What's the Best Anti-Malware?

[I be he]

- in all frankness is there a suite that is totally safe??

The key to being totally safe is in totally effective computer Virtualization. My nephew is currently serving in the US Military and was attached to a communications outfit in Iraq for 3 consecutive tours and when we were discussing computer security he told me that they operate their computers exclusively under Oracle software Virtualization with not so much as one mention of any civilian internet security program of course in his line of work they are doing more than just trying to avoid malicious code there are lives at stake.

~Maxx~
.

Im not trying to start something, but our military complex, D.O.D. contractors get hacked more than you will want to hear about.:shock:

 

[Maxxwire]

I would advise re-formatting your O.S. before trying Comodo, this is highly recommended to get the best results, and to make sure the hipps wont see any malware and think its part of your system.

Where did you get this notion from? I've been using scores of different versions of Comodo over the last 2 years and not have I ever had Defense+ mistake a system program for malware. I've also been frequenting the Comodo forum during that time and I have ever on any occasion heard the recommendation to reformat before installing Comodo, that's just a nonsensical suggestion.

~Maxx~

 

[Maxxwire]

I'm not talking about contractors, but rather about enlisted military personnel like my nephew and his brother who is in special opps use who use virtualized computers exclusively to thwart hacking.

~Maxx~

 

[I be he]

I would advise re-formatting your O.S. before trying Comodo, this is highly recommended to get the best results, and to make sure the hipps wont see any malware and think its part of your system.

Where did you get this notion from? I've been using scores of different versions of Comodo over the last 2 years and not have I ever had Defense+ mistake a system program for malware. I've also been frequenting the Comodo forum during that time and I have ever on any occasion heard the recommendation to reformat before installing Comodo, that's just a nonsensical suggestion.

~Maxx~

Didnt sound nonsensical to me, but you may be right. Dont remember where the suggestion came from, its been awhile since i read it.

 

[Maxxwire]

Dont remember where the suggestion came from, its been awhile since i read it.

I see. Well, all I'm saying is that I've never seen any such advise given on the Comodo forum. Before installing a new version of Comodo the previous version must be removed, but there is no reformatting of the Windows partition involved.

~Maxx~

 

[I be he]

Do you think its possible for Comodo D+ to be downloaded onto an infected
computer and viewing the malware as part of the system? or is that most likely only going to happen with a behavior blocker?

 

[Maxxwire]

I be he- I think that you are somewhat confused about what the Comodo Defense+ Host Intrusion Prevention System actually does. HIPS is not a simple blacklist Antivirus that has a long list of known Malware that it uses to recognize Malware. In order to use HIPS software successfully the operator must have a basic knowledge of the computer's software because HIPS does not differentiate between system programs and suspect Malware it simply allerts the operator that a software which is not already on the approved run list is trying to gain an elevated privilege.

So in answer to your question HIPS is not an Antivirus therefore it does not know Malware from system software its only job is to notify the operator if unapproved software is trying to run on the computer so if Defense+ HIPS was downloaded to an infected computer without having been set up to recognize which programs were part of the system then it would give an alert for each and every program on the computer that tried to run whether it was Malware or not.

The proper way to run HIPS software is to first sanitize the computer of Malware
or better yet re-image the windows partition with a known clean copy of Windows or System Image and then run all of the programs that are used on the computer while Comodo Defense+ HIPS is in Training Mode and then when returned to Safe Mode Defense+ HIPS will provide a level of protection far more effective than UAC.

~Maxx~

 

[DBone]

If, and only if, the user answers the pop-ups correctly, especially when the inevitable life changing pop-up rares its ugly head. Answer it correctly, advance to Go and collect $200, answer it wrong, and go directly to jail.

 

[Maxxwire]

I've been using Comodo everyday for 2 years on 2 computers and I have yet to see that 'life changing pop-up', but I'm not the least worried because like every other reasonably capable computer operator I have plenty of squeaky clean image backups stored on several inert drives that are just waiting to be restored in 10 minutes time making that jail sentence reserved specifically for those who are unprepared for any of the 100's of things that could instantly go horribly wrong with a computer without so much as the benefit of a pop-up warning.

~Maxx~

 

[I be he]

I be he- I think that you are somewhat confused about what the Comodo Defense+ Host Intrusion Prevention System actually does. HIPS is not a simple blacklist Antivirus that has a long list of known Malware that it uses to recognize Malware. In order to use HIPS software successfully the operator must have a basic knowledge of the computer's software because HIPS does not differentiate between system programs and suspect Malware it simply allerts the operator that a software which is not already on the approved run list is trying to gain an elevated privilege.

So in answer to your question HIPS is not an Antivirus therefore it does not know Malware from system software its only job is to notify the operator if unapproved software is trying to run on the computer so if Defense+ HIPS was downloaded to an infected computer without having been set up to recognize which programs were part of the system then it would give an alert for each and every program on the computer that tried to run whether it was Malware or not.

The proper way to run HIPS software is to first sanitize the computer of Malware
or better yet re-image the windows partition with a known clean copy of Windows or System Image and then run all of the programs that are used on the computer while Comodo Defense+ HIPS is in Training Mode and then when returned to Safe Mode Defense+ HIPS will provide a level of protection far more effective than UAC.

~Maxx~

This is what i was trying to say a couple of posts ago. Im not sure where the misunderstanding is, but thank you for takeing the time and responding.

 

[Maxxwire]

This is what i was trying to say a couple of posts ago. Im not sure where the misunderstanding is, but thank you for takeing the time and responding.

Just for the sake of clarity the best recommendation but certainly not mandatory is to re-image Windows after any Malware infection regardless of what Internet Security software is used.

Fortunately since I uninstalled Norton 2009 which allowed a Malware infection and 2 consecutive Hosts File Infections after which I was forced to reinstall Windows from scratch and started using Comodo and running my browsers in the virtual space of Sandboxie and I haven't had a single problem or even one detection of so much as a tracking cookie since and I have never been forced to re-image Windows because of a Malware infection since I started using Comodo 2 years ago on either one of my computers like I was forced to do when running Norton.

~Maxx~

 

[seth500]

Hmmm it has been years since I have used counter spy I will visit their site and may give this software a test run, I don't believe there is only one BEST but I do believe yo have to use at least a couple of different ones though just because other companies have different signature databases. For instance I use Emisisoft Emergency Kit and Trojan Hunter and Malware Bytes none of them are running they sit dormant till I think I should run a scan. The Outpost Security Suite I use for my main protection is always running it's malware scanner on "any access attempt" and I haven't had anything get by that as of yet, cause the other scanners don't show anything...So in my opinion just keep some of the best known on this site at easy access for yourself and don't only use just one cause one just can't cover everything, and I'm sure 0-day viruses are missed all the time by any type of software that we use even if heuristic's are used...

 

[I be he]

This is what i was trying to say a couple of posts ago. Im not sure where the misunderstanding is, but thank you for takeing the time and responding.

Just for the sake of clarity the best recommendation but certainly not mandatory is to re-image Windows after any Malware infection regardless of what Internet Security software is used.

Fortunately since I uninstalled Norton 2009 which allowed a Malware infection and 2 consecutive Hosts File Infections after which I was forced to reinstall Windows from scratch and started using Comodo and running my browsers in the virtual space of Sandboxie and I haven't had a single problem or even one detection of so much as a tracking cookie since and I have never been forced to re-image Windows because of a Malware infection since I started using Comodo 2 years ago on either one of my computers like I was forced to do when running Norton.

~Maxx~

Ive heard Norton 2011 is the best for people who feel safer running a A/V suit. Never tried it myself, but it does seem to have quite a following.
Right now i have MSE " to keep my computer happy " and Sandboxie to keep me happy. I even stopped scanning for malware since sandboxie wont even let a tracking cookie through. MSE has been dead silent, maybe i will get rid of it.

 

[Maxxwire]

Like I said earlier my experience with Norton was that I paid $60 to have it let my computer get infected 3 times in less than a year.

You might take a minute and read Tzuk's Notes About Sandboxie 64 bit Edition unless you've already figured out how to bypass the Windows 7 Kernel Patch Protection.

~Maxx~

 

[I be he]

Thanks, i am aware of the potential problem reguarding the 64 bit version, and as mentioned on their web site the 64 downloads with "dropped rights" enabled.
I also recommend people stop useing their admin account for surfing, and use the guest account or set up a LUA instead. This will help keep malware confined, and easier to deal with. If one is not useing Sandboxie i would also recommend adding Superantispyware free, and Malwarebytes free, as on demand only scanners

 

[Maxxwire]

Malwarebytes is a great program I use it everyday to scan prospective downloads from the internet that are still in Sandboxie. For software that has been downloaded by one of my browsers into Sandboxie that is less than 20 MB in size I like to use Virus Total which scans each file using over 40 different antivirus engines and then renders a result, in that although Sandboxie will not let Malware alter the real computer great care must be taken when downloading software from Sandboxie into the computer to make sure that it is safe.

Virus Total Uploader 2.0 even offers a context menu function that can be used to locate files that have been downloaded into Sandboxie and send them directly to Virus Total for evaluation right from the Sandboxie files to get 40+ opinions of how safe they are before downloading them into the computer.

~Maxx~

 

[EchoX860]

My sig is all I use and I've been Free of just about everything for quite a while

 

[I be he]

My sig is all I use and I've been Free of just about everything for quite a while

With Norton & Comodo you might not even need common sence:shock:

 

[I be he]

Malwarebytes is a great program I use it everyday to scan prospective downloads from the internet that are still in Sandboxie. For software that has been downloaded by one of my browsers into Sandboxie that is less than 20 MB in size I like to use Virus Total which scans each file using over 40 different antivirus engines and then renders a result, in that although Sandboxie will not let Malware alter the real computer great care must be taken when downloading software from Sandboxie into the computer to make sure that it is safe.

Virus Total Uploader 2.0 even offers a context menu function that can be used to locate files that have been downloaded into Sandboxie and send them directly to Virus Total for evaluation right from the Sandboxie files to get 40+ opinions of how safe they are before downloading them into the computer.

~Maxx~

Virus total sounds like a fantastic idea. Great addition!

 

[Zizm]

I use Malwarebyte's Anti-Malware for long time and I must say that I am pleased with its features and effect of detection. For me it's the best, because I never had a problem with it.