users need, is programs like CFW, Adguard and OSArmor.

I'm considering going with CFW (but there's mixed reviews about it's performance hit and the problems it has on W10). Currently using Kaspersky Anti-Virus (which has no performance hit on my system, compared to the competition).

I'll take any suggestions considering what I said above.

 

[JM Safe]

I would use Avast, it uses advanced technologies to detect unknown and known malware, user common sense isn't always enough. Avast Free (Hardened Mode: Aggressive) is a good product to use.

 

[shmu26]

Running an AV is a safety net.
If you are a good tight-rope walker, you don't fall, and you don't expect to find yourself hanging in the net. But you still want it to be there.

Which AV? The one that works best for you. Some people are happy with Windows Defender, others say that Panda is light and effective, some prefer Avast, some use Kaspersky free, it doesn't matter. Just use what works best on your system, that's all.

 

[Deleted member 178]

We all know how Windows Defender has problems with On Access constant scans, crippling HDDs performance, is the reason I'm forced to use a third-party AV program.

yep, same here.

I'm considering going with CFW (but there's mixed reviews about it's performance hit and the problems it has on W10).

i won't recommend it. (and this is coming from a fan...)

 

[CMLew]

I decided to go away from conventional AV since I joined this forum several years ago.
Did pretty learn hell lots of stuff from tweaking and commands.

My personal favorite till now (endorsed by @Umbra Back then):
Appguard + NVT ERP + WFC.

Now i do use Emsisoft for the sake of convenience and ease of use for my family; though SRP or anti-exe is still my staples on my workhorse.

 

[RoboMan]

What signature-less software which is out there would you recommend?

~LDogg

VoodooShield
OSArmor
AppGuard

 

[Andy Ful]

ShadowDefender + AppGuard (or any SRP) + SmartScreen.
You can replace Appguard by ReHIPS or Excubits drivers.

 

[Deleted member 178]

My personal favorite till now (endorsed by @Umbra Back then):
Appguard + NVT ERP + WFC.

With this combo, you cant go wrong.

 

[LDogg]

Is there a free version of AppGuard at all?

~LDogg

 

[LDogg]

Are there any free versions for these programs or alternatives to these at all?

~LDogg

 

[shmu26]

Is there a free version of AppGuard at all?

~LDogg

AppGuard is not free and never will be. You can't even get a trial version. It is expensive, because it is oriented to the business market.
But there are plenty of good apps for free. The NVT products are mostly free, there is a free version of VoodooShield, Comodo Firewall is free, ReHIPS has a free demo version that does almost everything that the paid version does, etc etc.

 

[ichito]

@shmu26
Actually there was free version of AG in the past...it was called EdgeGuard Solo dveloped as beta...and as I rememeber was the base of current AG.

@Andy Ful
Replace AG by SpyShelter

 

[shmu26]

@shmu26
Actually there was free version of AG in the past...it was called EdgeGuard Solo dveloped as beta...and as I rememeber was the base of current AG.

That's interesting, I didn't know that.
But the company is going the opposite direction now. It is hard to get a consumer version these days, even if you pay good money. They want business customers, not people like us.

 

[bribon77]

Is there a free version of AppGuard at all?

~LDogg

in addition to what was said by @shmu26. Do not forget the products of,
@Andy Ful I find them excellent.

 

[Andy Ful]

Hard_Configurator is also based on SRP like AppGuard. The advantage of AppGuard lies in Guarded Apps feature (kind of the light sandboxing), so generally, the similar level of security can be applied by AppGuard with fewer restrictions. AppGuard has also the convenient and informative logging feature - Hard_Configurator uses only information from Windows Event Log, that sometimes is rather sketchy.
In the actual form, Hard_Configurator is intended for advanced users. After adjusting the restrictions to the concrete software/hardware setup, it can be used by inexperienced users as a semi-locked security solution.
Hard_Configurator uses only Windows built-in security features + forced SmartScreen (no 3rd party drivers), so the setup is very light, stable and compatible with Windows.

 

[Andy Ful]

@Andy Ful
Replace AG by SpyShelter

SPyShelter is a HIPS-based security application, but it allows making a rule template (kind of light sandbox) for the concrete application. But making the proper rule templates can be time-consuming. SpyShelter is also a default-allow type of security, so it can stop only the malware files which behave very suspiciously or were introduced by exploiting the legal application protected by the already made rule template. The advanced user could, of course, use the setup like:
ShadowDefender + SpyShelter + forced SmartScreen (to check application installers).

 

[shmu26]

in addition to what was said by @shmu26. Do not forget the products of,
@Andy Ful I find them excellent.

+1

 

[shmu26]

SPyShelter is a HIPS-based security application, but it allows making a rule template (kind of light sandbox) for the concrete application. But making the proper rule templates can be time-consuming. SpyShelter is also a default-allow type of security, so it can stop only the malware files which behave very suspiciously or were introduced by exploiting the legal application protected by the already made rule template. The advanced user could, of course, use the setup like:
ShadowDefender + SpyShelter + forced SmartScreen

SpyShelter Firewall version has the option for a default/deny mode, if I remember right it is called "ask user".

 

[Andy Ful]

SpyShelter Firewall can be made close to default-deny due to Application Execution Control feature. One could manually transfer all ReHIPS options (parent & child) for all applications/processes, but this could be extremely time-consuming, because wildcards are not supported. It is much easier to install just ReHIPS.
.
Edit
SpyShelter can be set (with some effort) as a close to default deny in the way explained here:
Q&A - Does oneself really need an Antivirus?

 

[shmu26]

SpyShelter Firewall can be made close to default-deny due to Application Execution Control feature. One could manually transfer all ReHIPS options (parent & child) for all applications/processes, but this could be extremely time-consuming, because wildcards are not supported. It is much easier to install just ReHIPS.

If you use Application Execution Control, you need to use also "Ask user" mode, because if you don't, it eventually will make a * in some of the key applications, for instance, Explorer, thus allowing all future processes started by Explorer. This will ruin the default/deny.