is nod32 good enough against trojans?

Hi

ive already got nod32 and i wonder if I should install an anti trojan program, like tds, as a complement ? Or is NOD32 sufficient ?

 

Depends on your surfing habits. If you are a conservative surfer, NOD is probably sufficient by itself, as it has improved dramatically with its trojan detection in the last 6-9months.

If you visit more high- risk sites and want a more layered defense, then supplement NOD with one of the commercial or free AntiTrojan scanners.

No harm in adding one of the free on-demand AT scanners

Most AV's detection of trojans are improved by an antitrojan program; https://www.wilderssecurity.com/showthread.php?t=58597

Recent threads here;

https://www.wilderssecurity.com/showthread.php?t=51850&highlight=trojans
https://www.wilderssecurity.com/showthread.php?t=45763&highlight=trojans

 

This is what works really well for me as a layered defence, very simple to use and maintain: https://www.wilderssecurity.com/showpost.php?p=315075

Hope this helps...

Cheers

 

I currently use Kaspersky AV 5 with TDS-3 - the ultimate AV/AT solution IMHO.

However, I'm strangely drawn towards NOD32 for some reason. When NOD32 reaches the detection levels and all-round capability of KAV, I might well switch , but until then I feel safer with KAV. EDIT: You never know when you might come across a dodgy site (maybe while you're surfing some ompletely innocuous sites), and if it contains a virus or trojan that's not ITW, then NOD32 might not protect you. KAV on the other hand will protect you.

Make sure you also include an anti-spyware app in your configuration. I use AdAware SE Plus and SpyBot, although GiantAS, Ewido and Webroot Spysweeper are also good at their job.

As Blackcat and Blackspear point out, a layered defence is the best option.

 

All of the last major virii incidents to include the Mydoom variants, Zafi.D, the Sober variants, Bobax.A and the Bagle variants have ALL been detected and stopped by NOD using Advanced Heuristics, which as you know means they were stopped on first sight WITHOUT updating, KAV on the other required a def update to detect ALL of them, meaning if you encountered them before KAV updated KAV would not protect you. I feel safer using NOD for just this reason. Yes they seem to take awhile to add some of the obscure stuff, but for the really serious outbreaks of late, NOD seems to be way ahead of even KAV.

 

Yup. The only thing between you and tomorrow's virus is AH. For the most part, if you rely on yesterday's virus signatures, then you are bound to pick up something sooner or later. It's kind of like waiting for the doctor to tell you that you have an STD. Too little too late.

Neil

 

Well said Gauthreau, Much more eloquent than I said it.

 

Hi all,

I also feel more comfortable with KAV 4.5 and TDS-3 along with ProcessGuard 3.0. From time to time I check on the online malware scan at:

http://virusscan.jotti.dhs.org/

and while both KAV and NOD32 pick up most of the viruses/trojans they will both miss some. In my casual glances, it appears that KAV will miss about half as many as NOD32 (in the few times that they miss). But this is not scientific. Only the owner of the site knows the exact count. For this reason, I use KAV 4.5 in real-time and NOD32 as a backup scanner. My layered defense is very tight now - especially since I adopted more conservative browsing habits.

There are lots of nasties out there and I never know when I will drop in on one. The other day, I was delivered a virus through a Jave .jar file that got through KAV real-time but was detected in a temporary folder when I ran NOD32 on-demand. It was confirmed by KAV 4.5. on-demand and online-virusscan. It just showed me that things do get through and it pays to have backup - including a backup image that I can go back to as my fail-safe.

Rich

 

Backup Image 4thewin
Driving a system without a backup is kamikaze if you ask me

 

I have NOD with BOClean on one machine, a KAV AV on two machines and one of the free AVs on a fourth machine.

All of these AVs are good at detecting current infections. However, I
feel more comfortable with NOD running resident, (both AMON and the HTTP scanner with AH marked), over the rest because it stands a better chance of detecting 'zero-day' infections.
https://www.wilderssecurity.com/showthread.php?t=58482

Also Retrospective/ProActive Test:
http://www.av-comparatives.org

Plus I like the NOD IMON HTTP scanner, with AH marked, to stop possible
infections from ever downloading to the machine by terminating the connection.
Example:
https://www.wilderssecurity.com/showthread.php?t=54093

 

I'm constantly amazed at how many sites have trojans and downloaders where NOD32 notifies me that the connection was terminated. I have now encouraged our hosting clients to open helpdesk tickets for us to check sites they are unsure about - if NOD32 triggers, we recommend not visiting.

A number of clients have shown interest in purchasing NOD32 based almost solely on this feature! It's a pretty good selling point!

regards

GH-L