Absolutely the most powerful antivirus?

[notabot]

Yes, sure it is, but anti executables and sandboxies dont have much value for the average user (not the completely layman) in a domestic environment, they are much more suitable for corporate usage.

The reason for this is because in most cases they are just blocking what the user wants to do without telling "him" why (usually they cant mark the file as malicious like an antivirus).

For example, the home user wants to run a crack (with a patch function), the antiexecutable or/and sandbox will simple be disabled because he wants to pirate that software and he will run the file anyway, unless the antivirus explicitly tell him that the file is actually dangerous, so in another words, get the real crack and not a disguised malware.

I dont need an antiexecutable to block hot party photos.jpg.exe, but I want an antivirus to protect me if I made a misjudgment while running the software that I need, a thing that a sandbox, because of some nasty malware tricks, cant do.

Kaspersky, ESET, Symantec and other big players would love to save resources that they spend with signature crafting, cloud infrastructure, researchers, false positive testing with "static" solutions like sandboxies and anti executables, but they cant do that, because those are not the answer for the malware problem.

I'm not sure, I think it's more that there's no clickthrough solution that also has negligible performance penalty, I've worked in a few fortune 500 companies, they all employed AVs/endpoint protection + some form of whitelisting on desktops, none used sandboxes (at least not for security). I'm not aware of why this is so but that's my experience.

The entry points for malware for home imo are mainly the browser and possibly email ( though as webmail is very common the later does not apply to many people ). A sandboxed or even better virtualized browser would protect the main entry point fairly well. MS has WDAG, HP is also pushing a solution like this (Sure Click) - the problems imo are WDAG's efficiency and Sure Click doesn't seem to work (at least on UAC accs, haven't tried admin).
The current lack of good existing clickthrough solutions though is different to the architecture being not fit for home use. E.g. snap apps do this very well ( with containerization ), Microsoft jumped into the native containers game a bit late but one day we may see something like this on Windows. Something like kata containers About Kata Containers | Kata Containers ( very lightweight ) would be even stronger than containerised apps (it's a virtualization solution, despite having the word containers as part of its name) but again this is a train MS didn't pay too much attention to initially.
With WSL2, I plan to actually use snap apps for browsing and email, but even this is not clickthrough enough for widespread use.

 

[bayasdev]

IMHO Kaspersky's System Watcher module is one of the best detecting zero day malware and rolling back their actions. I don't know if there's any other AV that have such capabilities.

 

[ForgottenSeer 823865]

In enterprise yes, because people need to process attachments under time pressure, in a home environment I don't see this as an entrypoint.
Only case where I've worried at home is when previously legit (but not popular) websites have been hijacked - this has happened twice this year to me but per VT sites were clean - even though they had clearly been hijacked as there was porn instead of the product they sell. Maybe VT didn't find something that was there but in any case I think that's a valid risk for home users.
Still, as JS is turned off by default in my browser, it would need to be a really high end exploit to get through.

That is YOUR experience, you are here so you already have "above-the-norm" security habits. Believe me, Average Joe clicks on everything, emails, downloaded files, shared links in social medias, etc... i saw it since decades when i was a computer repair guy...most infections i cured went from emails or shared links.

Yes, sure it is, but anti executables and sandboxies dont have much value for the average user (not the completely layman) in a domestic environment, they are much more suitable for corporate usage.
[...]
Kaspersky, ESET, Symantec and other big players would love to save resources that they spend with signature crafting, cloud infrastructure, researchers, false positive testing with "static" solutions like sandboxies and anti executables, but they cant do that, because those are not the answer for the malware problem.

Exactly. Average Joe can only handle, at best, blacklisting solutions; they cant be trusted with decisions about things they cant even understand. When they will decide to teach cybersecurity and how to use HIPS at school, maybe this will change.

I'm not sure, I think it's more that there's no clickthrough solution that also has negligible performance penalty, I've worked in a few fortune 500 companies, they all employed AVs/endpoint protection + some form of whitelisting on desktops, none used sandboxes (at least not for security). I'm not aware of why this is so but that's my experience.

Most just use VM on their servers.

The entry points for malware for home imo are mainly the browser and possibly email ( though as webmail is very common the later does not apply to many people ). A sandboxed or even better virtualized browser would protect the main entry point fairly well. MS has WDAG, HP is also pushing a solution like this (Sure Click) - the problems imo are WDAG's efficiency and Sure Click doesn't seem to work (at least on UAC accs, haven't tried admin).

Average Joe wont use all this, all the stuff you mention are are for corporations and eventually for security geeks like us.
Even my favorite sandboxing program (ReHIPS) is way out of reach of Average Joe.

 

[Mjolnir]

The Force is strong with COMODO! If only people understood the power of the dark side!

 

[Venustus]

application control and trusted application mode, etc).

Not available in the free version...They are paid features.

QUOTE="geminis3, post: 842351, member: 41799"]
Kaspersky's System Watcher module is one of the best detecting zero day malware and rolling back their actions. I don't know if there's any other AV that have such capabilities.
[/QUOTE]
Bitdefender does have this capability,but I believe K's module is better.

 

[omidomi]

There is no "the best AV" Exist.
its depend on common sense, I see many people have Kaspersky & they got infected (also Norton Eset Comodo & blah blah blah) & also many people have WD and they are never get infected...
But in these battle we have better choice than the other (Kaspersky,Norton,F-Secure,G-Data) are top notch.
btw it dose not mean another software's are worst , I see a nice comment that is different from the other:

I think Dr.Web's antivirus line. If I remember correctly it was used in the Russian Ministry of Defence.

Really Dr.Web are good , but they need more improvement & they are really weak in advertisement....

 

[harlan4096]

I saw a lot of people indicating Kaspesky AV... I'd like to know the the free Kaspersky solution (kaspersky free cloud) has all the AV features from the paid version (same signatures, heuristics, cloud protection, behavior blocker, application control and trusted application mode, etc). I could not find any specific information about those in free version. The only thing i know is that it does not have all "extra features" (not directly related with AV module itself) from paid version, like password manager, VPN, etc...

KAF / KSCloudF don't have Application Control + FireWall + TAM...

 

[SeriousHoax]

I'd say ZoneAlarm extreme security, it has the strongest heuristics i've ever seen. Plus it uses kaspersky signatures and the fastest support i ever saw (asked via online chat and in 2 minutes i was talking with support). But it's heavy. It's performing well rn, Test antivirus software for Windows 10 - August 2019 and also https://malwaretips.com/threads/malware-samples-13-24-10-2019.95878/ .

Actually, ZoneAlarm is like a rebrand of Kaspersky. Signatures, heuristics, cloud, system watcher everything is the same. The Firewall is different and the UI. Andrew3000 has tested it recently in the hub.
So, if you're not into ZoneAlarm's firewall and have no problem with Kaspersky being Russian then using Kaspersky would probably be better choice as I heard ZoneAlarm is heavier on the system and some other complications.

 

[Aggravatorx]

I get bored so i buy security suites on ebay cheap figure your gonna sale me a product like eset or kaspersky for 9.00 dollars for 2 years let me
try it and they actually work.I have to say i purchased Kaspersky this morning and boy did they change on being light and fast from two years ago
i think most security programs have now. eset comodo and kaspersky even vipre are very light its just that i still think the future malware slash
hackers are more smarter now then ever.nobody goes outside and plays stick ball anymore its let me see who i can hack into today and there good
at it........

 

[alv222]

Actually, ZoneAlarm is like a rebrand of Kaspersky. Signatures, heuristics, cloud, system watcher everything is the same. The Firewall is different and the UI. Andrew3000 has tested it recently in the hub.
So, if you're not into ZoneAlarm's firewall and have no problem with Kaspersky being Russian then using Kaspersky would probably be better choice as I heard ZoneAlarm is heavier on the system and some other complications.

I think they use kaspersky's application control too but i love their antiransomware module and threat emulation. Yep its heavy. I think they updated the kaspersky engine as shown in the top of their forum "
ZoneAlarm AV / Firewall 15.6.121.18102 (7/30/19)

• New: Antivirus SDK with better protections
• New: Full support for Windows 10 19H1
• Fixed: Bug fixes to improve ZoneAlarm Anti-Ransomware uninstall and upgrade "

 

[SerialCart]

The problem is that for many people "privacy" is an important factor that is the reason which many businesses or organization do not go for Kaspersky. Avira has had a good performance (in terms of detection and covering the 0-day malware) however, their UI is a pain.

What do you think about McAfee? I noticed no one is considering McAfee in this topic.

 

[Nightwalker]

The topic is about the most powerful antivirus solution, not the best or the "perfect" product, the criteria is how good it is at detecting malware/protecting the machine and considering Kaspersky testing history in professional tests and here in the Hub, there is a very safe margin to say that it is the most powerful antivirus solution in the market, specially considering the combination of System Watcher + Application Control + Trusted Application Mode + "traditional" engine + cloud.

 

[Aggravatorx]

my saying on that if a product is going to be rebranded with another source just buy the original one and the saying of its Russian or American
or what ever country its all the same protection. its time the new era changes the way people act about other countries lets all get along life is to short. Happy Halloween to all be safe

 

[RoboMan]

I want to do a reality check. Is ESET (default settings) a top AV, or not? Someone posted today on a local forum in my country about an issue he had with installing Bitdefender, and someone else ragged on him that he wasted his money, because ESET is tops. I pointed out that ESET has done poorly in the past two years in the major AV tests. He replied, "We technicians know all about that, but our actual day-to-day experience shows that ESET is superior."
What's your opinion?

I'm gonna have to second this guy. ESET is one of the few antivirus I've seen that offers hundreds of tweaking options. HIPS module for example is usually set to smart or automatic mode by users, since they do not understand how to use it. But behind that, people who really understand of behaviour blocking and rules can make use of HIPS and make ESET a security beast. I've always believed ESET is popular among home users because it's light and has great signatures; but is also popular among IT geeks because it can be tweaked to be a top class suite.

 

[shmu26]

I'm gonna have to second this guy. ESET is one of the few antivirus I've seen that offers hundreds of tweaking options. HIPS module for example is usually set to smart or automatic mode by users, since they do not understand how to use it. But behind that, people who really understand of behaviour blocking and rules can make use of HIPS and make ESET a security beast. I've always believed ESET is popular among home users because it's light and has great signatures; but is also popular among IT geeks because it can be tweaked to be a top class suite.

Thanks, but my question was specifically about ESET at noob settings.

 

[Cortex]

Since Win 95 I've probably used ESET or NOD32 in the beginning far more than anything. I have used others recently but end up with ESET - I have been on some very interesting sites + shall i say over the years, this has been on more PC's than I can count with only one worm at large, that's it - ESET /NOD32 can't be bad from my point of view & gets my vote.

 

[notabot]

Since Win 95 I've probably used ESET/NOD32 in the beginning more than anything, I have been on some interesting sites shall i say over the years, this has been on more PC's than I can count with only one worm at large, that's it, ESET /NOD32 can't be bad from my point of view.

Did ESET detect the worm post-infection ?

 

[notabot]

That is YOUR experience, you are here so you already have "above-the-norm" security habits. Believe me, Average Joe clicks on everything, emails, downloaded files, shared links in social medias, etc... i saw it since decades when i was a computer repair guy...most infections i cured went from emails or shared links.


Exactly. Average Joe can only handle, at best, blacklisting solutions; they cant be trusted with decisions about things they cant even understand. When they will decide to teach cybersecurity and how to use HIPS at school, maybe this will change.


Most just use VM on their servers.


Average Joe wont use all this, all the stuff you mention are are for corporations and eventually for security geeks like us.
Even my favorite sandboxing program (ReHIPS) is way out of reach of Average Joe.

ReHIPS' UX is not clickthrough, but HP's Sure Click looks clickthrough ( but doesn't work ). When the UX of security products evolves, more of these things will become part of default configurations. Something like Sure Click (provided they do make it to work) which isolates via virtualization browser ( and email client but I think only in their enterprise version ) would be ideal for a user who clicks everything.

Btw Fortune 500 cos I've worked at do use VMs but not for desktop security/isolation of desktop apps. They use them for server security ( ie in the pre hybrid cloud days a legacy/unmaintained service would run in a VM) or to cut costs by providing each user with a VM to connect to and provide thin clients instead of enterprise desktops - but not for application isolation on a desktop env.

 

[notabot]

The topic is about the most powerful antivirus solution, not the best or the "perfect" product, the criteria is how good it is at detecting malware/protecting the machine and considering Kaspersky testing history in professional tests and here in the Hub, there is a very safe margin to say that it is the most powerful antivirus solution in the market, specially considering the combination of System Watcher + Application Control + Trusted Application Mode + "traditional" engine + cloud.

As you like both Kaspersky and ESET, at default settings ( forgetting any tinkering that ESET allows for ), is the difference between the two something tangible or we'd be splitting hairs if we were to compare?

 

[Cortex]

Did ESET detect the worm post-infection ?

Actually no - it was maybe 20 years ago & the name as I remember was Benjamin, not sure though! - it was little more than a nuisance & all it seemed to do was fill a folder full of rude names, I already knew all the words anyway - I killed it myself.