I've been infected twice by Virut with my current windows install which then goes on to infect every other file it finds, I've beaten it both times, but I've decided to I need to run an AV again. I've also bean infected by 0 day attacks/virii, so I want something that is very capable.

My biggest concern is real time scanning, and properly handling infections.

My ISP offers F-Secure, but I can't choose what to install/uninstall with it, it loads up every module (firewall, antivirus, spam, web filter etc.) and noticeably degrades performance. On my old AMD 2700+ system, and my current E5200 system. Otherwise I like F-Secure, they help me beat Virut the first time.

I read the review/guide posted here, http://gladiator-antivirus.com/forum/index.php?showtopic=9644, and found it helpful.

With my recent Virut infection, DrWeb's CureIT helped me a great deal, but I'm wondering how well it does with real time scanning. I know many of you guys like/use it, but I would like to know how well it handles virii attempting to run on the system, since their Spider seems to be somewhat new.

Also, I saw one other thing that caught my eye as I was researching was that Panda apparently has something they call Truprevent, which detects use of exploits on the system, regardless of virus/variant, this is a very interesting idea, probably helpful to stop 0 day attacks, I was wondering if anybody had some feedback as to reliability and whether it lags your system.

If you guys could give me advice on these 3, I'd very much appreciate it.
Thanks.

hello,
the spider isnt new its always been there.
its very good at blocking infections.
the only way to find out is to trial it on your own system so go ahead and try it.

-{ Quote: "hello,
the spider isnt new its always been there.
its very good at blocking infections.
the only way to find out is to trial it on your own system so go ahead and try it." }-
Only real way to test it is to attempt to infect a system, and I don't really have any way of doing that short of installing XP inside vmware or virtual pc, which would take quite a while.

Guess I'm trying to ask, I know that DrWeb is good, I used it, is spider just as good?

The website says this:

-{ Quote: "On-access monitor SpIDer Guard™
It intercepts in a real time mode all accesses to files, detects and blocks suspicious behaviour of programs " }-

Does that mean that it does not rely solely on updates, but can also analyze behaviour and see that something is malware?

-{ Quote: "Only real way to test it is to attempt to infect a system, and I don't really have any way of doing that short of installing XP inside vmware or virtual pc, which would take quite a while.

Guess I'm trying to ask, I know that DrWeb is good, I used it, is spider just as good?

The website says this:



Does that mean that it does not rely solely on updates, but can also analyze behaviour and see that something is malware?" }-

Yes trough its heuristics

Ok, thanks.
The description says it also monitors where file locations, and I thought it might be something along the lines of threatfire, or appguard.

I hadn't really wanted to run threatfire/appguard and another AV, but maybe that is the best way to go.

Truprevent has very few user reviews on the forum, and info is conflicted as to whether or not it lags a system, but Panda on the whole seems to be too much of a resource hog.

Was hoping for something that would accomplish those tasks and maintain a low profile.

Hi,
You can install any good AV and add Threatfire Free to it to cater for zero day attacks.
Also note that none provide 100% detection rate, so exercising care is the best defense.
Regards.

I've been using Dr.Web for couple of years and haven't got any problems.

Beside the usual heuristic methods, they do have "Virus actions: x" in spider guard statistics but I've never received any information how it actually works. What must a program do to make a virus action? I've never seen a detection that moves it from 0 to 1 :)

-{ Quote: "I've been infected twice by Virut with my current windows install which then goes on to infect every other file it finds, I've beaten it both times, but I've decided to I need to run an AV again. I've also bean infected by 0 day attacks/virii, so I want something that is very capable." }-
Of the blacklist AV scanners you are interested in, just choose the one which gives you the best balance between performance and protection on your machine.

Then add a Sandbox/HIPS; Sandboxie/GesWall/DefenseWall/Threatfire/Malware Defender for a layered defense and for better protection against zero-day malware.