Let's make NOD32 equal to KAV!

Don't forget to add double-digit false alarms to the recipe!

 

AV's receive massive amounts of submissions of ITW malware. AT developers such as DCS instead receive some submissions (obviously less) but also actively collect trojans. We accept that numbers might indicate more trojans detected by an AV, where in reality if you want protection from trojan users you should use an AT. AV's only scan for one file signature for a known trojan. No memory scanning, no additional scans such as those in TDS, and often no trojan-specific heuristics. Beware of numbers

 

I don´t know how long ago you reviewed Dr.Web - i´m using 4.31b here and wasn´t able to get a false positive. Even after a full scan (all files, all container/archives) of 250 GB data - no false alert. The most impressive feature is the abillity to recognize viruses in password protected zip-files (in mails, where the pass is mentioned in the body at least).
The key to avoid false alerts - imho - is to turn of the Virus activity control in the SpIDer Mail settings.

see above

 

How's the test going, Shooter?

 

Shooter? People like to know...

swatch

 

Well, I got VERY discouraged with NOD32 inability to Clean and delete the Eicar Test Vitii in a zipped folder... In fairness to NOD32, I am cleaning my computer off all previously installed programs, even if I have to reclone it from a previous time (with no av or at installed).. I had a problem with browser freeups with NOD and ZAPro.. when I uninstalled ZApro, and uninstalled NOD32, and installed KAV 5, the browser problem was no more. Then I tried Sygate free, no freezeups, then I uninstalled Sygate and installed Outpost.. the trial version of 2.1.. No freezeups.. Now I am cleaning the computer and will reinstall NOD32, to check the freezeups...but I forgot from past experience that NOd32 doesn't clean infected zips, and I don't see why I'd want to keep using it.. But that's me..

EDIT.. Cleaned computer.. Only NOD32 and Spysweeper.. The browser freezup returned.. Freezeups and then the browser crashes..

 

There must still be something else going on with your system? I just don't
see any other reports of browser freeze-up and crashes with NOD32? I may have missed them?

Also: http://www.dslreports.com/forum/remark,10119740~mode=flat

However, each platform is unique, that is one of the reasons why some folks choose one AV over another.

 

Paul...

I took out KAV 5 (uninstalled it).. and Then installed NOD32....

The reasons I said I would trial NOD32 were due to detection, not usability..Besides, if I could predict the future, I certainly wouldn't spend my time on forums..LOL...
j/k...

 

Shooter,

You've mentioned elsewhere that KAV 5 was causing the freeze-ups and browser crashes--is that truly the case?

Back to NIS 2004, eh?

 

Since I'm cheap (and poor) I like to use AVG 6.0 free edition as a second on-demand AV scanner to go with NOD32. AVG seems to get along quite well with NOD and its features complement those of NOD quite nicely. To my mind at least, it's an easy program to run, and I have installed it as the main AV on several of my friends' computers, with no complaints yet. I notice that the AVG updates are coming out a lot more frequently than they used to, and the program seems to have been greatly improved in terms of its scanning ability. All in all, adding AVG to NOD is an extremely cheap (i.e. free) way of getting "multi-layered" protection.

 

This argument presumes that KAV is billed as a do-all solution, while NOD32 is not. The fact is that KAV is billed primarily as an anti-virus application, just as NOD32 is. They are direct competitors. And in fact, Eset says that NOD32 is intended to protect against "viruses, worms, trojans and other malware".

Since KAV isn't being promoted by the vendor as an "adjustable wrench" any more than NOD32 is, and since there is no reason a user can't run auxiliarry applications (TDS-3, Ad-aware, etc.) along with KAV, the same as they could with NOD32, what was your point?

The bottom line is that all else being equal, it's better for your "anti-virus" utility to detect a wider range of malware (which KAV does). In other words, it makes absolutely no sense to defend a product by saying that "You should be using other utilities anyway!"

This is where the reply comes in, "Well, all else isn't equal! NOD32 impacts the system less than KAV!" Well, quite the contrary, that varies by system: NOD32 gave me mini-freezes every time I ran a runtime-packed file, and it caused my system to throw blue-screen crashes. KAV isn't perfect, but it runs a whole lot better on my system than NOD32 does.

Looks like we're back to "The best anti-virus utility is the one that provides the widest range of protection, and runs acceptably on your system, and within your price range."

 

By the way... I've said it before, I'll say it again: All you guys (including Paul) who promote "layered security" are totally misusing the term. To "layer" security isn't to use one solution for one problem, and another solution for another problem (such as using an AT scanner for trojans, and an AV scanner for viruses). A true "layered" approach means that you have multiple solutions for the same problem.

A good example of this is to use a hardware firewall and a software firewall. Another good example of this is to use an anti-malware scanner that can detect viruses and trojans well, and to have backup AV and/or AT scanners on top of that. A very bad example of this is to use an AV utility that sucks at detecting trojans, and an AT utility to pick up the slack. Rather than "layered security", that is actually "patchwork security".

Think about it before you get angry at me. Wearing a snow suit over long underwear is being layered--both help to keep your upper and lower body warm. Wearing pants to keep your lower body "sort of warm", and a shirt to keep your upper body "sort of warm", is not layering. These are facts.

 

To Nameless from Firefighter!

One of the best writings your last "Layered Defence" lesson. When we have seen such writings that some other AV:s than KAV plus TDS3, BOClean or TrojanHunter can offer better protection than KAV, we are forgetting that which proggie can detect those viruses that those other proggie's than KAV were missed?

I have just now scanned some 738 infected archived VIRUS samples with 8 different av-proggies. Surprice, the other 7 but not eScan Free (= Kaspersky engine), were able to detect 22 infected VIRUS archives that eScan missed. Good or bad? Still eScan was able to detect totally 39 VIRUS archives more than the best not Kaspersky engined AV was able to detect. In my VIRUS collection were 291 Win32 -viruses, 264 Worms, 77 BAT viruses, 59 Macro viruses etc. Of those worms, some 220 were P2P and I-Worms. How could those 220 worms be other than REAL ITW worms, when they were even named as Worm.P2P.xxx or I-Worm.yyy by eScan and Antidote Super Lite (= Kaspersky engine too). I think that the official ITW Institution don't count P2P or the Internet as a whole system to an ITW source, because there have been added totally 53 NEW ITW viruses to the ITW List THIS YEAR.

After my own AV-test, I think that there are any enough protection offering AV:s in the market, and if u want the best protection, have at least eScan Free as your backup if u don't want to use KAV engined av:s as your primary AV!

Best regards,
Firefighter!

 

To Paul Wilders from Firefighter!

It's very nice policy. I have 231 kb zipped archive where my testing protocols are just now. If I am publishing those results (and how here at Wilders Forum when they are all gathered in the same zip file) which are quite huge amount of rows (totally 1226 infected archives including trojan like programs and riskware), may we see also those wilders.org testing protocols, where certain known program is even better agains't viruses than Kaspersky, u know from which I am talking about!

Best regards,
Firefighter!

 

It has been my direct experence and also reading the posts that for the majority of NOD32 users it doesn't cause that problem for them. It would seem there is some conflict on your specific system that causes the BSOD with NOD32?

Also it seems a number of KAV users post they have to tweak down the KAV settings in order for KAV to run with less impact on their systems. They also post that by tweaking down KAV's settings they are not sure then how well they are protected?