|
|
#16
02-12-2005, 20:12
|
|||
|
|||
|
I think NAV's "Bloodhound Heuistics" system is pretty nice... Havent seen a heusitic system of virus detection for virsues without signatures in any other software.
|
|
#17
02-12-2005, 20:38
|
||||
|
||||
|
I have to recommend ZoneAlarm Security Suite, Great detection, easy setup, easy to configure firewall, doesn't hinder performance (Which is why I switched from Norton) and it integrates well with XP SP2.
Give it a try!
__________________
Even as darkness envelops and consumes us, wrapping around our personal worlds like the hand that grips around our necks and suffocates us, we must realize that life really is beautiful and the shadows of despair will scurry away like the fleeting roaches before the light.
|
|
#18
02-12-2005, 21:22
|
||||
|
||||
|
don't use AV too, tired of updating this shit all the time, i use a computer for work, not for updating AV. signatures are too late for actual virus, modification so AV won't catch it is easy. they also catch cracks and inline-patches as virus, exactly as executed code inside PE Header, slow down every copy process so it takes at least 3x the time it would take without AV.
all i trust is my debugger. conclusion: AV doesn't protect you (as you see in Symantec UPX fault)
|
|
#19
02-12-2005, 22:10
|
|||
|
|||
|
I totally agree with you Markus. I follow your steps and also use sometimes virustotal service with suspicious files. It is great to be able to scan with multiple engines without messy or slowing down my system.
|
|
#20
02-13-2005, 05:13
|
|||
|
|||
|
No AntiVirus Scan Engine protect if:
EXE is packed ( if packer is known change OEP & create new starting bytes ) Only rare real Memory Scan&Protect Engines will work (you have to start the Victim (risky)
|
 |
|
|
Linear Mode
