Nod32 should update more quickly

Discussion in 'other anti-virus software' started by netsonic, Jun 6, 2002.

Thread Status:
Not open for further replies.
  1. netsonic

    netsonic Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    9
    I am a new user of Nod32.  So I don't know how often Nod updates its virus base or / and its engine.


    Today I update it.  Then I test it with trojan package downloaded from astalavista.
    http://www.xxxxxxxxxxxxxxxxxxxxxxxx.com
    BTW: My opinion is  top AV such as Nod should be  top AT.

    These trojan file are : osirisv2.zip,PESTv1.zip,
    Mantice_Client-Server.rar,IntruzzoEng.zip,D4v3'5.ZIP

    Nod only detects Mantice
    Kaspersky and Drweb detect all
    f-prot(for dos): none.
     
  2. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    NOD32 has an ardent group of followers that tend to be purists, in that they believe an AV should catch Viruses, not trojans.
    Of course, there are those that feel differently.
    It's a choice thing - as long as you know what you're paying your money for, it's a matter of choosing between the different programs. It does take a little investigation up front.
    I payed for it, but I have since gone back to Kaspersky. I also use TDS.
     
  3. claire

    claire Guest

    Hi,
    NOD32 is a real good AV(but only an AV prog)if you want to catch trojans
    use TDS or Trojan Hunter ;)
    regards
     
  4. octogen

    octogen Registered Member

    Joined:
    Feb 11, 2002
    Posts:
    212
    I am in total agreement with you, claire.  I would also add BOClean to your list.
     
  5. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    If you are looking for excellent standalone ITW (in the wild) virus scanner then go with NOD32.

    If you are concerned about Zoo Viruses/Trojans/Backdoor then look somewhere else or get yourself Trojan/Backdoor scanner plus good zoo-virus scanner.


    Technodrome
     
  6. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
    Although many AV's include some Trojans in their sig defs and KAV has a good rep in regards to Trojans, still many people do not think it best practice to rely solely on AV's for Trojan detection and elimination.  Trojans are sneaky and wily critters and some of think that it's best to augment our AV's with AT's that are dedicated soley to Trojans.    

    I use NOD 32 but do not expect it to be a Trojan scanner anymore than any other AV app.  
     
  7. Tassie_Devils

    Tassie_Devils Global Moderator

    Joined:
    May 8, 2002
    Posts:
    2,514
    Location:
    State Queensland, Australia
    ditto sig and claire.

    Surely most people should know that virri, trojans and worms are separate kettles of fish. I mean AV progs may catch some of the worms, and trojans, but their primary function is to catch viruses. Same as AT for trojans, etc.
    NOD32 is an EXCELLENT program just for that purpose. virus catching. I also use TDS and Wormguard, to complete the arsenal for defence.
     
  8. bubs

    bubs Registered Member

    Joined:
    Apr 28, 2002
    Posts:
    106
    Location:
    Suffolk, England
    Nod32 detects some subseven variants

    Had a pleasant surprise a couple of days ago - downloaded a couple of subseven vairants just tosee what happens when TDS-3's exec protect kicks in.

    Tried to scan the archive containing subseven bonus trojan with TDS-3, and Amon kicked in - locked the file, having identified "SubSeven.213.Bonus trojan."

    It didn't identify what TDS called RAT Subseven2.2b - but that is what I bought TDS for.......

    Haven't tested them against TTT yet - but I guess that's for another forum :D
     
  9. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    :D As an avid NAV user, I would like to see NAV improve its detection rate of trojans. NAV came in last place in PC Flank's study: http://www.pcflank.com/art17d.htm. But I think NAV is better than its last-place finish indicates, although NAV didn't do too well in Eric Howes' informal trojan tests either:

    Informal Trojan Test #1,
    http://www.staff.uiuc.edu/~ehowes/trojans/tr-tests.htm
    Informal Trojan Test #2,
    http://www.staff.uiuc.edu/~ehowes/trojans/tr-tests-2.htm

    NAV has a very large virus definitions database, currently detecting 61314 viruses (see attachment).

    [year-old attachment deleted by admin]
     
  10. netsonic

    netsonic Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    9
    Hi Randy
    Glad to see you here :D

    I think you should be highly commended by Symantec-----as an avid NAV supporter and a qualified NAV publicity agent :D :D :D
     
  11. wizard

    wizard Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    818
    Location:
    Europe - Germany - Duesseldorf
    You can not compare these numbers. Every vendor counts the number of malware his software detects differently. Just take as an example:

    Kaspersky Anti Virus unpacks around 120 runtime packers. So if you take 120 equal backdoor trojans and 120 runtime packers you get 120 variants of the trojan. KAV just needs one string to detect them. I do not know how many rumtime packers NAV supports but the number should be much less than 120. So let us assume that NAV unpacks 10 runtime packers. To detect all 120 trojans NAV needs additional 110 signatures.

    You see now why the total number of detected malware is completly useless to judge of an av software?

    wizard
     
  12. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Wizard is right! Here is something else to bear in your mind!
    If you compare Norton AV with DrWeb32 you might be fooled by virus count. According to their reports, Norton AV knows far more viruses than DrWeb32 (61.314 vs. 30.000 approximately). Why? This is due to how viruses are counted.

    Norton AV counts every virus modification, but DrWeb32 counts every virus type.
    Code Red or klez is counted at least 5 times in Norton and only once in DrWeb32 bases.


    Technodrome
     
Loading...
Thread Status:
Not open for further replies.