Hi noorismail,
Yes you are correct, as I have been saying on the other thread, but you put it more eloquently.
Because of the added modules in both Premium and APSS your overall protection is is different / wider but the Engine > Spyware/Adware >Rootkit modules are the same for the free and subscription home products.
An example it would be WebGuard in Premium or APSS, that might pick up a possible bad http Iframe, but in the Avira free version it will be the Guard the detects this.
Regards
Barrie
Mele: very frequently the binary versions of Malware/Spyware/Adware are changing, but the websites distributing them remain the same. So, webguard checking for access to these websites does actually provide a fair level of additional protection from new Adware/Spyware/Malware from the active surfers point of view.
Take the W32/Virut Virus Family as an example. It has been distributed only by a handful of websites (less than 10) during its entire lifetime. However there have been hundreds of binary, hand-adapted variants of this polymorphic critter done specifically to evade existing generic detections, and adding such malware is often a bit more time consuming (we're talking hours to days). For the surfing end-user, simply blocking these URLs provides effective protection against initial infection during the time we need to implement an adapted detection. And yes, I know you use the "original HIPS" as you refer to Process Guard and Proxomitron. But you are hardly an average user
Hope this helps to explain why this is actually a pretty powerful feature for most people. Hi noorismail,
你是对的,我一直在其他形式说明,但你说的更有表现力。
因为增加的模块在专业版和APSS(服务器版,我猜)对你的整体保护是不同的/更广泛的,但是
引擎》反间谍》rootkit 模块对免费和付费的家用产品是相同的。
举个例在P版和pass中WEbguard可能会收集可能的有威胁的网址的iFrame,但在F版中将会是监
控检测到这。
Regards
Barrie
Mele: 恶意软件/间谍软件/广告软件 的二进制代码频繁变化,但是传播他们的网址却保持一样。
所以,wenguard上网者的角度检测这些网址并提供一个公平的广告插件/间谍软件/恶意软件级别
保护。
拿W32/Virut 病毒族为例。它们在整个一生中只被分发到扫数少数网站(少于10).However
there have been hundreds of binary, hand-adapted variants of this polymorphic critter
done specifically to evade existing generic detections, and adding such malware is often
a bit more time consuming (we're talking hours to days).『太专业了..大概是有很多变种并且
添加这类变种很费时间 - -!』对于用户终端,仅仅阻止这些网址提供了一个有效的保护来解决在
我们实行一个适合检测前的初次感染。当然,我知道你用“手动HIPS(?)”,就是你指的进程保护和Proxomitron(规则防护?)。但你不是个普通用户。
[ 本帖最后由 asinasina 于 2009-3-31 21:53 编辑 ] |
楼主: ilovemarx
发表于 2009-3-31 21:14:31
