Non-bloatware virus detection?
June 12, 2005 6:37 PM   Subscribe

Hasn't anyone written a tiny-footprint antivirus program that monitors changes being made to certain registry and Windows system directories? I sure need one.

I'm really loathe to put a resource hog antivirus package on my system (not to mention paying out the nose to some faceless megacorp).

What I really need is a tiny app that can simply monitor unauthorized files going into red-flag locations, such as //system32 and registry /Microsoft/Windows/Run, as well as new folders being written, and maybe halt the process until I'm asked for input. Kind of like a firewall for my OS and hard drive. And like a minimal anti-virus suite.

Certainly this will trigger when I install some legitimate software packages, but that's no big deal... it doesn't negate my need to monitor what's getting loaded onto the computer.

Please no AdAware recommendations -- it's a good program and I do use it, but it's not what I'm asking for. It's more of an after-the-fact program and doesn't always find newer malware, even when I see the obvious damage in /winnt/system32 or suspicious new junk installed in /Program Files.
posted by shannymara to Computers & Internet (12 answers total)
 
I've never tried Geek Superhero (or its non comic book twin Desktop Armor) but look at the features. It may have some of what you're looking for. It's from the make of GetRight, which I always liked as a download manager.
posted by ALongDecember at 6:55 PM on June 12, 2005


Do you really have a big virus problem? I occasionally use housecall, which is pretty small footprint I think, but I never have viruses. My gf plays online games, and she seems to get a lot of spyware...
posted by Chuckles at 7:21 PM on June 12, 2005


We don't use it, but everyone I know that does swears by NOD32. Its a full fledged virus scanner, and supposedly uses less than half the system resources of NAV bloatware.

Additionally, the company as a whole seems to get good marks from the AV industry watchdogs. I don't think its free, but it looks inexpensive.
posted by PissOnYourParade at 7:50 PM on June 12, 2005


NAV and McAfee both have saved my butt more than once, professionally, but they have fallen victim to bloat and creeping featuritus. For personal use I much prefer AVG, Avast, F-PROT, etc.

The idea of an ultrasimple anti-virus program is attractive, but probably impractical; one reason they're complex is that they need multiple layers of defense against malware, which could bypass them, knock them out of action, or most disturbingly, hijack them.
posted by dhartung at 8:46 PM on June 12, 2005


I'll second AVG. It may not be quite what you're looking for, but it's definitely orders of magnitude better than Norton. At least try it, it's free (at least, it has a free version, which is perfectly fine).
posted by dagnyscott at 9:17 PM on June 12, 2005


Give these 2 utilities a look: Filemon (76K, scroll to the bottom of the page to download) monitors all files accessed, which may come close to doing what you want once you configure some filters. Regmon (72K) does an excellent job of monitoring registry access. Both are doing some heavy duty monitoring which, depending on your setup, may or may not noticeably affect your system; but it'll be hard to find anything less bloated. I've found Sysinternals to produce top quality and solid apps.
posted by oldmanyoung at 11:36 PM on June 12, 2005


Startup Monitor might be an option as well.
posted by squeak at 1:55 AM on June 13, 2005


Third AVG 7.0 Free. Also you might want to check out System Safety Monitor (Coralized link to downloadable here, home page here).
posted by flabdablet at 4:50 AM on June 13, 2005


I'd suggest taking a look at TDS-3 and Process Guard. TDS is a hardcore anti-trojan program with a variety of features some of which include scanning your system files for changes...it runs very light on resources.

Process Guard is another option, tho somewhat dangerous. It basically locks files down to read-only status making it so other apps can't change them...this can interfere with some programs working, so caveat emptor.
posted by gren at 5:18 AM on June 13, 2005


I like NOD32 as a lightweight antivirus program. It's not the lightest out there but it's much lighter than Norton and McAffee, and much faster. It also gets very good scores for detection of new threats.
posted by Songdog at 5:27 AM on June 13, 2005


I'm testing Etrust EZ Antivirus right now and it's pretty good about being background, low usage. It's free for the first year, which seems like a heck of a trial run. CA are MS partners, and MS developers are who steered me towards the product.
posted by dejah420 at 10:38 AM on June 13, 2005


Spybot has an option where you can monitor any changes to the registry and choose to allow them or deny them. It is more in the vein of Adaware obviously, but if none of the other suggestions work, then at least this gives you part of what you are looking for, and for free.
posted by urban greeting at 3:21 PM on June 13, 2005


« Older long-life Ink-jet T-Shirt transfers?   |   Prank or not? Newer »
This thread is closed to new comments.