Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Does AVG Free 8.5 offer rootkit detection?


  • Please log in to reply
6 replies to this topic

#1 black069

black069

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tabor City, NC
  • Local time:05:25 PM

Posted 18 June 2009 - 07:38 AM

Hi. I am trying to maximize/optimize my security (and functioning) on my laptop (Dell Dimension M6300 running Windows Pro XP SP3). I have wireless internet connection (used primarily in my house) using an Intel PRO/Wireless 3945ABG Network Connection adaptor via router to cable high speed internet.

I am currently using the following security/updating/patching methods:
1. AVG Free 8.5
2. SuperAntiSpyware (Free Edition)
3. Malwarebytes' Anti-Malware (Free Edition)
4. Spyware Blaster
5. Windows Firewall
6. CCleaner
7. FileHippo Update Checker
8. Microsoft/Windows Update & Automatic Update
9. Microsoft Baseline Security Analyzer
10. Windows Disk Defragmenter
11. Sysinternals PageDefrag
12. Sysinternals AutoRuns
13. Sysinternals ProcessExplorer
14. HiJackThis
15. Chkdsk (checking "Scan for and attempt recovery of bad sectors")
16. Disk Cleanup
17. Host File using Windows XP MVP List
18. Glary Utilities
19. CWShredder
20. ERUNT & NTREGOPT
21. Online scans using the following: Kaspersky A/V, WindowsLive OneCare, Panda ActiveScan, TrendMicro HouseCall

So I have a couple of questions about this (overkill). I feel like I am spending more time running security scans, checking for updates, etc., etc., than the time I spend doing all other things combined on the computer, which is not a good thing. I am not knowledgeable enough to know which of these things are complete overlap, or a complete waste of time, or how frequently to run each of these utilities. But I've had a myriad of bugs in the past before I started using the above collection, and that was no fun either. I would appreciate anyone's advice as to what would be an effective, while also efficient, protocol to keep a system secure.

Secondly, does anyone see any holes? For example, does Windows Firewall offer enough protection? I tried the trial version of AVG Internet Security, which came with a two-way firewall, but I didn't have enough sense to configure it, so I ended up removing it from my system after only about a week.

And, as my topic title indicates, I have been researching AVG Free to some extent and have some concerns. Some reputable forums state that it offers zero rootkit protection, while others state that it is the best of all the free antivirus software programs. Even on AVG's website, there is a comparison of the various products, and there is a checkmark to indicate that AVG Free v8.5 does indeed offer rootkit detection. Because I am a bit skeptical, I was considering changing to avast for my primary antivirus/resident protection since everyone agrees that it does offer rootkit detection. However, since so many experts seem to think that AVG is superior, I decided instead to find a free, easy-to-use rootkit detector. Ths led me to Panda's anti-rootkit detector called "PAVARK.exe". But I would like to know others' opinions on whether this affords me adequate rootkit protection. And can anyone who knows such sorts of things clarify whether AVG Free (v8.5--the most recent version) does or does not offer rootkit detection?

Sorry for the long message. But I feel like I am slowly developing OCD-like symptoms with respect to computer security, and the first step is to admit that I have a problem, right? (That's a joke. Well, kind of.)

Thanks a plenty,

Scott



BC AdBot (Login to Remove)

 


m

#2 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,693 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:25 PM

Posted 18 June 2009 - 11:17 PM

Hello,

I'm shifting this to the Antivirus and Security programs forum. ~ OB
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#3 black069

black069
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tabor City, NC
  • Local time:05:25 PM

Posted 21 June 2009 - 06:02 AM

Orange Blossom,

Can you please tell me where you moved my topic to? I cannot find a forum entitled the one you mentioned (and, further, it is almost identical to the title of this forum...AntiVirus, Firewall and Privacy Products and Protection Methods, no?) Needless to say, I cannot find my topic anywhere by any method.

Topic Title: Does AVG Free 8.5 offer rootkit detection?, and help to make my security more efficient

Thanks,

black069



#4 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,693 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:04:25 PM

Posted 21 June 2009 - 07:47 AM

You found your topic just fine and have posted to it. I simply truncated the name of the forum in my response. :thumbsup: Your topic was moved FROM the Web-Browsing forum.

~ OB
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,558 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:25 PM

Posted 24 June 2009 - 10:16 AM

AVG Free Features & Comparison with AVG Pro, AVG Internet Security

AVG Free does not contain Anti-Rootkit protection so rootkits may be hidden in your system. For protection against rootkits, please download AVG Internet Security

Protection against sophisticated threats (rootkits)

But avast! Home Edition Anti-virus does. And so does MBAM and SAS.

Windows XP firewall protects against port scanning but has limitations and it is no replacement for a robust 3rd-party two-way personal firewall.
  • The XP firewall is not a full featured firewall. Normal firewalls allow you to specifically control each TCP and UDP port but XPís firewall does not provide you with this capability. Instead, it takes a point and click approach to enabling or disabling a few common ports.
  • The XP firewall does a good job of monitoring, examining and blocking inbound traffic but makes no attempt to filter or block outbound traffic like most 3rd-party personal firewalls.
  • Thus, the XP firewall does not identify which programs attempt to initiate outbound network or Internet communications nor does it block the traffic when suspicious activity occurs.
    • This feature can be helpful in preventing many types of malware attacks that may attempt to open ports or communicate with outside servers without the user's knowledge or consent. It also means that if your system has been compromised, a hacker could use your machine as part of a distributed denial of service attack.
  • By default, Windows Firewall rejects all incoming traffic unless that traffic is in response to a previous outgoing request. If you're running Windows XP Service Pack 2 (SP2), Windows Firewall is turned on by default. If your Firewall is not turned on by default, then your using an unpatched OS and need to update your system to SP2.
Windows Vista Firewall offers two-way filtering for better security but its the bare minimum and still limited. By default, most outbound filtering is turned off (outbound connections are allowed) and inbound filtering is turned on (inbound connections are blocked). Configuration is confusing and there is no practical way to to configure outbound filtering to stop all unwanted outbound connections. You can only turn inbound filtering on or off, and through the various tabs, configure how inbound filtering works. For an independent review, read Vista Firewall Fails on Outbound Security.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 black069

black069
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Tabor City, NC
  • Local time:05:25 PM

Posted 26 June 2009 - 10:28 PM

Thanks, quietman7, for your response.

So AVG does not provide anti-rootkit detection. But you say that SAS & MBAM do. Do you think that those 2 programs, along with Panda's free anti-rootkit detector (the executable is called "PAVARK.exe) are sufficient for rootkit protection?

Also, regarding the firewall, I have Windows XP and I do have SP2 (SP3 actually) so Windows Firewall is active. I understand what you are saying about it only providing one-way protection, but the system I am referring to is a laptop, which 99.9% is connected to the net via a wireless router. I have heard that wireless routers themselves are like firewalls. So would having Windows Firewall enabled plus the security afforded by the router provide sufficient "firewall" protection? Or should I replace Windows Firewall with a third-party firewall that offers two-way protection.

By the way, I have tried the 30-day trial of AVG Internet Security a couple months ago, but I did not like AT ALL and ended up getting rid of it before the trial period ended. If it had been AVG plus a firewall, perhaps that would have been okay. But there were like 3-4 new programs in that package, which I found overwhelming; I couldn't configure properly despite reading the instructions. Plus, it was just too restrictive; it would not allow me to watch the season finale of LOST on ABC's website no matter what I tried.

Any further advice by you or anyone else would be greatly appreciated.

Thanks,

Scott



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,558 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:25 PM

Posted 27 June 2009 - 06:29 AM

...you say that SAS & MBAM do. Do you think that those 2 programs, along with Panda's free anti-rootkit
detector (the executable is called "PAVARK.exe) are sufficient for rootkit protection?

For general protection they are good but its never going to be complete. Just like with any other malware, rootkit variants will change and can go undetected until the vendor updates its definition database. Keep in mind that detection is not the same as prevention.

No single product is 100% foolproof and can detect and remove all threats at any given time. The security community is in a constant state of change as new infections appear. Each vendor has its own definition of what constitutes malware and scanning your computer using different criteria will yield different results. The fact that each program has its own definition files means that some malware may be picked up by one that could be missed by another. Thus, a multi-layered defense using several anti-spyware products (including an effective firewall) to supplement your anti-virus combined with common sense and safe surfing habits provides the most complete protection.


Since you are new to using a firewall you may want to read "Understanding and Using Firewalls".

Using two software firewalls on a single computer could cause issues with connectivity to the Internet or other unexpected behavior. Further, running multiple software firewalls can cause conflicts that are hard to identify and troubleshoot. Only one of the firewalls can receive the packets over the network and process them. Sometimes you may even have a conflict that causes neither firewall to protect your connection. However, you can use a hardware firewall (a router) and a software firewall (Kerio or ZoneAlarm) in conjunction.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users