VBA32 or KAV

I'm having a hard time deciding which to choose here. On one hand you have VBA32 which is rapidly adding sigs and has strong hueristics (a la Dr Web) and on the other you have KAV (6), and there has been enough said about that. For some reason I'm drawn to VBA32. I have valid licences for both. I decided to ditch nod because of their behavior with v3 and now I have a decision to make.

HELP!!!

 

Which one runs the lightest on your system? Which one makes you feel the most secure?

You can run in realtime and the other demand quite easily.

 

Seing the recent movie when KAV scans your harddrive, anything is better.
I can't believe they actually made that a part of their software...
Scan a file, its clean NOW, ignore it LATER when we scan again. Sad

You won't be getting 99% protection, not by a long shot.

 

Brian, what do you mean?

 

Kaspersky's detection rates are in the 99%, so the iShift and iChecker technoligy is quite safe with their level of detection. And besides I'm sure the experts have thoughts of ways to prevent such things from happening... (like the pro-active modules who are always active...)

 

Im not sure

But I'm talking about the 'ignore file if it's already been scanned' feature in KAV.
What if that file is infected? What if it's already in the system making crazy stuff? It get's ignored by Kav because "I scanned this the other day, it's clean man!".
It's crap, and that's my point of view, they make their costumers feel safe with super speed, when infact they could already be infected with a worm or whatever, which ofcouse KAV will ignore because it already scanned those files....

 

I'm not so sure about your statement Brian N. If malware is active it always shows come kind of activity (sending e-mails, hijacking services, infecting files, showing popups ect. ect.).

 

I agree with you.

 

Then how do you explaing 40 sec scan time of 40000+ files? It can't be done, no way

 

I have valid licenses for both also and use one on my notebook (VBA) and KAV6 on my Desktop, both offer great protection IMO. I have not been infected while running either, unless I did so myself on accident or purpose.

It is funny you bring this up, because I ran a scan with both lastnight against a small 4974 sample set, cure then delete if not possible the results should be interesting, (I can tell you VBA32 is good at curing macros), so I will PM you a link for the infomation when I get home, as I don't like to publish things like that if they are not done by pro's. Remember no test is perfect, and this one by no means will be any different.

LK

 

Let me try to explain you. iSwift and iChecker technology skip already scanned files that's true. If the file changed it gets scanned again.

What I mean is when you get infected the malware must be "loaded" in some way. So it'll get detected, also when detection signatures get added later. Besides the new pro-active modules ain't there for nothing either

 

So everyone that has an issue with KAVs use of Iswift, are you saying that you wouold recommend VBA32 because of that? I guess I'm just a little confused.

 

Still, it didn't scan 40k+ files in 2 minutes.
You like to think that it did though... It just ignored the already checked files (even if they changed) ..

 

iSwift and iChecker databases are only valid for the same signiture version.

The ability to scan "new and changed files only" doesn't actually scan files once, rather uses some randomization technology to ensure the file is scanned again too at some interval. This is only valid for default settings and REALTIME monitor only. The startup scanner (ran at every system boot and signiture update) doesn't use this by default. On demand scans don't use this option either, by default.

Edit: Of course if the file is changed it IS scanned again. You can confirm this yourself by modifying some files and scanning them again.

 

I think you are a little mislead Brian, read HERE about iChecker and iSwift technologies.

 

Thanks Brian. Your posts caused others here to provide information that made me even more of an admirer of KAV. As to VBA32 compared to KAV, the proof is in the pudding. Taste & see.

 

Seing the recent movie when KAV scans your harddrive, anything is better.
I can't believe they actually made that a part of their software...
Scan a file, its clean NOW, ignore it LATER when we scan again. Sad

You won't be getting 99% protection, not by a long shot.

Brian, it seems from this and a lot of your past postings dealing with the subject of KAV that you like to try to point out what you consider a negative point about KAV whenever possible.
So let me ask, do you have solid evidence to support your statements KAV is not as effective because of the iswift, ichecker setting?
Have you used KAV6?
Show what you have to prove that KAV does not provide 99% detection, other than your opinion, av comparatives seems to support the 99% detection rates by KAV.
It has been mentioned many times how fast NOD32 completes a system scan, and we all know it is an excellent AV, but are you saying users are getting shortchanged by NOD32's scan speed?
Why not just answer the question about VBA32 or KAV without injecting your opinion which appears to be biased as you are an avid NOD32 user.

To answer your question N8CHAVEZ:
I use KAV, DRWEB and have used VBA32 (have trialed just about all others too) and all provide very reliable protection. Try both and decide for yourself which you want to use. My only criticism is that VBA32 has not been thoroughly tested by any of the major test sites to my knowledge.

Edit: I stand corrected about the testing of VBA32, it is tested at av comparatives.

 

I have used every AV you listed, along with NOD32, and I'm still having trouble making a decision. The only thing about the VBA32 test is that it is still incomplete. And, aside from that, every AV can, and has, had a bad test. Thanks for being objective.

 

Yeah, I know what you mean, it is hard to decide. Good luck.

 

Unfortunately, Brian you have no idea how the RTM of KAV 6 works in the "Scan new and changed files only" setting. Did you not read and take in Ian Kenefick's posts today? .

I am now off to the KAV forum to post my thread on "Malware missed by NOD" just to balance the books out

 

Sorry buddy.

They closed the thread.

 

"Even if they changed"? Looks like there's something not clear to you about what a checksum is...

 

Bullcrap. I'm saying what I don't like about a piece of software regardless if it's kaspersky / nod / microsoft / whatever. And I don't like that "feature" in Kav6 because it has the option to ignore nasties.