#46
|
||||
|
||||
Personaly, i use Kaspersky Internet Security (good engine, and not very slowing down computer, in difference of Norton).
At my job, we're using BitDefender Internet Security 2010 (many slow down and numerous false positives). |
#47
|
|||
|
|||
Kaspersky Internet Security 2010. On linux mailserver and my personal computer. It Works fine but uses resources...
|
#48
|
|||
|
|||
I used to use Kaspersky for several years and am using McAfee now, both great.
NOD32, SYMANTEC tested and bring about too many problems with my crack/reverse tools. even you need to disable McAfee and maybe other Anti-viruses when unpacking an enveloped/packed file to avoid deleting of dumped file. |
#49
|
|||
|
|||
for me modern threat come from different direction nowadays,there is roque(fake antivirus,antimalware,firewall),trojan,virus,worm,keylogger,etc.
For antivirus i prefer multi-engine antivirus(gdata,etc),for single engine i prefer avira/kaspersky,anti malware i prefer antimalware byte and pctools antispyware,for trojan i pick anti malwarebyte,i always check for every year if the performance of this following setup would be still top notch because AFAIK brand doesn't always tells quality over years,there is always be performance degradation over several months/years and i always check for performance on forum(http://www.wilderssecurity.com/) or any independent review site which right now there is so many review site that are clouded by vendor money offer.Forgot to mention i also doing internal self test of any product that i interested to use using VM(virtual machine),folder,registry side by side comparing(clean vs infected) just to double make sure that the independent forum/review site are really independent ,most of the reviewer on youtube are to be honest quiet amateur,mostly they just comparing live sample (-2 weeks/0day),reviewer forgot to add the aftermath of virus cleaning effect(system files,registry,files) by the product. Now i run : Windows 7 64 Bit Avira Pro 32 bit (realtime) AntiMalwarebyte (on demand) PCTools antispyware(on demand) Prevx(realtime) Hitman(on demand) Outpost Firewall pro(realtime) Why?it's from my own internal research . |
#50
|
|||
|
|||
Back in the days I was using norton antivirus...a looong time ago, and then I moved to Kaspersky, then NOD32...now I don't use any anti-virus, I switched to sandboxie + virtual machines + opendns filter, an updated host file from mvps and a router firewall.
When I get myself familiar with virtual machines I never looked back to my main computer cuz I have the best security bundle :envy me:. |
#51
|
|||
|
|||
I'd use Nod32, alongside MBAM for malware.
Aside from that if I detect suspicous activity which Nod nor MBAM can detect I manually remove the malware, using various tools such as ComboFix, gmer, HijackThis (now outdated) etc... |
#52
|
|||
|
|||
The latest beta of Kaspersky Internet Security 2011 looks quite promising
|
#53
|
|||
|
|||
the best antivirus it its Microsoft securyty essentials good
|
#54
|
|||
|
|||
I never use any AV. They disturb me.
|
#55
|
||||
|
||||
I use NOD32 as antivirus without problems and I use free spybot for spyware and similar threats.
zeuscane |
#56
|
||||
|
||||
I used Avira until today, when I found a file named "~TEMP.exe" running.
Scanning it with Avira didn't find anything. I scanned it online, only Kaspersky and F-Secure were able to detect it as a trojan. Here is the report if anyone is interested: http://tinyurl.com/25zc85z
__________________
"The road of excess leads to the palace of wisdom" -- William Blake |
#57
|
|||
|
|||
for long time I have used Kaspersky and Nod32..
but these "commercial" antivirus fails to detect and defeat some virus that I tested... (some malware trojan banks in my country, I receive a lot (spam) emails with this kind of s..hit , really very bad.) and the only that allways alert me (or in the bad situations, have a "fast" vacine submit with vacine update in 24h) was AVIRA... and I'm talking about "free version". today I use AVIRA (free) version + sandboxie control (a very usefull "utility") + Online Armor (free). If I in doubt with a file (and avira doesn't alert me), I run the suspect file under a sandbox using sandboxie control and If nothing estrange happens the file is "probably" clean.. the Online Armor (free) firewall, comes as a natural enforcement because I don't trust in windows firewall that is to basic, and doesn't have control over process communication (and online armor has this..) Last edited by zemo; 06-18-2010 at 09:47. |
#58
|
|||
|
|||
They are all rubbish. I wrote a very simple heuristics goat file which is part of my test suite.
This goat file performs the following operations 1. GOAT Stub: Seek Kernel32.dll in memory 2. GOAT Stub: Locate GetProcAddress() 3. GOAT Stub: User GetProcAddress to get address for GlobalAlloc() 4. GOAT Stub: Allocates a buffer using GlobalAlloc() and copies decryptor and rest of goat file to new location 5. Jmp to new buffer 6. GOAT Encrypted Body: Execute decryptor (simple xor byte ptr[] routine to allow AV xraying) 7. GOAT Encrypted Body: Load all apis from a structure into a structure (copied from a real virus) using GetProcAddress() 8. GOAT Encrypted Body: Fetch all system paths (eg system32 and windows and mydocs etc) 9. GOAT Encrypted Body: Find all "*.exe" in the current folder 10. GOAT Encrypted Body: no payload... just beeps each time a file is found. 11. GOAT Encrypted Body: return control to parent process. 12. GOAT Encrypted Body: Embedded in the code are funny strings like "*.com" "*.scr" "*.dll" suspicious API names (MapViewOfFile etc) Ok so my first generation goat file (which only XOR's with a zero key) [ie no decryption] is flagged as funny by a few av vendors. (about 45% of virustotal.com). My second generation goat file which xors with a static byte of 0xCD shows f*ck all warnings in all AV's EXCEPT VBA. I am very dissapointed with the trace scanning capabilities of current AV products as my code is suspicious and performing naughty things. I have not tested runtime behavior analysis of Sophos and Symantec. However runtime analysis by AVIRA and AVG failed on its a$$ All AV products suck with heuristics and unknown virus emulation |
#59
|
|||
|
|||
None... easy enough to sniff out virus ridden files... ie. if it sounds too good to be true, it usually is... then again.. hard to resist a file named IDA Advanced V10232.12 ELiTe eDiTiON! :-)
|
#60
|
|||
|
|||
personal preferance kaspersky of course(the firewall has caught some attacks others couldn't) but but for slower computers NOD32...
|
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Ask ExeTools: Best Antivirus & AntiMalware 2017 | SOLAR | General Discussion | 39 | 01-09-2018 06:02 |
Antivirus API | just4urim | General Discussion | 4 | 02-06-2005 02:49 |