Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
Emsisoft Anti Malware (default) vs Ransominator
Message
<blockquote data-quote="MacDefender" data-source="post: 879981" data-attributes="member: 83059"><p>I do have to say, in my experience, Kaspersky has been relatively accurate when it comes to pirated software. It tends to have good enough signatures and behavior blocking that it detects the most common fake/bugged pirated software, but it also rarely incorrectly marks a "legit" (lol) piracy tool as malware.</p><p></p><p>The "Ableton Live" sample above on KSN has 10,000+ known Kaspersky users. Pretty impressive for such an esoteric professional application.</p><p></p><p>I know you like SEP, but unfortunately I've found for pirated software that SEP and Norton behave quite similarly in that the heuristic "AdvML.B/C" engine tends to trigger frequently on piracy tools, especially ones that apply binary patches (e.g. cracks) to existing binaries. I still have hosts where I use SEP and I've learned how to interpret such alerts, but Kaspersky definitely deserves an honorable mention in this field, which I appreciate you bringing up.</p><p></p><p></p><p>I am also, on another note, interested to hear about Emsisoft's future direction. I am 100% on board with the idea that ransomware often reaches enterprise machines due to network compromises/intruders and other sorts of network oriented attacks, and by the time a piece of malware lands on a user's computer and the user has an opportunity to execute it, you've already lost. But with that said, I'm really interested in how vendors are trying to solve that problem. I've seen some APT defense products try to provide a whole-stack solution to that which includes virtualized honeypots, but not a lot of endpoint security software suites trying to address this.</p></blockquote><p></p>
[QUOTE="MacDefender, post: 879981, member: 83059"] I do have to say, in my experience, Kaspersky has been relatively accurate when it comes to pirated software. It tends to have good enough signatures and behavior blocking that it detects the most common fake/bugged pirated software, but it also rarely incorrectly marks a "legit" (lol) piracy tool as malware. The "Ableton Live" sample above on KSN has 10,000+ known Kaspersky users. Pretty impressive for such an esoteric professional application. I know you like SEP, but unfortunately I've found for pirated software that SEP and Norton behave quite similarly in that the heuristic "AdvML.B/C" engine tends to trigger frequently on piracy tools, especially ones that apply binary patches (e.g. cracks) to existing binaries. I still have hosts where I use SEP and I've learned how to interpret such alerts, but Kaspersky definitely deserves an honorable mention in this field, which I appreciate you bringing up. I am also, on another note, interested to hear about Emsisoft's future direction. I am 100% on board with the idea that ransomware often reaches enterprise machines due to network compromises/intruders and other sorts of network oriented attacks, and by the time a piece of malware lands on a user's computer and the user has an opportunity to execute it, you've already lost. But with that said, I'm really interested in how vendors are trying to solve that problem. I've seen some APT defense products try to provide a whole-stack solution to that which includes virtualized honeypots, but not a lot of endpoint security software suites trying to address this. [/QUOTE]
Insert quotes…
Verification
Post reply
Top