2 Free Applications That Make Malware A Trivial Joke
Would you like to laugh in the face of any malware and do it for free? If so, then have I got the power combo for you! This combo uses traditional signature based antivirus and a HIPS (host based intrusion prevention system). With this combo you can achieve maximum protection without suffering a major performance penalty.
Here's the 2 applications you'll need and where to get them. Also, below you'll find an easy to understand explanation on how this combo works.
Free Signature Based Antivirus with Heuristics - Avira AntiVir 9 Free
Free HIPS - GesWall 2.8.3 Free
Here's basically how these 2 applications protect you from all forms of malware.
The backbone of this combo is GesWall. GesWall isolates applications that are used as gateways to the internet or external media, such as:
- Web Browsers.
- Email.
- P2P.
- CD's (requires you to make an additional rule, see example)
- USB Devices. (requires you to make an additional rule, see example)
- Memory Cards. (requires you to make an additional rule, see example)
- Basically anything that can connect to the internet.
When an application is isolated via GesWall it prevents the following:
- No access to kernel - prevents kernel mode rootkits and key loggers
- Read only access to trusted files, registry, processes etc. - prevents user mode rootkits, keyloggers, malware infections.
- No local communications to trusted processes, e.g. windows messages, RPC, COM, WMI - prevents shatter attacks, user mode rootkits, keyloggers and malware infections.
- No scheduled re-start - prevents backdoors, zombie bots and worms.
- No access to confidential files - prevents leaks of confidential information.
Isolation basically means that ANYTHING from the a fore mentioned items cannot make changes to your PC . Here's step by step example of how this works:
- GesWall Free is installed on your PC.
- You open firefox (or whatever browser you use).
- GesWall will ask you if you wan to isolate FireFox.
- You say YES.
- You visit myspace.com and look at a few pages for a few hours...
- You click a link that redirects you to a domain hosting AV 2009 Rogue AntiVirus.
- You accidentally (try to) install AV 2009.
- GesWall prevents AV 2009 from modifying ANYTHING on your system.
- AV 2009's fake UI might be running in RAM.
- You open GesWall, Click on Isolated Applications and then Terminate the AV 2009 application.
That is just one example of how GesWall can protect your PC.
For our second line of defense we'll be using Avira AntiVir 9 just in case your GesWall is not working (like you disabled it and forgot to turn it back on) or you make a download trusted and it's actually infected. Avira Antivir 9 provides some great protection such as:
- AntiVirus
- AntiSpyware
- AntiAdware
- AntiTrojan
- AntiRootkit
- Heuristics and Daily signature updates.
I've used this combo on over 200 malicious downloads and URL's and it's 100% effective so far (221 and counting).
If this article has help you or your family please ReTweet it.
Related Posts
Related posts:
- Avira AntiVir Free 9.0 Available For Download Avira AntiVir 9.0 is available for download via Download.com. ...
- GeSWall 2.8 Prevention Review GeSWall 2.8 is a free intrusion prevention system (not...
- Can I Have My Old AntiVir Free Back? Really, I'm not one to complain that much, but...
- Free Malware Removal Every couple of months I like to let people...
- Avira AntiVir 9.0 Review – Prevention Test Video In this review I put Avira's AntiVir 9 to...
Related posts brought to you by Yet Another Related Posts Plugin.
Related Posts
Well I already got AntiVir but I hate GesWall… any other apps?
Hmmm…you could go with DriveSentry or DefenseWall (DW costs a few $)
i have avira and superantispyware and geswall they work very well and iv been spyware/virus free for some time now. im glad i got rid of mcafee that software is a nightmare in my opinion they should stop selling it it messed up one of my windows system files win32 generic host files for win32 services not only did it happen 1 time but 3 times when i installed it. uggg worst nightmare and for some reason it kept messing with my contrast lol. that software dose weird things dose anyone agree?
Is DriveSentry as good as Geswall and DW???
I love defense wall .I will give a try gentlesecurity soft .Thanks matt
Hmmm – are you putting this combo on client’s computers after clean up? Even for little old ladies? We’ll put GesWall on a client’s computer only if they are a little savvy, because we’ve found the neophytes can’t wrap their heads around the sand boxing concept. Avira is a nice little app but that splash screen asking for upgrades is a little annoying so we stopped using it. We now use Comodo / Malwarebytes Pro combo, and then alter Comodo Defense + to basically protect the windows folder only. Client’s tend to understand the concept of protecting the Windows Folder and since they only have to deal with it during installs and upgrades, we haven’t had any issues. But we’d love to switch to GesWall. What’s been your experience with this combo and the neophyte customers?
geswall actually causes alot of probalems
it makes google chrome not work, firefox addons are very hard to install, caused adobe reader to crash
freezed firefox
messus up many apps
like viruses, but pretty much any app will be sqwed
avira is good
geswall is ok if you want to have to solve alot of problems of firefox wont lauch, it freezing, not working, addons never save settings, reader crashes in 20 seconds
so fi you want that, install it
it prably only works if your old and use ie and dont do anything
because you shouldnt meet any problems
but
if your advanced user, dont use it
as it kills apps
and now my firefox doesnt work right
i prabably need to unstall geswall and reastall all of my firefox adds and stuff
I agree with everything but:
The computer should be “clean” before you use Avira + Geswall.
Because there are many rootkits that AVira will never find if you don´t use a bootable CD. (And Geswall will not find/isolate then if they are “already in “.)
So, I would recomend:
First know if your PC is clear ! (Matt has a awesome video about making and using a bootable CD).
You can use programs (in your bootable CD) like AVIRA/ Dr. WEB / Super Anti Spyware / Malwarebytes antimalware.
Then go for a AVIRA and GESWALL !
I’ve had no trouble with Geswall at all. It works perfect with IE, Chrome and Firefox. It works with all my Firefox add-ons as well…and I have many.
The fix for Adobe Reader is to restart the browser as non-isolated, try to open a PDF file, accept the agreement and you’re all set. Close and re-open the browser and you can open PDFs with no problem. It’s a very simple solution and takes only a second.
I’ve installed it on client computers and they barely even know it’s running. I disable notifications to save them stress. If they get hosed by a virus, it’s easy to kill. Just rebooting the PC will clear Geswall and the viruses. They don’t even need to open Geswall for anything.
Thnx Matt. But i dont like Geswall.
What do u think about Avira + Sanboxie?
Is this good combination for you?
Matt, even though GesWall may be a good application, I don’t think it’s very easily configurable for everyday use, which includes regular program updates etc. And certainly the free version is quite stripped down when compared with the paid version.
Have you reviewed Sandboxie Matt? I’ve just been using it for the last couple of days and it’s an amazing piece of software. In fact, it’s the most amazing piece of software I’ve ever used. I have found the golden bullet with Comodo Internet Security Suite and Sandboxie.
In addition, Sandboxie can be used free (stripped down version) or you can pay a one-off sum to use the full product for life, including updates for life. This is unlike Defensewall etc.
And of course we all know Comodo Internet Security Suite is completely free.
Matt,
I’ve heard about a new HIPPS software called “SafeSpace”. Have you ever heard about it? It’s free and you can access their homepage here:
http://www.artificialdynamics.com/
It would be great to compare SafeSpace with GesWall and DefenseWall to try to know what gives best protection and is lighter on computer resources, what do you think?
Thanks in advance, Victor
@John – DriveSentry could be a good substitute for GesWall.
@Rescuenerds – I’m not using this on my clients. This was just an experiment for a somewhat experienced user.
Currently I’m using Avira 9 (I inform them about the nag screen, 99% of them are fine with it) + Sandboxie free (this takes about 15 min of training).
@f – yes, you need to shutdown GesWall to perform application updates. Once the update has been applied turn GesWall back on.
@Marcos N Pesic – correct. I would only use this on a clean PC. It’s just for prevention.
@Lisa – Yup, that’s a great combo (Avira + Sandboxie)!
@ssj100 – Yeah, I did do a Sandboxie review. Sandboxie is an amazing little free application. Like I said in an earlier response, I give my clients Avira + Sandboxie.
@Victor – No, I haven’t heard of it, but thanks for the link! I’ll check it out.
HELP! I am so tired of my computer being infected. Looking for the right combo for good price for home computer. Would Spyware Dr. w/Antivirus and Geswall be a good combo or would you suggest Avira or sandboxie? Thanks, I need expert advice.
I run avira free edition antivirus + sandboxie on windowsXp. For me, this is the perfect combo.
I haven’t tried geswall, so I cant comment on it. I did try defencewall and it messed one of my drivers up in “Realplayer.”
I had to uninstall realplayer, then reinstall it. I immediately unsinstalled defencewall.
With avira free antivirus + sandboxie. I go anywhere I want on the web. Some of the nastiest places one could imagine. Nothing has infected my system yet.
seems like matt has shifted loyalties (from DW to GW) – jus kiddin :p
Hi Matt
I tried DW and I do not like it. The reason is DW prevents legitimate software from being installed. My preferred combo is Comodo Internet Security and Avira, yes two AV without any conflict. CIS has a feature where you could isolate your browser(s) or any other program, just like DW. The difference is CIS does not mess up your software installation.
Peace.
jaki
what do you mean by isolate
i currenctly still have geswall, but is there anyway to make a custom rule that goes like this
firefox itself is not restricted, but any other application lauched from ff, or downloaded is untrusted, but ff is not isolated
i know that exploits would still work, but this is kinda like if i accedently download a exe, and run it, it would give me warning popusp to do something fast
“Currently I’m using Avira 9 (I inform them about the nag screen, 99% of them are fine with it)”
You know its very easy to get rid of Aviras nag screen, dont you?
http://www.elitekiller.com/files/disable_antivir_nag.htm
I already have HIPS application – Outpost Firewall Pro 2009 + AntiVir. I use Sandboxie for browsers i p2p. Is Ges Wall the same as Sandboxie?
Sanboxie and Avira9 work great for me.
If the Avira nag screen really bothers, kill it with Clickoff.
http://www.johanneshuebner.com/en/clickoff.shtml
I’m using Sandboxie, Avira 9 and Prevx 3.
Perfect and light combination.
I recommend!
I was trying out the GES and Antivir combo.
GES would not catch
TR/Dldr.FraudLo.sxm – Trojan
located at
pc-antispyware20-10 .com
Any ideas how it could get through?
Your recommendation for a combo was spot on GES is not ready to go it alone yet.