Real time AV/Heuristics? DrWeb/Panda

Discussion in 'other anti-virus software' started by skomes, Feb 28, 2009.

Thread Status:
Not open for further replies.
  1. skomes

    skomes Registered Member

    Joined:
    Feb 28, 2009
    Posts:
    5
    I've been infected twice by Virut with my current windows install which then goes on to infect every other file it finds, I've beaten it both times, but I've decided to I need to run an AV again. I've also bean infected by 0 day attacks/virii, so I want something that is very capable.

    My biggest concern is real time scanning, and properly handling infections.

    My ISP offers F-Secure, but I can't choose what to install/uninstall with it, it loads up every module (firewall, antivirus, spam, web filter etc.) and noticeably degrades performance. On my old AMD 2700+ system, and my current E5200 system. Otherwise I like F-Secure, they help me beat Virut the first time.

    I read the review/guide posted here, http://gladiator-antivirus.com/forum/index.php?showtopic=9644, and found it helpful.

    With my recent Virut infection, DrWeb's CureIT helped me a great deal, but I'm wondering how well it does with real time scanning. I know many of you guys like/use it, but I would like to know how well it handles virii attempting to run on the system, since their Spider seems to be somewhat new.

    Also, I saw one other thing that caught my eye as I was researching was that Panda apparently has something they call Truprevent, which detects use of exploits on the system, regardless of virus/variant, this is a very interesting idea, probably helpful to stop 0 day attacks, I was wondering if anybody had some feedback as to reliability and whether it lags your system.

    If you guys could give me advice on these 3, I'd very much appreciate it.
    Thanks.
     
    Last edited: Feb 28, 2009
  2. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    hello,
    the spider isnt new its always been there.
    its very good at blocking infections.
    the only way to find out is to trial it on your own system so go ahead and try it.
     
  3. skomes

    skomes Registered Member

    Joined:
    Feb 28, 2009
    Posts:
    5
    Only real way to test it is to attempt to infect a system, and I don't really have any way of doing that short of installing XP inside vmware or virtual pc, which would take quite a while.

    Guess I'm trying to ask, I know that DrWeb is good, I used it, is spider just as good?

    The website says this:

    Does that mean that it does not rely solely on updates, but can also analyze behaviour and see that something is malware?
     
  4. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Yes trough its heuristics
     
  5. skomes

    skomes Registered Member

    Joined:
    Feb 28, 2009
    Posts:
    5
    Ok, thanks.
    The description says it also monitors where file locations, and I thought it might be something along the lines of threatfire, or appguard.

    I hadn't really wanted to run threatfire/appguard and another AV, but maybe that is the best way to go.

    Truprevent has very few user reviews on the forum, and info is conflicted as to whether or not it lags a system, but Panda on the whole seems to be too much of a resource hog.

    Was hoping for something that would accomplish those tasks and maintain a low profile.
     
  6. smage

    smage Registered Member

    Joined:
    Sep 13, 2008
    Posts:
    377
    Hi,
    You can install any good AV and add Threatfire Free to it to cater for zero day attacks.
    Also note that none provide 100% detection rate, so exercising care is the best defense.
    Regards.
     
  7. risl

    risl Registered Member

    Joined:
    Dec 8, 2006
    Posts:
    581
    I've been using Dr.Web for couple of years and haven't got any problems.

    Beside the usual heuristic methods, they do have "Virus actions: x" in spider guard statistics but I've never received any information how it actually works. What must a program do to make a virus action? I've never seen a detection that moves it from 0 to 1 :)
     
  8. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Of the blacklist AV scanners you are interested in, just choose the one which gives you the best balance between performance and protection on your machine.

    Then add a Sandbox/HIPS; Sandboxie/GesWall/DefenseWall/Threatfire/Malware Defender for a layered defense and for better protection against zero-day malware.
     
Loading...
Thread Status:
Not open for further replies.