DRWEB vs. NOD32...My conclusion.

Actually I have 166 infected samples that were detected by NOD32 2.12.3 with AH upd 1.935, but not by DrWeb 4.32b, because I scanned with NOD those samples that DrWeb left behind.

97 -- Trojan like malware

_8 -- Script like malware

36 -- Viruses

25 -- Riskware

Unfortunately NOD isn't able to move or delete infected archives, so I couldn't scan those samples that NOD left behind. I know only that there are 323 infected samples that were detected by DrWeb but not NOD.

PS. Just checked those numbers of samples that were missed by NOD but detected by DrWeb.

98 -- Trojan like malware

70 -- Script like malware

141 - Viruses

14 -- Riskware

After all, not so worried about situations when some av detected some tens of infected samples that some other av missed. Even with my a bit over 3k of infected samples, there are hundreds of samples that were detected by one av but missed by an other av.

Best regards,
Firefighter!

 

Take a look at my last scan, there you will see that any av isn't perfect, even McAfee has big difficulties against TrojanDownloaders.

Best regards,
Firefighter!

 

Those are pretty interesting results Firefighter. DRWEB and NOD32 are pretty much neck and neck for most of the tests. But over all, DRWEB still takes the lead baby!!!! DRWEB and KAV together make the best combination on a system in my opinion.

Barney

 

Just added NOD32 2.12.3 upd 1.935 scanning results to my scanning table above by using Advanced Heuristics only, without signatures. Interesting results with trojan like malware and worms. I made this scan 5 weeks ago too (upd 1.904), when I had 13 trojan like malware less and 3 worms less, otherwise the same testbed with these malware.

On 23:th October NOD scored without signatures but with AH 52 trojan like malware LESS and 29 worms LESS. How is it possible, when the scanning engine was the same?

Btw, I separeted those backdoors and trojans to different categories in my table just now.

Best regards,
Firefighter!

 

First of all, a REALLY REALLY BIG THANK YOU to FireFighter for his time and continued efforts to use his abilities with statistics to actually HELP us understand and use performance data!!!! Again, hats off....

I run DrWeb as my primary realtime AV product; I use F-Prot and Extendia as on-demand scanners for second opionions as needed. These three products give me the "opionions" of four different AV engines; so far, ALL of my system are virus free. And THAT is, after all, the name of the game....

KDCDQ, Security Freak

 

What is the big deal about DRWEB. I used it once and was totally disappointed with it. I am now using NOD32 and find it to be the best antivirus out there. DRWEB;s detection rate just don't compare to NOD32. Nod32 also has better heuristics in my opinion. I do admit that DRWEB is a very low resource scanner. I was able to use my system with no noticable slowdown. It is almost as light as NOD32.

 

Some people seem to only look at the cpu usage of the program in question. dr Web scores not as good as NOD32 in almost every test, but still people are hailing Dr Web. Well: their party

 

This depends upon the category of malware you look at

Again, too much of a generalisation here, particularly if you look at a range of different AV-testing sites. I would be interested in 'all' the tests you refer to.

Further, take into account that viruses are no longer the present, main malware threat.

I have used Dr Web and NOD for a number of years and they will both give you excellent protection.

 

If one ignores cpu usage, then KAV is what I would use. It's heavy on cpu but superb on protecting against all categories of malware.

Almost every person in the world dislikes this sort of generalization.

 

That's ok by me, dear Bellgamin

But as I have noticed, the new KAV 5 personal is not so cpu hungry anymore. And it scans a lot faster too. So I have switched from NOD32 to this one. And with the help of Ewido and CounterSpy I must be pretty secure now, I hope

 

I have to admit that I had too small quantity of the most common nasties, but now I had added some TrojanDownloader, TrojanDropper, TrojanSpy and Exploit samples. Avast will be in my table as soon as possible.

All these scanners tested here are very good overall, just some are better than the other.

Best regards,
Firefighter!

 

Just added Avast 4.5 Home to my test table. Not so bad test results either with Avast.

Best regards,
Firefighter!

 

I have never heard of either of these antivirus's. Are they any good? I have used Norton for years. Does Nod32 or Drweb compare to Norton? Which one is the best?

 

Hi Smurf, this sort of question can lead to a flame war. It is no different than asking which car is better when comparing two rival family size sedans. Saying one is better than the other is relative to what your purpose for it is. One car may get to the line first today, and the other might get there first tomorrow, both have a function of getting from A to B, some come with more features than others, others use less resources etc etc, and we all have our own preferences as to what we like. Yes there are some major differences between some products, but on a whole there is a majority of fine software available that performs very well. As such, you are better of taking a look at a few websites such as:

http://www.virusbtn.com/vb100/about/index.xml

and

http://www.av-comparatives.org/

And then from there I would download and try a few to see what you like.

On an overall general security approach I would suggest that you may want to take a look here for further discussion on security and how to make your system that much stronger and here for more.

Hope this helps…

Cheers

 

Avast Home in on par with NOD32. Avast is a tad slower, with less bells and whistles. To me, it's silly to pay for NOD32 when you can get Avast Home for FREE.

Norton will slow down your system more than NOD32. And Norton's LiveUpdate can go bad, leaving you with outdated AV definition file. If you want excellent all around detection with moderate load on your PC, then give McAfee a try. NOD32 is very light, which can be an advantage if you have a sub 1000MHz PC. Those with +2.0GHz PCs should give Avast Home a try. Ya can't beat the price of admission!

 

1GHz CPU,512MB RAM and NT based OS (2000/XP) and avast! should work very good. Win9x couses all the slowdown problems. At least thats what i saw when i recommended it to my cousin (he has a Win9x machine and 256MB RAM).

Anyway i also noticed similar results on Jotti as Firefighter posted above.
NOD32 and DrWeb seem to be on par,but DrWeb appears to have a strong generic detection (Win32/Agobot.gen for example) where NOD32 doesn't have such signatures. Many of them are indeed detected by AH but thats not the same IMO.

 

Em Internet Mail heuristics in avast! are a bit more advanced than just warning for every and each exe,com or pif file. As far as i know avast! is the ONLY scanner that checks entire mail structure,not just attachement.
So if there are dual extensions,whitespace sequences,remote links,remote iFrames,specific thresshold of outbound messages and so on,that fall into specific criteria,you will get warning.
Sometimes even decompiler heuristics fail to detect new stuff.
But again there needs to be some user intervention to approve the mail.
I also agree that NOD32 is better than avast!,but not in all areas.

I also talked to one of Alwil programmers and he said its better to not impliment heuristic than implimenting crappy ones,that generate lots of false positives and are not effective on real malware.
And i agree with him.

Oh and about submitted samples. They will add them eventually.
They appear to have a priority list of submitted samples,so they first add more important stuff and later those that are not so common.
I submitted them loads of malware and they usually added them very fast since the malware was picked from school computers.
Kaspersky adds them asap because they HAVE TO generate definition updates frequently (1 or 3 hour frequency )

 

Hi Rejzor,

Thanks for your reply.

I completly agree with you with the fact that avast e mail Heuristics is a little more complicated than I described so I stand corrected

I have e mailed on the Avast forum's about the samples and agree with you that stuff that is floating around in the wild is added quickly and most stuff I have sent in are samples from websites. (Though I still feel that if these samples are availble from just googling and are available for the public to download then should not these be detected quickly as well).

I am guessting that if they receive the same sample from a few different people it gets added quickly.

Rejzor I do think Avast is very good program and adequate for the average user but as you said Nod32 is better does provide better detection but then it not free

Cheers

Jlo

 

Rejzor,

I forgot to say the one major plus point as well for Avast is the forum. You can post a message and normally get a reply back in moments plus some of the programers of Avast hang out on the forum as well.

I think the level of support with Avast is much better than some of the big AV players.

Kind Regards

Jlo

Sorry I am getting of topic. Proabally should have started new thread

 

Yup,i agree. NOD32 is better,especially in detection of new stuff (manly by AH).
For overall detection of older (known stuff) they are somehow pretty similar,maybe NOD32 a bit ahead.

 

No offense but this represents the inferior capability of the developers of the products, when one can do with success but others not.

In my mind, Avast Home (or even its Pro version) is no where to near NOD32 and the best thing about Avast Home just because of it FREE. NOD32 uses less resources than Avast, NOD32 faster than Avast but NOD32 can do lot of better job by detect much more nasty stuff than Avast, why?

NOD32 is the best antivirus scanner in the world, this is not opinions but about the fact, the fact that many people can't accept.

 

This is just your opinion. Many people, particularly on this forum, will agree. However, many will disagree.

Whatever offers good protection, suits you and your system is the best Antivirus.

 

Please refer to post number 115.

Cheers

Blackspear.