#updated on 10.9.2012#
Would you like to laugh in the face of any malware and do it for free? If so, then have I got the power combo for you! This combo uses traditional signature based antivirus and a HIPS (host based intrusion prevention system). With this combo you can achieve maximum protection without suffering a major performance penalty.
Here’s the 2 applications you’ll need and where to get them. Also, below you’ll find an easy to understand explanation on how this combo works.
Free Signature Based Antivirus with Heuristics – Avira AntiVir Free
Free HIPS – GesWall Free
Here’s basically how these 2 applications protect you from all forms of malware.
The backbone of this combo is GesWall. GesWall isolates applications that are used as gateways to the internet or external media, such as:
- Web Browsers.
- CD’s (requires you to make an additional rule, see example)
- USB Devices. (requires you to make an additional rule, see example)
- Memory Cards. (requires you to make an additional rule, see example)
- Basically anything that can connect to the internet.
When an application is isolated via GesWall it prevents the following:
- No access to kernel – prevents kernel mode rootkits and key loggers
- Read only access to trusted files, registry, processes etc. – prevents user mode rootkits, keyloggers, malware infections.
- No local communications to trusted processes, e.g. windows messages, RPC, COM, WMI – prevents shatter attacks, user mode rootkits, keyloggers and malware infections.
- No scheduled re-start – prevents backdoors, zombie bots and worms.
- No access to confidential files – prevents leaks of confidential information.
Isolation basically means that ANYTHING from the a fore mentioned items cannot make changes to your PC . Here’s step by step example of how this works:
- GesWall Free is installed on your PC.
- You open firefox (or whatever browser you use).
- GesWall will ask you if you wan to isolate FireFox.
- You say YES.
- You visit myspace.com and look at a few pages for a few hours…
- You click a link that redirects you to a domain hosting AV 2009 Rogue AntiVirus.
- You accidentally (try to) install AV 2009.
- GesWall prevents AV 2009 from modifying ANYTHING on your system.
- AV 2009’s fake UI might be running in RAM.
- You open GesWall, Click on Isolated Applications and then Terminate the AV 2009 application.
That is just one example of how GesWall can protect your PC.
For our second line of defense we’ll be using Avira AntiVir 9 just in case your GesWall is not working (like you disabled it and forgot to turn it back on) or you make a download trusted and it’s actually infected. Avira Antivir 9 provides some great protection such as:
- Heuristics and Daily signature updates.
I’ve used this combo on over 200 malicious downloads and URL’s and it’s 100% effective so far (221 and counting).
If this article has help you or your family please ReTweet it.