What other Anti Virus program in conjunction with NOD32?

All,

I like NOD32 alot, however, i've read some complaints about NOD32 not catching everything or something, so i would like to take a "layered" approach to keeping my machine clean. I would like to install another anti virus program in conjunction with nod32. Of course i will only use one of them to act as the resident scanner, however i would like the other one on hand to use as an on demand scanner. does anyone have any experience in installing and running the on demand scanner of another AV program, such as KAV with nod32? Anyone find a good combination to offer high protection? TIA

 

Just use one of the various web-scanner like TrendMicro Housecall , RAV or Bitdefender. Free and easy.

 

if you want free solution then go for those in that order of preference:

1. Panda platinum 7.07 ( AV + firewall )
2. eTrust EZ antivirus
3. F-Prot for DOS 3.14e
4. AntiVir PE

if you can shell out some quids then:

1. KAV 4.5 Pro or KAV 5 Personal
2. F-Prot for Windows 3.14e
3. Trend Micro Internet Security 11.1 ( AV + firewall )
4. McAfee

by the way those are my personal preference so it can differ with other people.

 

I used NOD32 + BOClean, and found it a good, very light combo. But sadly, it still wasn't enough. BOClean is very very good at keeping things from "Executing" on your box, but its heuristics seem a bit light, and it lacks good rebase detection.

I've had 3-4 baddies pass through this layered level in the last week!

I've decided to drop NOD32 like a bad habit, it just misses way way too many malware/trojans/keyloggers, and thats the main thing that i've run into in the last 2 months. I need heuristics in my onaccess scanning.

Honestly, if I had to recommend anything to you, it wouldn't be NOD32, it would be something like F-Secure, AVK, Norman, or KAV.

Perhaps the next version of NOD32 will address its deficiencies.

 

Umm, AMRX, it seems that both Panda and E-Trust have removed those offers. Last time I checked their websites, Panda Platinum was back to a 30-day trial version, and the EZ Armor and EZ Antivirus 1-year trials actually required money.

 

Kobra,

i read your other post about bitdefender, and in it i found the link to the trial version for AVK, downloaded it and running it now. so far it's great, much heavier on resources than nod32, but for the dual layered (KAV and Bit engine) protection from two great engines, it seems worth it

so what will you be replacing nod32 with? have you made up your mind yet?

 

I might be going to the US version of AVK by eXpendia, its actually considerably lighter than the G-Data version of AVk, and if you call or email them, they will give you a download and a key to try it. Contrary to what Paul told me, these guys DO have good support, and offer toll free phone support, and during regular business hours - usually email responses within an hour... $29 for the pro version, ONE TIME fee, no yearly fees required.. Check here for more info:

http://www.extendiaavk.com/

This thing is racing through my tests with 100% perfect flying colors, its onaccess HTTP scanner is robust, you likely won't even be able to CLICK on a virus/trojan to download, even archived. It ripped up that little AVtest program bad, recognizing signatures in the actual EXE itself before even running the program. I put a really bad rebased/packed (with new packer) baddie I got hit with this week through it, and it tore that up as well. I put a CD with about 100 Keyloggers/Dialers/Backdoors on it through it, and it scored 100%.

As for my evidence about BOC/NOD32 Paul, other than my personal tests, and my personal run-ins with various baddies - which have been sent off and confirmed by every other AV company, I can refer to these: (and a few others out and about) I still love BOClean, it does what it does well, if its a known baddie, and you get backended with it, BOClean works wonders, I love BOClean. =)

http://home.arcor.de/scheinsicherheit/rebasing.htm

d) NOD32 Version 2.009

Advanced Heuristics default configuration: 0 out of 11

and for BOClean:

Also memory scanners like BOClean 4.11 are (obviously) not immune against rebasing. For instance, the rebased Beast 1.92, CIA 1.22 & Theef 2 beta 5 servers remained undetected. Rebased Bionet 3.18 and Optix Lite 0.4 servers were detected.

 

Can't really log sometihng they both missed, but i'll be happy to refer you to emails between myself, TDS and BOClean about the files/programs in particular.

But I do have logs of products like AVK, F-Secure and Norman picking up the very same files, even inside them. Theres a thread on this on the NOD32 forums here specifically.

At any rate, BOClean seems like a good backup solution - or layered solution for almost any AV - at least in my opinion!

 

kobra, how is the extendia ATV program in terms of system resources? resource hog?

 

http://home.comcast.net/~prolawn00/cpu.JPG

Actually, the program is way smaller than any other AV i've seen as far as resources.. Uhh, 8,288k of system resources with only 2 processes running.

Now, there *IS* tiny pauses when you do things with both engines grinding away on full power.. Instead of say your web browser loading up in 1 second, it might take 2 seconds for example. But whats doing this is the KAV engine, which you can toggle off or configure differently. Running on only the RAV engine, theres absolutely zero difference than running nothing at all. So clearly, this badboy is using both engines and doing the double-check. KAV hasn't been known as a total speedster, so thats understandable.

I run both full blown, and its totally tolerable considering the extreme protection. I'm going to dig into configurations a bit more, as you can tweak this down a good bit, and probably make it hardly even noticable.

However, to give you an idea how good this protection is, I downloaded a rebased/repacked trojan from my own fileserver where I was storing it, a file which around 10+ AV/AT products completely miss. Well AVK wouldn't even let me DOWNLOAD IT... Thats pretty intense, no?

RAV's definition database is almsot 100,000 strong based on what their website says. So even if you just ran the RAV side of it most of the time, and used the KAV+RAV for ondemand, you'd be massively protected from one product i'm betting.

 

Hmm... didn't AVK drop RAV?

 

AVK-Germany changed to KAV+BitDefender. AVK-USA kept the KAV+RAV engine system. RAV has about 25,000 more definitions than BitDefender, and a better unpacker.

I think that had something to do with it.

 

If MS bought up RAV, be interesting to see what happens to support in the future.

Interesting read

 

I was wondering about that too, and i'm looking for more data on that from eXpendia. With 98,000+ defs in the RAV database, its certainly impressive sounding.

But I suspect the US folks will just switch to the BitDefender database should someday the RAV ones turn off. The reason they kept with RAV for the US version was due to its larger more comprehensive aspects compared to the Bit one.

I'm going to call them tomorrow.

 

Let us know what you hear. LOL keep up the good work.

I'm back to KAV 5.0 (only AV I feel comfortable with based on testing and the fact that tech support answers emails for eval versions in a timely manner... same day generally) and waiting to hear if I can get an ETA for Personal Pro out of a contact in Marketing.

So far I've been through BD 7.2, Panda Ti 2K4 & Plat, F-Secure, EZ, NOD32, AVK, F-Prot, NAV 2K3, NAV 2K4, TMIS 2K4.

 

Kobra,

I may be missing something, but I have been an AVK user from day one (from eXtendia) as a backup to NOD32. My yearly license was up in February and I have to buy an additional year license for signatures. From their web site:

Gold Support and License Extensions

Each eXtendia Antivirus product comes with Gold Support which includes one year of free virus signature updates. Once your introductory year runs out, you will want to maintain your access to the latest virus signature updates by extending your current support agreement for a nominal cost. To extend your support coverage, select the product that you're currently using below

Double-Engine Antivirus Users (Extendia AVK Pro or Extendia Antivirus Professional) - renewal cost :

One year: $24.95
Two Years: $45.95

Single-Engine Antivirus Users (Extendia AVK or Extendia Antivirus )
- renewal cost :

One Year: $8.95
Two Years: $16.95

So if you're getting them for free definitely go for it.

The product is ok for a backup on demand scanner. I would not personally use it as a primary scanner...it's noticably slower. Much more so than NOD32. I use the same combo that you used, NOD32 and BOClean and have never had a virus, trojan or malware infect my system.

Bill

 

Your right Bill, thanks for correcting that. $24 per year.. Still a great value really, considering some AV's are triple that or more!

I've not noticed a significant draw on my system from AVK, only about 8,000-9,000k in ram, and a tick to 1% on the AVK.EXE once in awhile. Loading some progs takes a second or two longer. For example my browser takes 2-2.5 seconds to load with BOTH engines running set to max, rather than 1-1.5 seconds. Keep in mind i'm running a fast 3.4ghz custom box.

Now, my thought is this... This proggie might offer the best of both worlds.. If you are worried about the slight hit on performance for some things, then just run one engine for on-access realtime scanning, then for on-demand scanning, turn both engines on, and set them to max. You have probably the most incredible ondemand scanner known, as well as more than adequate 100% ITW+ realtime monitoring.

My NOD32+BOClean combo I liked, but unfortunately 3 things passed it in one week, total of 6 this month, and I finally decided it just wasn't working out. I think i'll be moving exclusively to AVK for my AT/AV layout, with perhaps Ewido on standby for ondemand AT when I feel like it.

At the very least, i'll run realtime with RAV, and ondemand with fullout both engines on deep/max. $29 I can't go wrong! Thats 10% of what I was spending before on products. =)

 

Hmmm... the deal with eXtendia AVK gets even better... they are offering the complete Security Suite (which includes the double-engine AV, plus a firewall and eight other security apps) for the same price as the AV alone... $29.95... sounds like the bargain of the century...

http://www.extendiaavk.com/SecuritySuite.htm

 

WTF sign me up! Even if that firewall is kinda lame, I could still use it on my test PC... Let alone the other toys to play with... Sounds good to me.

Wonder if that whole suite, contains the "AVK Pro" or some other version of the AVK? I'm going to have to call them on that to I guess and ask. If it does, thats a super deal.

For any questions, 7 days a week, call Toll Free 866.224.2140

 

I believe the Internet Security version come with the AVPro.

"eXtendia Antivirus (Double Engine solutions)"

Have to admit, it's a compelling package but I'm skeptical, seems too good to be true. Something has to be up with either the company or the product. If they're trying to market aggressively, they can't do it on price alone. Lot of things missing from the equation. Although it is good to know that they do have phone support.

 

@Paul

1.
I still can't log in. Are there any special requirements to enter this forum? Should
I delete cookies etc.?

2.
"As for "scheinsicherheit" (Nautilus, right?): interesting, heavily critized (as you are well aware of). I nice project nevertheless. Rebasing - as well as other ways to fool AVs are well known."

This comment is o.k.

3.
"I for one would not count on results published over there. Andreas Clementi for example wouldn't either."

I do not like this comment:

Do you mean our results are wrong, faked or something like this? If yes: please substantiate your claim.

Or do you mean that our results do not tell the entire truth? If yes: no problem. That's what I always say myself.

In addition, I wonder why you refer to Andreas Clementi. Is there any official statement from Andreas Clementi that our results are crap?

Regards, Nautilus