System Watcher & SOANR both are better than DeepGuard. Personally I like System Watcher more. It's excellent against unknown malwares, not in any way online depended and can roll back malicious actions. Other two doesn't have a roll back feature as far as I'm concerned.
Wrong. SONAR does include rollback action and sandboxing functionality and it had them long before Kaspersky even thinks about adding them.
I tested System Watcher with malware that exibits self-temination and System Watcher restores the initial file that contains the infection. It is powerfull, but not smart enough. SONAR on the other hand, wipes of all components and reverts all actions. SONAR is also powered by thousands of behavioral profiles.
You can read more here:
Star Malware Protection Technologies | Symantec
I think SONAR is the clear winner here.
Don't forget that over the years, Symantec acquired multiple companies whose heritage is now behind SONAR. The first one was Whole Security. Second one was PC Tools with their infamous ThreatFire. It's not like they started from the scratch without any know-how.
F-SecureDeepGuard is also an old & well-stablished technology. If their whitepapers are correct, they've had behavioural blocking long before everyone else (2006). Symantec introduced behavioural blocking in June 2008 with the Norton 2009 beta after it's been 3 years in the making.
This was followed by Bitdefender's Active Virus Control and Intrusion Detection components, (1-2 months after SONAR) later renamed to Active Threat Control and now Advanced Threat Detection. This was followed by and AVG (Q1 2009).
https://download.bitdefender.com/resources/files/Main/file/active_virus_control_wp.pdf
en.wikipedia.org
SONAR, DeepGuard and ATD are designed to be your first layer of unbeatable defense and rarely even need to rollback anything, as they block dodgy executables and command lines right away. System Watcher is designed as a last resort, when everything else has failed.
AVG with AVG Identity Protection formerly known as Norton AntiBot developed by Sana Security was first added as a standalone program available only with AVG Internet Security 8.5, completely integrated in AVG 9 or 10 and then it was made available in the free version as well.
Kaspersky's system watcher popped up years after, around 2012-13 if I am not mistaken. Kaspersky did not underdevelop it however, and it is considered to be on par with the rest.
These companies are the first to introduce behavioural blocking and as a result all of them + AVAST that now owns AVG, have very capable behavioural blockers.
I won't neceserally pick one over the other, all of them are now very old, polished and effective.
GData, Avira, McAfee are amongst the last players in this field with questionable behavioural blockers. I don't think any of them will do the job properly, except Avira maybe. TrendMicro was good before, not sure how it's doing nowadays. I also have no historical data about them nor I've ever been interested in using them. Panda has long got TruPrevent (2006 as well if I am right), but on my tests it never really performed werll and Panda doesn't rely on it heavily. Much like Webroot's Infrared, Panda is more reputation-focused.
heimdalsecurity.com
