For what I've been just been reading about hardened mode, it seems that it is not what I'm looking for. It seems that it may prompt me if I run an unknown exe file, and I can allow it to run if I want. But what happens if I launch something that Avast's signatures detect? Assuming it's something I actually do want to run, I'm guessing that there is no easy way to get Avast to ignore it and allow it to run, and then no longer prompt me when I want to run that file again.
I need help choosing an antivirus - It must be extremely light!
- Thread starter roger_m
- Start date
- Status
- Apr 1, 2015
- 483
With Hardened Mode enabled, Avast doesn't use signtures, BB , etc (pretty certain on this). It only blocks files that are not on the whitelist.
I increase HIPs to MAX to give me more control over suspicious files that pass the whitelist.
UPDATE: I'm about to run a quick test to verify this.
UPDATE2: Ok. Seems signatures are still there. I'm guessing somewhere in settings you could mitigate that somehow, without reducing security much. I think its BB/heuristics doesn't operate along side Harden Mode.
Last edited:
- Apr 1, 2015
- 483
- Sep 22, 2016
- 412
As I've previously mentioned, WSA causes keyboard lag, and Norton will always auto quarantine some files.
- Oct 1, 2015
- 183
I think you should give a try to Comodo Cloud Antivirus. It installs "Internet Security Essential"...ISE is a separate feature & install to protect against MITM (you can uninstall ISE but only after CCAV install i.e no option to not install it during install)
My experience on Win 10 64 with 6 GB RAM.
Boot Time - First boot was little long, subsequent boot were good.
First opening of programs takes couple secs, later programs opening is good due to programs already analyzed, etc.
AV has the option to set to "Ask". If I remember correctly, Ignore, Add to whitelist, etc options are there on the alert.
Sandbox has the option to set to "Ask for Untrusted". You will get option like allow/block/sandbox with "Remember this" on the alert.
After CCAV install, do the "Rating Scan" & take action on unknown programs.
My experience on Win 10 64 with 6 GB RAM.
Boot Time - First boot was little long, subsequent boot were good.
First opening of programs takes couple secs, later programs opening is good due to programs already analyzed, etc.
AV has the option to set to "Ask". If I remember correctly, Ignore, Add to whitelist, etc options are there on the alert.
Sandbox has the option to set to "Ask for Untrusted". You will get option like allow/block/sandbox with "Remember this" on the alert.
After CCAV install, do the "Rating Scan" & take action on unknown programs.
- Sep 22, 2016
- 412
Didn't saw that Webroot stuff sorry. About Norton, you can change SONAR settings in "advanced mode" in order to ask you in detections
In all the COMODO alerts the user has the ability to exclude the process\file - whether it is an anti-virus, HIPS or sandbox exclusion.
Of course you'd have to try it to evaluate system impact.
There's Avira, but I think files are excluded by restoring them from Quarantine or manually excluding them.
You're basically out of options as far as AV\Internet Security suites.
Either compromise or migrate to a different solution - like software restriction policy or HIPS. At least with SRP\HIPS you have no worries about detection and auto-quarantine - and you can lock down your system while having virtually 0 % system impact.
Of course you'd have to try it to evaluate system impact.
There's Avira, but I think files are excluded by restoring them from Quarantine or manually excluding them.
You're basically out of options as far as AV\Internet Security suites.
Either compromise or migrate to a different solution - like software restriction policy or HIPS. At least with SRP\HIPS you have no worries about detection and auto-quarantine - and you can lock down your system while having virtually 0 % system impact.
Alerts/options are little different with CIS/CFW Stable & CCAV & CIS/CFW 10 Beta
CIS/CFW Stable -
AutoSandbox alert (file) - You get alert only for the first time (alert has an option "dont isolate again"). If you miss the alert first time then you have to go into the GUI to unsandbox file.
AutoSandbox alert (installer) - You get alert with options allow/block/sandbox. If you select block/sandbox, you will get alert again on next execution.
CCAV -
AutoSandbox alert (file) - You get alert everytime i.e if you dont select "dont isolate again" or miss the alert, you will get alert on next execution.
AutoSandbox alert (installer) - You get alert with options allow/block/sandbox only if you set sandbox to "Ask for Untrusted" otherwise by default, you will get the same AutoSandbox (file) alert for installer too.
And if you set sandbox to "Ask for Untrusted" then you get alert with options allow/block/sandbox for everything i.e file/installer (I like this And its only available in CCAV).
CIS/CFW 10 Beta -
AutoSandbox alert (file) - They have removed "dont isolate again" on the alert. In V10 Beta, you have to go into the GUI to unsandbox file.
AutoSandbox alert (installer) - By default now in V10 Beta, you get the same AutoSandbox alert (file) for installer too. You have to customize the sandbox option to get alert with options allow/block/sandbox for installer.
Last edited by a moderator:
I've personally not experienced keyboard lag with WSA. To make the case for Webroot I would point out they have white list only options in heuristics and aggressive outbound firewall options plus you don't have to update. But I doubt a more efficient optimized AV exist, Webroot feels less intrusive than a calculator on my budget Acer computer. In a capable users hands Webroot is very secure and extremely small.
- Jun 24, 2016
- 2,485
To start with, you must know all AV will make use of your system resources, and will (some more some less) slow down your daily life. As well, you must know now that today, almost all well-known antivirus suites do the same job. Malware detection ratio based on signature databases are really poor nowadays, and mostly every antivirus does a similar job. Some of them will detect more samples than others, but that's it. So, answering to your question, i would not choose the best according to "Market Reviews" like PCMAG, or even AV-Comparatives. I would choose the one that suites the best with my host PC. Forget about less-known antivirus that are not mentioned on this forum. If our testers do not try one on the HUB, much probably it's not worth it. (like it happened when i tested Immunet on the Hub, stay away from it). Then, once again, you realise you're on a standby: you have lots of well-known antivirus, such as AVG, Avast, Avira, BitDefender, ESET, Kaspersky, Norton, Emsisoft, and lots more. Since all of them are sig-based software, i must say that the key is on software combinations to cover all your system's weak points. For example, just before winning Avast Premier GiveAway here, my configuration was simple and effective: Avast Free (really light, tweaked for maximum protection), ZoneAlarm Free Firewall (adjusted on notify me everything), and HitmanPro.Alert to protect me from Xploits and vulnerabilities. That's a good safe combination, that can help me with having a sig-based antivirus.
So, i would say: choose the one you like the most, not the best one. That one that fits the best on your PC, not the one which Av-TEST says has the best real time protection. If you have an old hardware, i'd choose 360 Total Security, Sophos, or Avast. Complementing it with a light free firewall, and you're done boy.
To conclude, do not satisfy yourself with default software. Every time you can, tweak. Tweaked settings will give you the best protection you can recieve from software. Stay safe.
So, i would say: choose the one you like the most, not the best one. That one that fits the best on your PC, not the one which Av-TEST says has the best real time protection. If you have an old hardware, i'd choose 360 Total Security, Sophos, or Avast. Complementing it with a light free firewall, and you're done boy.
To conclude, do not satisfy yourself with default software. Every time you can, tweak. Tweaked settings will give you the best protection you can recieve from software. Stay safe.
- Mar 10, 2014
- 140
- Jun 9, 2013
- 6,720
I know this has been mentioned but if you want light go for Norton
- Aug 6, 2014
- 1,044
If you want a really light AV: try Panda.
Norton and Webroot are also quite light.
Norton and Webroot are also quite light.
- Feb 21, 2015
- 456
If you don't want slow down your pc then try anti-executable + on-demand scanner without any av's.
VoodooShield or EXE Radar Pro + Zemana or HitmanPro on-demand.
VoodooShield or EXE Radar Pro + Zemana or HitmanPro on-demand.
- Dec 20, 2014
- 106
Cômodo Firewall Free
Forticlient free
Voodooshield free
Forticlient free
Voodooshield free
I don't want to use a HIPS, as I don't like getting lets of prompts.
Even if you do that, it still will auto quarantine some files.
There must be some software conflict causing the lag when using WSA or 360 TS. However, I have not been able to track it down. I've had a very good look at my system and am certain that there are no remaining drivers or other leftover processes from sntiviruses I've used in the past.
I tried it a month or so ago, and from memory found it to be too heavy. However, I'm using a faster computer now, so will give it another try.
I know that, and from continually testing different antiviruses I've found some which have an extremely minmal system impact, and some that cause big slowdowns. However, as per my first post, I'm looking for an antivirus which makes it easy to whitelist files that I don't want to be detected again (as well as being light).
- Status
Similar threads
