Advice Request Does oneself really need an Antivirus?

Please provide comments and solutions that are helpful to the author of this topic.

L

Local Host

A good combo can rely on Windows Defender and OSArmor, if you know what you're doing online. Can't think of lighter combo.
We all know how Windows Defender has problems with On Access constant scans, crippling HDDs performance, is the reason I'm forced to use a third-party AV program.

I find myself in the same situation as OP, I don't remember the last time I had a problem with a Virus myself and an AV is simply wasting resources in the background for me.

I do acknowledge modern malware and it's risks, but an AV program is not the answer on my book (I don't need signatures nor real-time protection for common infections). What we advanced users need, is programs like CFW, Adguard and OSArmor.

I'm considering going with CFW (but there's mixed reviews about it's performance hit and the problems it has on W10). Currently using Kaspersky Anti-Virus (which has no performance hit on my system, compared to the competition).

I'll take any suggestions considering what I said above.
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Running an AV is a safety net.
If you are a good tight-rope walker, you don't fall, and you don't expect to find yourself hanging in the net. But you still want it to be there.

Which AV? The one that works best for you. Some people are happy with Windows Defender, others say that Panda is light and effective, some prefer Avast, some use Kaspersky free, it doesn't matter. Just use what works best on your system, that's all.
 
D

Deleted member 178

We all know how Windows Defender has problems with On Access constant scans, crippling HDDs performance, is the reason I'm forced to use a third-party AV program.
yep, same here.


I'm considering going with CFW (but there's mixed reviews about it's performance hit and the problems it has on W10).
i won't recommend it. (and this is coming from a fan...)
 

CMLew

Level 23
Verified
Well-known
Oct 30, 2015
1,251
I decided to go away from conventional AV since I joined this forum several years ago.
Did pretty learn hell lots of stuff from tweaking and commands.

My personal favorite till now (endorsed by @Umbra Back then):
Appguard + NVT ERP + WFC.

Now i do use Emsisoft for the sake of convenience and ease of use for my family; though SRP or anti-exe is still my staples on my workhorse.
 

LDogg

Level 33
Thread author
Verified
Top Poster
Well-known
May 4, 2018
2,261
Is there a free version of AppGuard at all?

~LDogg
 

LDogg

Level 33
Thread author
Verified
Top Poster
Well-known
May 4, 2018
2,261
Are there any free versions for these programs or alternatives to these at all?

~LDogg
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
Is there a free version of AppGuard at all?

~LDogg
AppGuard is not free and never will be. You can't even get a trial version. It is expensive, because it is oriented to the business market.
But there are plenty of good apps for free. The NVT products are mostly free, there is a free version of VoodooShield, Comodo Firewall is free, ReHIPS has a free demo version that does almost everything that the paid version does, etc etc.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
@shmu26
Actually there was free version of AG in the past...it was called EdgeGuard Solo dveloped as beta...and as I rememeber was the base of current AG.
That's interesting, I didn't know that.
But the company is going the opposite direction now. It is hard to get a consumer version these days, even if you pay good money. They want business customers, not people like us.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
Hard_Configurator is also based on SRP like AppGuard. The advantage of AppGuard lies in Guarded Apps feature (kind of the light sandboxing), so generally, the similar level of security can be applied by AppGuard with fewer restrictions. AppGuard has also the convenient and informative logging feature - Hard_Configurator uses only information from Windows Event Log, that sometimes is rather sketchy.
In the actual form, Hard_Configurator is intended for advanced users. After adjusting the restrictions to the concrete software/hardware setup, it can be used by inexperienced users as a semi-locked security solution.
Hard_Configurator uses only Windows built-in security features + forced SmartScreen (no 3rd party drivers), so the setup is very light, stable and compatible with Windows.(y)
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
@Andy Ful
Replace AG by SpyShelter ;)
SPyShelter is a HIPS-based security application, but it allows making a rule template (kind of light sandbox) for the concrete application. But making the proper rule templates can be time-consuming. SpyShelter is also a default-allow type of security, so it can stop only the malware files which behave very suspiciously or were introduced by exploiting the legal application protected by the already made rule template. The advanced user could, of course, use the setup like:
ShadowDefender + SpyShelter + forced SmartScreen (to check application installers).
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
SPyShelter is a HIPS-based security application, but it allows making a rule template (kind of light sandbox) for the concrete application. But making the proper rule templates can be time-consuming. SpyShelter is also a default-allow type of security, so it can stop only the malware files which behave very suspiciously or were introduced by exploiting the legal application protected by the already made rule template. The advanced user could, of course, use the setup like:
ShadowDefender + SpyShelter + forced SmartScreen
SpyShelter Firewall version has the option for a default/deny mode, if I remember right it is called "ask user".
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,598
SpyShelter Firewall can be made close to default-deny due to Application Execution Control feature. One could manually transfer all ReHIPS options (parent & child) for all applications/processes, but this could be extremely time-consuming, because wildcards are not supported. It is much easier to install just ReHIPS.
.
Edit
SpyShelter can be set (with some effort) as a close to default deny in the way explained here:
Q&A - Does oneself really need an Antivirus?
 
Last edited:

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,153
SpyShelter Firewall can be made close to default-deny due to Application Execution Control feature. One could manually transfer all ReHIPS options (parent & child) for all applications/processes, but this could be extremely time-consuming, because wildcards are not supported. It is much easier to install just ReHIPS.
If you use Application Execution Control, you need to use also "Ask user" mode, because if you don't, it eventually will make a * in some of the key applications, for instance, Explorer, thus allowing all future processes started by Explorer. This will ruin the default/deny.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top