The best antivirus

Discussion in 'other anti-virus software' started by kloshar, Jan 29, 2004.

Thread Status:
Not open for further replies.
  1. noname9

    noname9 Guest

    @tempnexus

    If Kaspersky & clones are too slow for you ... why not using NOD32 in connection with a dedicated memory scanner (for the detection of trojans)? You will need an additional trojan scanner because NOD32's main strength is the detection of replicating ITW malware.
     
  2. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,166
    Location:
    PA
    I'm a KAV user - how much of a concern is this cracking of KAV's signatures? Sounds like a worry.
     
  3. noname9

    noname9 Guest

    @mvdu

    You are right. There is a tool which helps to reveal a major part of KAV's signature database. Not only KAV is affected but also many KAV clones like F-Secure. If you know the signature it is quite easy to create modified trojans, worms etc which cannot be detected anymore (by KAV & clones).

    Therefore, you should not use KAV as your only scanner. It makes a lot of sense to use an additional trojan (memory) scanner. You may even consider to use a third on-demand (file) scanner. For example, you can easily extract a fully-functional McAfee scanner (command line version) from a each McAfee superdat file. There is a topic @ Rokop Security called "McAfee Light" that explains how to prepare the McAfee command line scanner so that it can be used in a comfortable manner. Moreover, it seems that this McAfee version comes for free ...
     
  4. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,166
    Location:
    PA
    Fortunately, I use BOClean for a resident AT and TrojanHunter and BitDefender for on-demand scanners. I guess there is no need to change from KAV, then?
     
  5. noname9

    noname9 Guest

    @mvdu

    Since most, if not all, scanners (including BOClean, Trojan Hunter & BitDefender) have blatant weaknesses it is exactly the right strategy to use as many different scanners as possible. This will make it more difficult for an attacker to make well-known malware undetected.
     
  6. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,166
    Location:
    PA
    Thanks for the response again - is BitDefender a good backup AV to use, or can I do better? I prefer that my backup be free.
     
  7. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,934
    Location:
    SW. Oklahoma
    Bitdefender free makes a pretty good backup. It seems to update almost every day.
     
  8. demoman

    demoman Guest

    LOL i know that f-secure working with KAV but i saw many times virus detected by f-secure and mised by KAV.

    Also on www.virus.gr there are f-secure better than KAV for 1.2% and it is 508 viruses more than KAV of 50795 tested.

    Also f-secure is old company which used f-prot engine too but always was better than f-prot.
     
  9. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    And how many out of these 508 viruses are really ITW viruses or at least how many of these are running under a modern Windows operating system? I guess the majority if not all of these 508 viruses is just really old crappy DOS viruses.

    I personally think those small number of zoo-malware that F-Secure detects more doesn't really matter in real life.

    wizard
     
  10. kloshar

    kloshar Registered Member

    Joined:
    Oct 12, 2003
    Posts:
    279
    Location:
    Europe, Slovenia, Bre?ice
    Why can't F-secure delete zip file? It says that infected virus is in archive, so can't be deleted.
     
  11. steve1955

    steve1955 Guest

    nonames post about KAV being cracked is the 1st I have heard/read of it anywhere,it just shows how easy it is to start a rumour about a product that you perhaps dont like and then let other peoples paranoia take over
     
  12. noname9

    noname9 Guest

    Steve,

    the tool is called SennaSpy's "AVP Offset" and it has been released a long time ago.

    My post has nothing to do with paranoia and I have nothing against KAV.

    It does not make sense that most hackers know about AVP Offset while many customers (like you) are completely innocent.

    In summary, you need more than one scanner (even if you use KAV).
     
  13. foxsteve

    foxsteve Registered Member

    Joined:
    Sep 9, 2003
    Posts:
    1
    Location:
    California, USA
    I use F-Secure + Hack Tracer on W2k Server machine a few years. F-Secure is updated automatically, Hack Tracer not. This machine is connected to internet through ZAP firewall and protected by Uninstall Manager and other utilities. This machine has not being infected by the viruses, but catches spyware with cookies.
    The second machine Win XP Pro is protected by router, KAV and Uninstall Manager. ZAP is installed, but disabled - it is not necessity to use. This PC catches spyware with cookies only.
    The third machine Win XP Pro is used for VPN and is protected by KAV and ZAP. It catches spyware with cookies, but one time it has caught Walsh.
    Linux Red Hat and Mandrake machines protected the router only, but do not bother me - they are protected enough.
     
  14. VikingStorm

    VikingStorm Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    387
    So your saying after 2-3 years this supposed flaw hasn't been fixed?
     
  15. steve1955

    steve1955 Guest

    I suggest you have a look here:-
    http://forums.useice.com/cgi-bin/ikonboard.cgi?s=401fd4a2350effff;act=ST;f=1;t=291
     
  16. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,233
    Why don't you tell us, Mr. Smiley Face?
     
  17. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,233
    Will KAV detect Armadillo-wrapped malware if the KAV real-time monitor has memory scanning enabled?

    Will any other AV utility detect Armadillo-wrapped malware?
    (And if so, which one(s))?

    Do you know of any cases where Armadillo was actually used by some malware, or is this just a theoretical possibility?
     
  18. ntl

    ntl Guest

    McAfee does. But only to the extent it uses weak signatures taken from the resource section.

    BOClean does. But I need to perform additional tests in order to make sure that BOClean does not use any tricks ;-)

    KAV 4.5 monitor (mem scanning enabled) will not detect Armadillo 2.85-3.60 protected malware.

    A cracked version of Armadillo was made available for download in a trojan board. That's why I assume that someone will use it ...
     
  19. kress haynes

    kress haynes Guest

    http://www.livepublishing.co.uk/pcutilities/pcu43.shtml
    Is where i read this at. ( i bought the magizine)

    In a head to head test of 48 anti-virus and trogen cleaner products

    only f-secure was effective enough for me to consider useful 58,000

    trogens, known (& unknown) virus's were run on 48 anti-virus and

    trogen cleaner products. i dont remember what all the results were,

    but f-secure caught 99.68% and was the best. i do remember norton

    was in 7th place with a bit better than 92% effectivness. McAfee

    placed 4th with 96.??%. it was a very thourough and convincing test

    bed and a serious eye opener for me as i had been recommending

    norton to my customers ( i have a computer repair business ) .

    #1 was F-secure
    #2 was (forgot) i think kaspersky
    #3 was called Panda somthing
    #4 mcaffy
    #5 forgot
    #6 forgot
    #7 norton
    #s 8-48 who cares.

    hope this helps !

    again the link to purchase the info i read is at,
    http://www.livepublishing.co.uk/pcutilities/pcu43.shtml
     
  20. kloshar

    kloshar Registered Member

    Joined:
    Oct 12, 2003
    Posts:
    279
    Location:
    Europe, Slovenia, Bre?ice
  21. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,233
    Both of the above two posts mention anti-virus application testing. Tests like that are a very hotly-debated issue. The main point made by detractors is that the samples included are very often non-ITW malware.
     
  22. kloshar

    kloshar Registered Member

    Joined:
    Oct 12, 2003
    Posts:
    279
    Location:
    Europe, Slovenia, Bre?ice
    I think one of the best av softwares is Panda Titanium. It can delete lot of files.
     
  23. kloshar

    kloshar Registered Member

    Joined:
    Oct 12, 2003
    Posts:
    279
    Location:
    Europe, Slovenia, Bre?ice
    And which antivirus cost the least?
     
  24. liang_mike

    liang_mike Registered Member

    Joined:
    Mar 12, 2004
    Posts:
    91
    Location:
    Canada
    I also think F-Secure is the best. Panda is pretty good, too.
     
  25. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,475
    Location:
    The Netherlands
    Define "costs" ;)

    regards.

    paul
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.