Author Topic: Anti-Virus Package (Read 156326 times)

f0dder · « **Reply #75 on:** February 18, 2007, 04:13 PM »

Kaspersky is neat enough, and I certainly like the pro-active/behavioral blocking stuff that can catch stuff if it's (pretty good) heuristics fail. And their use of "has this file already been scanned?" database is great (after they went from NTFS streams to centralized databases), NOD32 doesn't have that (well, it keeps it in memory, but not on disk).

I still haven't decided whether to go for KAV or NOD at the museum; NOD is a bit faster and leaner, and slightly cheaper as well. I do NOT like their default adding "this message has been scanned" to incoming and outgoing emails, though; it's a false sense of security, and spoils anti-spam engines.

Carol Haynes · « **Reply #76 on:** February 18, 2007, 06:26 PM »

Kaspersky is neat enough, and I certainly like the pro-active/behavioral blocking stuff that can catch stuff if it's (pretty good) heuristics fail. And their use of "has this file already been scanned?" database is great
-f0dder (February 18, 2007, 04:13 PM)

Out of curiosity what happens if a file is in the database but is silently changed by a virus or other malware?

dk70 · « **Reply #77 on:** February 18, 2007, 07:54 PM »

Will be scanned again since changed. iSwift and iChecker take care of it - good support site/faq http://www.kaspersky...2/tech?qid=193239261

Both enabled by default. Guess iSwift kicks in when limitations of iChecker is reached, "wrong" extension and size.

In reports and during scan you see a status and reason column, says iSwift for some, iChecker for others when files are skipped.

Just found out it can make a CD rescue disk using PE Builder http://www.kaspersky...rescue?qid=193239066 - nice.

f0dder · « **Reply #78 on:** February 19, 2007, 01:50 AM »

Kaspersky is neat enough, and I certainly like the pro-active/behavioral blocking stuff that can catch stuff if it's (pretty good) heuristics fail. And their use of "has this file already been scanned?" database is great
-f0dder (February 18, 2007, 04:13 PM)

Out of curiosity what happens if a file is in the database but is silently changed by a virus or other malware?
-Carol Haynes (February 18, 2007, 06:26 PM)

Basically, won't happen. A piece of malware would have to go kernel-mode and specifically attack KAV, which is more bother than it's worth it for general malware. If someone was specifically targeting you, it could be viable, but then you have much bigger problems imho

Darwin · « **Reply #79 on:** May 30, 2007, 09:50 PM »

OK wading back in here - my subscription to AVG Pro is up in a month and a half and I'm reviewing my options. One of these is to dump it and add the Sophos based AV protection to Webroot SpySweeper. I'm a bit uneasy about doing so and wonder if anyone has a strong opinion (yes, I know, be careful what I ask for!) about whether I should A. stick with what I've got and renew AVG for $19.48, B. Add SpySweeper's AV module for $10 or C. go for something else?

Thanks,

Mike

Grorgy · « **Reply #80 on:** May 30, 2007, 11:43 PM »

I use the Kaspersky unternet suite, mainly because its got a good a/v and I wanted all the rest of it lumped together, i'd tried to cobble a free/cheap solution together, but it was more trouble than it was worth (for me). But the main reason for the post is that its worthwhile hunting around their sites for specials, I got a 2 for 1 licence from kaspersky that made it more or less affordable

(and of course i wanted to get 100 posts

useless and inconsequential as they may be

)

Darwin · « **Reply #81 on:** May 31, 2007, 12:23 AM »

(and of course i wanted to get 100 posts useless and inconsequential as they may be )

Congratulations, Grorgy, on your 100th post! I'd hardly call your contributions here useless and inconsequential!

Darwin · « **Reply #82 on:** May 31, 2007, 12:31 AM »

Here you go, Grorgy - it's been immortalized!

iphigenie · « **Reply #83 on:** June 02, 2007, 10:36 AM »

after trying a few around, including some security favorites such as eset nod32 avira antivir and kasperski, I ended up going back to Bitdefender.

* it has really good detection rates, up there with eset avira and kasperski in tests
* the interface is not too bad
* it does use low cpu for scanning etc.
* my small annoyances with its update process only happen on one pc

The fact that I could buy the pro version for 2 computers for 2 years for £25 (http://www.bitdefend...ller.co.uk/index.htm) also made it the cheapest antivirus from all the ones with top detection rates.

Although reading around even products like panda which used to have averag detection rates have greatly improved, and norton stopped being a resource hog, so you can't do too wrong with any mainstream products nowadays

Lusher · « **Reply #84 on:** September 09, 2007, 02:27 AM »

In my view Panda is *greatly* underestimated. It should be up there with BitDefender, KAV and NOD32, Avaria etc.

A piece of crap that no-one should use is Comodo AV. There's way too much hype about it, it's buggy even for a beta and has low detection rates and they try to cover it with "HIPS". But It's "HIPS" is basically only a glorified white list of processes.

People get carried away with thinking Comodo is god, their firewall is decent yes (and even then only in the silly leak tests), but making a good AV is degrees of magintitude harder.

CWuestefeld · « **Reply #85 on:** September 10, 2007, 12:31 PM »

In my view Panda is *greatly* underestimated.
-Lusher (September 09, 2007, 02:27 AM)

I'm working on a mini-review on Kaspersky, since I just switched to it after an infection bad enough that I had to pave over my whole system. I had been using Panda, but the virus managed to deactivate it. So I no longer have any confidence in that package.

superboyac · « **Reply #86 on:** September 10, 2007, 01:20 PM »

Ooo...Kaspersky mini-review! I'll be looking forward to that!

I use it right now (Kaspersky Internet Security 7.0). I like it.

iphigenie · « **Reply #87 on:** September 11, 2007, 10:10 AM »

I'm still using bitdefender - some of the problems I had have disappeared with the launch of the new version, and the track record in tests is pretty good - all the better ones cost a lot more for very similar results on average. That is based on other people's tests, though.

f0dder · « **Reply #88 on:** September 11, 2007, 05:22 PM »

Hm, I'm staying far away from BitDefender, it has caused nothing but grief on machines with HyperThreading (I assume it's the same for dualcore or SMP boxes) - various program crashes as well as BSODs. Might have improved in more recent versions, but well...

Darwin · « **Reply #89 on:** September 11, 2007, 05:30 PM »

So far, knock on wood (Darwin raps his own head and enjoys the dull echo the action produces. Ooohhh...), I've had good luck with SpySweeper with Antivirus. I realise that others have had terrible problems with it but it's brilliant on my notebook (SpySweeper standalone really cripples my wife's notebook though, and it's got faster RAM, a bigger harddrive, dedicated graphics and a much faster processor - weird - I wonder if there is a conflict with AVG Pro, which she is running as her antivirus?). Sophos *seems* to be well respected in the AV sphere, so I assume that I am in good hands.

iphigenie · « **Reply #90 on:** September 12, 2007, 03:54 AM »

I have dual core machines with bitdefender and never had any problems on these.

I had some annoyances on my ATI-graphic'ed machine with bitdefender, and i tried a few other programs, but ended up back on bd after seeing it was always doing very well in security tests and I would have either to pay 3 to 4 times as much or settle with a program with a much lower track record in malware detection.

Havent had a problem since I went back to BD - so either the new ATI drivers or some changes in BD have fixed the issues I experienced.

f0dder · « **Reply #91 on:** September 12, 2007, 04:59 AM »

Hm, perhaps you're lucky, perhaps I'm unlucky, or perhaps BD has improved... but I much prefer Kaspersky anyway, been running without any problems

iphigenie · « **Reply #92 on:** September 12, 2007, 09:09 AM »

I bought kaspersky a few years back and it polluted my NTFS drives forever. I know this was a temporary thing which is nowadays optional, but it kind of annoyed me! Especially as at no point did it ask whether i wanted to use this feature or what the consequences would be on utilities like defrag / disk checking tools...

I wanted to try it last winter when i was trying other tools but I noticed the price and decided, not to bother. I wouldn't pay that much for a tool like this since there are very good ones which cost a lot less.

There is a list of top performers from a detection perspective, and it almost always includes kaspersky, eset NOD and bitdefender. Then there are another ten or so tools which are all pretty good but not quite as systematically tops, have better/worse years etc.

They all are in slightly different places on the combination of price / speed / helpful interface / detection rates (that usually depends on type too, virus / spyware / trojan malware / browser protection etc.)

You can't go wrong, but the best thing is to buy one where you feel you understand the configuration options and messages.

CWuestefeld · « **Reply #93 on:** September 12, 2007, 09:28 AM »

Ooo...Kaspersky mini-review! I'll be looking forward to that!
-superboyac (September 10, 2007, 01:20 PM)

And, as promised, here it is: https://www.donation...dex.php?topic=9965.0

iphigenie · « **Reply #94 on:** September 12, 2007, 10:09 AM »

wow, nicely done! I was wondering how a minireview of a virusscanner would work, since we're not really equipped to test the virus side of things. This is a very nice explanation of the software and how you use it and all

f0dder · « **Reply #95 on:** September 13, 2007, 04:55 AM »

I bought kaspersky a few years back and it polluted my NTFS drives forever. I know this was a temporary thing which is nowadays optional, but it kind of annoyed me! Especially as at no point did it ask whether i wanted to use this feature or what the consequences would be on utilities like defrag / disk checking tools...
-iphigenie

It asks at install time whether you want "use the iStreams^TM technology", and it also explains what it is. And at uninstall time it asks whether to remove that data... at least for 5.0.712 anyway.

I'll have to say that using streams wasn't the best way of doing things, and Kaspersky appearantly realized this as well, at least they moved to centralized databases in more recent versions.

boxstar · « **Reply #96 on:** September 14, 2007, 10:16 AM »

For me AVIRA is by far the best anti-virus tool!

Lusher · « **Reply #97 on:** October 16, 2007, 11:25 PM »

In my view Panda is *greatly* underestimated.
-Lusher (September 09, 2007, 02:27 AM)
I'm working on a mini-review on Kaspersky, since I just switched to it after an infection bad enough that I had to pave over my whole system. I had been using Panda, but the virus managed to deactivate it. So I no longer have any confidence in that package.
-CWuestefeld (September 10, 2007, 12:31 PM)

Well it's even easier to deactivitate Kaspersky by simply changing the system time as done by many malware...

The vendors are aware of the problem, but refuse to fix it, if you think hard enough, you will realise why.

The point here is, every antivirus can be beaten... I know of people who keep switching antivirus brands because no matter what they use, they are still infected. lol.

Lusher · « **Reply #98 on:** October 16, 2007, 11:31 PM »

Kasparsky used to be very good, it still is, but it's become too high profile for my taste. Too many people gunning for it.

I wouldn't use it.

superboyac · « **Reply #99 on:** October 17, 2007, 05:09 PM »

Kasparsky used to be very good, it still is, but it's become too high profile for my taste. Too many people gunning for it.
I wouldn't use it.
-Lusher (October 16, 2007, 11:31 PM)

I didn't understand the last couple of posts. Why wouldn't Kaspersky fix a flaw if it posed a security risk?