Special User Sections > What's the Best?

Anti-Virus Package

<< < (16/29) > >>

f0dder:
Kaspersky is neat enough, and I certainly like the pro-active/behavioral blocking stuff that can catch stuff if it's (pretty good) heuristics fail. And their use of "has this file already been scanned?" database is great (after they went from NTFS streams to centralized databases), NOD32 doesn't have that (well, it keeps it in memory, but not on disk).

I still haven't decided whether to go for KAV or NOD at the museum; NOD is a bit faster and leaner, and slightly cheaper as well. I do NOT like their default adding "this message has been scanned" to incoming and outgoing emails, though; it's a false sense of security, and spoils anti-spam engines.

Carol Haynes:
Kaspersky is neat enough, and I certainly like the pro-active/behavioral blocking stuff that can catch stuff if it's (pretty good) heuristics fail. And their use of "has this file already been scanned?" database is great
-f0dder (February 18, 2007, 04:13 PM)
--- End quote ---

Out of curiosity what happens if a file is in the database but is silently changed by a virus or other malware?

dk70:
Will be scanned again since changed. iSwift and iChecker take care of it - good support site/faq http://www.kaspersky.com/support/kav6mp2/tech?qid=193239261

Both enabled by default. Guess iSwift kicks in when limitations of iChecker is reached, "wrong" extension and size.

In reports and during scan you see a status and reason column, says iSwift for some, iChecker for others when files are skipped.

Just found out it can make a CD rescue disk using PE Builder http://www.kaspersky.com/support/kav6mp2/rescue?qid=193239066 - nice.

f0dder:
Kaspersky is neat enough, and I certainly like the pro-active/behavioral blocking stuff that can catch stuff if it's (pretty good) heuristics fail. And their use of "has this file already been scanned?" database is great
-f0dder (February 18, 2007, 04:13 PM)
--- End quote ---

Out of curiosity what happens if a file is in the database but is silently changed by a virus or other malware?
-Carol Haynes (February 18, 2007, 06:26 PM)
--- End quote ---

Basically, won't happen. A piece of malware would have to go kernel-mode and specifically attack KAV, which is more bother than it's worth it for general malware. If someone was specifically targeting you, it could be viable, but then you have much bigger problems imho :)

Darwin:
OK wading back in here - my subscription to AVG Pro is up in a month and a half and I'm reviewing my options. One of these is to dump it and add the Sophos based AV protection to Webroot SpySweeper. I'm a bit uneasy about doing so and wonder if anyone has a strong opinion (yes, I know, be careful what I ask for!) about whether I should A. stick with what I've got and renew AVG for $19.48, B. Add SpySweeper's AV module for $10 or C. go for something else?

Thanks,

Mike

Navigation

[0] Message Index

[#] Next page

[*] Previous page