Discussion in 'other anti-virus software' started by computer geek, Apr 16, 2008.
What the hell?!!
Hmm, for me, a long way to go......
Moon's real-time monitor is light & does the job. The Clam database of sigs, used by Moon, is ~85% detection for malware, & ~82% detection for ad & spyware.
Zounds -- it's freeeee! In udder voids, it's bedah than nuttin. Arf
Go to The Moon HERE. It is certainly worthy of support, IMO.
i wud ztey ewey from it
According here, MoonSecure's real-time is weak because it uses API hooks and is not a file system filter driver.
OT: Those using ClamWin can use ClamMon (uses API hooks also) as their real-time in the mean time (at their own risk). ClamMon will only detect the nasty after you execute/run it.
So it,s like OA AV?
Online Armor Antivirus? Sorry but I have not tried OA AV. Do you mean it only detects threat in real-time when the threat is executed/ran? I think MikeNash should be the one to answer.
It seems that MoonSecure also lags in updating the ClamAV engine so I guess there's a difference in detection rate.
As I know OA AV+ scans on execution in real time. By the way, I don,t think it to be less secure, as long as a malware is not executed it can,t damage. I guess scan on execution might have less impact on system performance than scan on disk read/ write.
No a bad detection IMO. Atleast in this test it,s better than VB( used by PCTools AV).
You're right. However, according to alch (second post), the developer of ClamWin, API Hooks are easy to bypass.
So this bypass may be by routine malware or some one must write a malware specifically targetted to bypass this AV? I am not sure.
I don't know about MoonSecure's but ClamMon installs as a service so I think, it can protect itself from being shutdown by malware . ClamMon is still buggy but it seems ClamWin developers are interested in it.
I am downloading it, just for a fun try.
Post the results of your "experiment" Dr. aigle . Thank you.
MoonSecure is still in version 2. According here, version 3 will have 4 engines (1 signature-based, 3 heuristics ). This reminds me of F-Prot.
Hi, no testing, will just have a look on it for a very short time period before I sleep. Killing a bit of time.
I tried it( beta version). It stopped malware on execution but there is significant dealy in launch of all applications. Back to my normal snapshot.
Thank you aigle .
I believe it runs slow because it's written in Delphi and still a BETA. I hope the developers use C++ as their programming language in version 3. From the screenshoots, it seems they changed the GUI; much better than the former. Does the real-time scanner run as a service?
Unlike ClamWin, MoonSecure doesn't rely solely on ClamAV definition updates. They also ask for and analyze samples. But I hope that like ClamWin, they integrate new engines by ClamAV faster.
Let's wait for MoonSecure version 3 .
I did not checked closely but i I think I found only the two processes shown in the pic. I did not check the details.
I guess the real-time service is moontray.exe .
May be, I am not sure! Missed to check it. Actually I was disappointed by the unacceptable delay in applicatuions launch.
I also read, it had 25000 records of viruses.... Thats bad.
I tried to install Moonsecure, but Sunbelt Personal Firewall, stopped the installation due to an intrusion attempt.
My Rollback Intrusion Prevention System (R.I.P.S.) removed Moonsecure completely.
So, it also has compatibility issues too, which is bad for a small group of people.
Couldn't you disable R.I.P.S. (what a grim name! ) then install?
Yes, I can but is it worth ?
RIPS doesn't exist, it's my sense of humor concerning abbreviations, like HIPS, NIPS, ... so I created mine : RIPS.
Probobly not, after all, it is said it's resident shield is weaker then clam's...
It dependents on how the KAV SDK 5 package has been implemented. You can have read/write scanning just a matter of programming it.
For example, in ZA implementation of KAV SDK engine very small files are checked on writing.
Don't know about moonsecure but certainly KAV SDK hooks at kernel level and its not generally easy to kill.
Separate names with a comma.