我是放弃做伞兵呢？还是放弃Avira新版本呢？还是放弃32位系统呢？【ProActive的消失】

lovelive10010

驭龙 发表于 2015-9-4 14:38
没有真正的特大优点，非要说的话，就是稳定，兼容性好，可缺点一大把

win10下卡巴的行为监控爆了，ESETWIN10对威胁的防护力和现在的卡巴比如何

驭龙

lovelive10010 发表于 2015-9-9 12:46
ESET没被限制，听说ESET和微软关系不错

悄悄地告诉你，ESET不被限制，不是因为它跟Microsoft关系好，而是它的软件架构原因

lovelive10010

广寒 发表于 2015-9-4 16:45
就Win10下正常使用 sep 还是 nis 好些

ESET吧，很好用的，最近也有活动，价格和诺顿差不多

lovelive10010

驭龙 发表于 2015-9-4 18:10
难道云就能取代一切？ProActive本是本地行为分析，而APC的Kernel Sensor是云啊，怎么能一样，现在也就Avi ...

ESET就没有行为监控啊，那个HIPS感觉也是聊胜于无，不知道为何ESET不做行为监控啊

驭龙

lovelive10010 发表于 2015-9-9 12:55
ESET就没有行为监控啊，那个HIPS感觉也是聊胜于无，不知道为何ESET不做行为监控啊

建议你去看看ESET的动态仿真技术，如果你认为这不算，那你去看看Exploit Blocker功能以及AMS功能的工作原理

lovelive10010

驭龙 发表于 2015-9-9 12:52
悄悄地告诉你，ESET不被限制，不是因为它跟Microsoft关系好，而是它的软件架构原因

ESET的软件架构要优于红伞吗

lovelive10010

驭龙 发表于 2015-9-9 12:58
建议你去看看ESET的动态仿真技术，如果你认为这不算，那你去看看Exploit Blocker功能以及AMS功能的工作原 ...

额在哪，我找不到啊

驭龙

lovelive10010 发表于 2015-9-9 13:10
ESET的软件架构要优于红伞吗

我可不这样认为，ESET的架构只是让它受到的限制小一些，毕竟ThreatSense Engine是启发引擎，自然没啥限制，实际上Avira的引擎也没有被限制，ProActive的放弃是迟早的事情

lovelive10010

驭龙 发表于 2015-9-9 13:14
我可不这样认为，ESET的架构只是让它受到的限制小一些，毕竟ThreatSense Engine是启发引擎，自然没啥限制 ...

HIPS也没被限制啊，行为防护不是基于HIPS吗？

驭龙

lovelive10010 发表于 2015-9-9 13:13
额在哪，我找不到啊

Exploit Blocker

Exploit Blocker is designed to fortify applications on users’ systems that are often exploited, such as web browsers, PDF readers, email clients or MS Office components. It adds another layer of protection, one step closer to attackers, by using a technology that is completely different to those that focus on detection of malicious files themselves.

Instead, it monitors the behavior of processes and looks out for suspicious activities that are typical for exploits. When triggered, the behavior of the process is analyzed and, if considered suspicious, the threat may be blocked immediately on the machine, with further metadata about the attack sent to our LiveGrid cloud system. This information is further processed and correlated, which enables us to spot previously unknown threats, so-called zero-day attacks, and provides our lab with valuable threat intelligence.


Java Exploit Blocker

Java Exploit Blocker uncovers attempts to take advantage of weaknesses in Java. It keeps a constant lookout over processes for any signs of suspicious activity or behavior. Threats are blocked and their fingerprint is sent to the ESET LiveGrid cloud system to ward off future attacks.

Advanced Memory Scanner

Advanced Memory Scanner complements Exploit Blocker, as it is also designed to strengthen protection against modern malware. In an effort to evade detection, malware writers extensively use file obfuscation and/or encryption. This causes problems with unpacking and can pose a challenge for common anti-malware techniques, such as emulation or heuristics. To tackle this problem, the Advanced Memory Scanner monitors the behavior of malicious processes and scans them once they decloaks in the memory. This allows for effective detection of even heavily obfuscated malware. Unlike Exploit Blocker, this is a post-execution method, which means that there is a risk that some malicious activity could have been performed already. However, it steps into the protection chain when everything else fails.

http://www.eset.com/int/about/technology/
这些技术是ESET软件上看不出的