Think I've finally decided what antivirus to use...

Discussion in 'other anti-virus software' started by colt45allstar, Jun 29, 2006.

Thread Status:
Not open for further replies.
  1. colt45allstar

    colt45allstar Registered Member

    Joined:
    Jun 9, 2006
    Posts:
    65
    It was tough. Really like alot about both Nod32 and Kaspersky.

    In the end though... I think I'm going with Kaspersky this round.

    What can I say love their ultra fast signature updates and though I only ran a trial of version five... I really like what I'm hearing about the proactive defense that version six features.

    These two things coupled with the fact that the heuristics engine is supposed to be improved later this year, to go along with already top of the line sigs and proactive defense, were enough for me to decide it was the one.

    I'm only getting it for the one year license as opposed to the two year license. I say this because I want the option of switching in a year to be open, especially if Nod32 version 3 ends up blowing everyone away.

    I tend to do the same thing and only get one year licenses for my firewall purchases as well. This way if in a year from now I'm no longer pleased with Zone Alarm Pro, I can switch to Outpost or something similiar.

    Even though it ends up saving money buying two year licenses, I'm willing to pay a little more.. if it means I'm not stuck with something.
     
  2. SirMalware

    SirMalware Registered Member

    Joined:
    Jun 6, 2006
    Posts:
    133
    Congrats. You won't be sorry. Go with KIS, it's smooth and really does it all. ;)
     
  3. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Why the hell are people talking just about file heuristics? And why the hell is then PDM used for? To scratch my back? Yours maybe? No. It's designed to detect unknown malware. And what else is this than heuristics?
    I already look stupid because i keep repeating this over and over again...
    They already have killer response times and hourly updates, PDM just fills the gap between hourly updates. And from what i've seen it's very effective.
     
  4. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hi, why u just want to impose ur choice and thinking, every one is free to think and post
     
  5. raven211

    raven211 Registered Member

    Joined:
    May 4, 2005
    Posts:
    2,567
    Yeah, and that's exactly what he does.
     
  6. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    No, i'm yelling all the time that PDM equals heuristics.
    People just think that checkbox with text "Advanced Heuristics" in NOD32 is the only thing out there and they are treating KAV6 like it doesn't have any form of advanced proactive/heuristic detection capabilities. Those new file heuristics scheduled for Q4 2006 are just a small addon, basically just for file servers and email servers where PDM does nothing against malware due to it's nature of detection. PDM or Proactive Defense Module does majority of the heuristic detection on the end user level and is probably far more effective than any other heuristic detection method.
     
  7. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I don,t think there is any need to yell for this. Adter all, u are not the creator of KIS or NOD either. Time will tell every thing clearly.
    Just wait.
     
  8. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Lol and since i'm not the creator of KAV or NOD32 that automatically makes me stupid or what? Belive me, those more techy know quiet a lot about technologies used in AVs even though we aren't it's developers.
    Biggets problem is that ppl still think KAV is just a fancy hourly updated AV without any real heuristics like NOD32 has. Looks like Kaspersky Lab will have to hype their PDM a bit like ESET is doing with their AH all the time for everything. Maybe then people will finally get it that KAV6 also has powerful heuristics...
     
  9. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    The "problem" is here that it's very time consuming to test such things. That makes it more difficult for testers to give some statement how efficent this works since you have to start the malware to see how the defense behaves like. This is completely another story to the on-demand scanning and counting the heuristic detections. Example: If there is one rule changed (maybe because it produced too much alerts) then usually you would have to start testing from scratch. Now i seriously doubt that someone who just started 12.000 trojans manually (there is not really another way for the testers without any special tools) would like to restart over just because a rule was changed. Most likely he will not even notice that something has changed since he's still starting samples. :D As for all things in life (except beer) it's easily to avoid things. Same for heuristic detections. But it is somehow more difficult, not excluding but more advanced, to fool a real behavior blocker. Mainly because of the reason that a malware doesn't matter with what it's packed or crypted still behaves in the same way as the same unpacked/RAW sample. In the way of "If it looks like a duck and if it makes the same noise and sound as a duck we'll shot it down" regardingless which color it has.
     
  10. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Yes, testing is difficult (ask IBK about it hihi), but that doesn't change the fact that it can detect malware in the end the same as with regular on-demand enabled heuristics (just on different level, users aren't quiet familiar with it yet). And as you said yourself, one big advantage is immunity to crypters and packers. It usually always stops here with all sorts of on-demand enabled heuristics if you cannot properly decrypt or unpack the file. But not with behavior blockers (the duck example). :)

    For example i don't care much if it's detected when it enters my PC or when i try to execute it. As long as it gets detected i'm fine with that.
    I'm not running file server or email server so On-Execution only heuristic make no difference to me. Now if i take KAV's already excellent unpacking engine, seriously rapid updates and in the end behavior blocker and pack all this in one packet you get quiet powerful punch as result.
    Especially because PDM rules can be updated on the fly along with signatures. More malware you get, more exact and aggressive can detection be. It's almost like spam detection based on bayesian filtering, just with exception you're here monitoring files and not emails.
     
  11. YeOldeStonecat

    YeOldeStonecat Registered Member

    Joined:
    Apr 25, 2005
    Posts:
    2,345
    Location:
    Along the Shorelines somewhere in New England
    Holy thread derailing.
     
  12. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    Two off-topic replies regarding an AV product not even part of this thread have been removed.

    To S: There's no need to spam that other product in every AV thread.
     
  13. Davidpr

    Davidpr Registered Member

    Joined:
    May 24, 2006
    Posts:
    92

    Did you look at any other AV's such as AntiVir Premium or BitDefender? Did you consider Prevx 1 for your main AV/anti-malware?

    Good luck with your choice.
     
  14. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Does it really matter to the end user "how an av detects malware" as long as it does?
    Surely what REALLY matters is that whichever av you or I choose to protect our data is that it does protect it and not the method it uses!
    Who cares whether its a PDM module,heuristics or sigs(or even magic!!) as long as it works
     
  15. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,634
    Location:
    UK
    I rather think the PDM in KAV/KIS v6 is more of a behaviour blocker, which is really a form of heuristics I guess, but at the end of the day it is proactive protection, an added bonus to the regularly updated signatures.
     
  16. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    I've noticed how most or all of the antivirus companies (e.g.: Kaspersky, Eset, F-Prot) are vastly enhancing their products (this year).

    I can predict I will have to do a change soon. (One AV might attract me more than another ;))

    It's great to have a choice.
     
  17. QBgreen

    QBgreen Registered Member

    Joined:
    Jan 1, 2005
    Posts:
    627
    Location:
    Queens County, NY
    There is a vast array of high quality anti-malware products to chose from. To extol the virtues of one over another as if it were your nation's World Cup entry is ludicrous. We should count ourselves fortunate there are such choices. So there. :rolleyes:
     
  18. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,221
    Good post.

    I have not figured out why when someone has some criticism of a particular AV, some act as if their mothers had been insulted. It's just software, and one should not be married to it.
    "We pays our money and takes our choice."

    Jerry
     
  19. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    That still doesn't change the fact that KAV6's PDM is indeed a heuristic engine...
     
  20. Kye-U

    Kye-U Security Expert

    Joined:
    Jun 11, 2004
    Posts:
    481
    Decided to test KAV for a while and uninstalled NOD32.

    I like how it monitors critical areas and its accessible GUI.

    It is VERY light on resources in comparison to version 5, and so far, so good ;)

    With its Proactive Defense, I can see how KAV would stop spyware from loading on startup and such.
     
Loading...
Thread Status:
Not open for further replies.