Kaspersky AV and NOD32 AV

Hello everyone, I love NOD32 and I am new to the forum here... This is also my first day on the 30-day trial period of NOD32. The antivirus I used before discovering the great NOD32 antivirus is Kaspersky Anti-Virus Personal. What got me interested first is that Kaspersky Labs (the company) claims they release updates every hour to 3 hours... or something like that. But when I read on the Forums here about all the Positive feedback on NOD32, it got me interested enough to end my trial with Kaspersky (uninstall it) and install NOD32. So far, I am extremely happy with NOD32 but I am just wondering if anyone thinks that you'd be more protected with Kaspersky being that it updates so frequently or depending on a what i'd like to call.. 50/50 chance on advanced heuristics for detecting a virus without a signature for NOD32...

If anyone is interested in replying, please do! I'd be very thankful to hear any feedback for my question above and also about Kaspersky or NOD32

 

Hi there, and welcome to the forums

I have moved your thread to the "other AVs" section as the NOD32 forum is really for NOD support - we want to keep comparative type discussions over here.

Additionally, you will find a lot of previous discussion on this topic with a forum seach such as this one or maybe a search for just "NOD" and "KAV."

 

Okay thank you for letting me know Detox and also, I am sorry for posting in the wrong forum.. please forgive me.

 

No problems or need for forgiveness ;-)

Just hang out and enjoy wilders

 

, I am so far! Looking at all sorts of threads right now.. pretty fun!!

 

Actually the chance of Advanced Heuristics catching virii is much higher that 50%, more around the 80-85% range, in fact almost all of the major virus outbreaks in the last 6 months to a year or so have been detected by AH. The only virus outbreak I recall not being detected was the Sasser worms. The rest, all of the Mydooms, Netsky, Bagle/Beagle and Zafi versions were all detected by NOD's AH.

As for the debate between NOD and KAV, it continues to rage on and probably will for ever as it is not a simple solution. Both are good products, and users of each seem to take pride in the fact that they use the one they do. The answer will only lie with you and your system/s. What works best for you is the best AV for you, and that can only be determined by using both and deciding which suits your needs which you are already doing. If one works better for you it doesn't mean that other is crap, it just means that one works for you

Either will give you excellent protection as they are the two best available, at least in my opinion they are the only AVs I would use.

 

Thanks for your reply flyrfan111 !! Wow ok.. that is very cool to know about the AH and what it has detected... thats amazing! But, I am reading in threads comparing NOD32 and Kaspersky and it sounds like a on-going thing like you said. But I agree... it just depends I subpose on whatever runs Best on your system or systems. Right now, I'd definetly say NOD32... it just sort of gets to me that it doesen't update as fast as the other product does (Kaspersky) but well.. I also think about when I read on the NOD32 website about Eset that NOD32 is used by Microsoft and Dell. That really made me think that if those companies use NOD32, then it has to be the antivirus to go with...

 

I have a slow PIII 450MHZ 256RAM XPHome and I didnt see much difference in running KAV or NOD they both slowed my pc just a little bit mainly in programs taking just a little bit more time to launch. Ive found AntiVir to be smoothest and most suitable for my slow setup even the AntiVir on demand full HD scan took a similar amount of time.

 

GuardianofNight,

As you seem to appreciate, most reputable AV's will have coverage for a significant malware threat given a long enough lead time. For some vendors it is short, for others it can be somewhat long, and it can depend on the specific piece of malware.

KAV tends to be rather responsive with respect to new signature generation, as there frequent update schedule suggests. This is one approach to good coverage during the emergence of a new threat. An alternate approach, taken by Eset, is to use a heuristic method, i.e. a programmatic behavioral approach, which will identify previously unseen malware. Naturally, this is augmented by a classical signature based scheme.

There is some limited field data supporting Eset's decision contained in the most recent proactive/retrospective test report at www.av-comparatives.org. This would be test number 4, Nov. 2004. The test strategy is simple. Update AV's to a given date, then freeze the definitions. At this point, start collecting new pieces of malware that are floating about in the wild or appearing as new zoo samples. Allow the collection phase to continue for some predetermined time, and then challenge the AV's with the newly collected malware. In principle, none of the AV vendors will have any prior knowledge of the specific samples collected. That's the test in a nutshell. Obviously, all AV's perform decidedly worse in this type of test than in a classical on-demand challenge with known samples. If you go through the results, NOD32 came in on top, KAV placed in a nearby second. If you restrict attention to samples that actually appeared in-the-wild during the test NOD32 scored 8 for 8, KAV was second in this class (tied with Bitdefender) at 2 for 8. Don't read too much into the percentage results, this is a small population test, subject to very high variability. What this result means is that NOD32 provided pre-emptive coverage for all new samples which actually appeared during the test collection phase and no NOD32 user would have suffered a zero-day infection from any of these 8 samples. A KAV user would have had pre-emptive zero-day coverage for 2 of the 8 samples. The remaining 6 samples could have in principle caused a zero-day infection. Operationally, KAV very significantly mitigates this risk via the rapidity with which they deploy new signatures.

The results do underscore the somewhat differing approaches. KAV has a large number of daily updates and are very quick to establish signature coverage of new malware. Eset tends not to be less heavy on the daily updates, relying partially on heuristics to handle the new/unknown stuff.

It's not an either/or question here of which is better. Both approaches have distinct strengths and weaknesses and neither vendor puts all their eggs in one basket as it may seem from my description above. Both approaches are used by both vendors, but the emphasis is a little different.

Blue

 

Oops I meant to say the AntiVir full system scan on my system seems just as fast any anything Ive tried.

 

Blue,

I agree with you 100% on that part you wrote... as well as the whole post you made . I really have to say it depends on your trust for Heuristics OR wait an hour or 3 hours... however long it is for Kaspersky updates.. I read its 1 hour, but then I read somewhere else its 3 hours.

Its just a very very hard decision because I feel like I want to trust NOD32's heuristics but I also want to be protected "for sure". In a way, I feel safe with both, but I also stop and think how can Kaspersky know that they have to release updates every 1 or 3 hours? How do they know they will have to... Thats my biggest question for Kaspersky or the members who may reply to this thread I made... just a little something to think about like I spent time doing....

 

KAV updates hourly (if needed). The installation default is a check for updates every three hours.

I own both AV's. On the 5 PC's in the house, two run NOD32 as the main partition AV, three run KAV WS 5.0 as the sole AV. On my system, my primary boot partition uses NOD32, my secondary boot partition uses KAV WS 5.0. I boot to the NOD32 partition maybe 90% of the time. My main driver in placing NOD32 on my primary partition was impact on PC responsiveness. KAV left small, but noticable gaps in responsiveness. Not a major issue, but something I could feel and wished to avoid. I have a reasonably fast 4 Mbps cable connection. I might not notice the difference at all on a slower connection. Both are excellent products. I know that there are folks out there who say that they notice no impact from KAV. I do and haven't been able to tweak my way around it. I do have a reasonable machine (2.8 GHz P4 with a 533 MHz FSB, 768 MB RAM, 40 & 80 GB 7200 rpm HDD's).

If you are a casual user who frequents mainstream sites only - and by that I mean you don't do a lot of googling for information where you could unwittingly pop over to a bad site - either AV (and many others) would be fine.

If you absolutely positively have to be sure, no question about it, detection performance is the best money can buy regardless of the impact of your surfing experience, KAV is the way to go. Although there are a couple of examples where I've seen McAfee outperform KAV to what is probably the noise level of the test, KAV is the lead finisher in virtually all objective AV test results that I've seen. Like any product, KAV is not invincible. Also, if the performance hit is too high, go with NOD32.

Now, I say that, but on my machine I use NOD32, in conjunction with some additional measures (see here). I've made a calculated decision to trade some single point detection performance for machine performance. I've mitigated the impact of the added vulnerability by adding a component (BOClean) which has a very low impact but provides excellent secondary coverage for some very primary threats. Absolutely nothing have eluded this pair and only a vanishingly small number of threats have eluded NOD32 (all at newly reported malware links which I visited for testing purposes) and those threats are now covered.

Neither product will be able to protect you "for sure" and the difference between the two is small indeed, much smaller than the sometimes heated discussions you see here and elsewhere would appear to indicate.

Blue

 

Trusting is AH is not too difficult given the test results of In The Wild viruses . Both are excellent at what they do . It really does come down to which you like better on your machine . As I have stated many times , you will not go wrong either way . Whichever looks best to you and works best on your computer . You are comparing two of the absolute best in this genre . Whichever way you go , try not to look back . In my opinion , whatever you choose , it was an excellent choice given the two that you are considering . Hope that helps and good luck

 

Oh yeah . Welcome to the forum

 

Yes it does help , very much!!! I found Kaspersky Security Suite 2006 (Prototype) its called. I was wondering if its going to be released this year or all the way to next year... I just thought maybe since it is well I think it would be called an "Alpha" version of the product.. if it can go through enough beta versions and then release this year... does anyone know if its going to be released this year? I thought to ask my question in the same thread since its about Kaspersky and not to make 2 different threads...

 

Wish I knew . But , if you need something soon , I would suggest staying where you are as far as choosing one or the other . If you are leaning toward KAV , you could drop them an email and ask if you buy now and the 6 version comes out in 6 months , what will happen . Just an idea . 5 has not been out long . At least , I do not think it has been . Sending them an email will do something else too . It will give you an idea of how quickly they respond to their customers . And potential customers . Again , good luck . Wish I could be of more help

 

I went through some of the beta testing for KAV WS 5.0. According to some of my e-mail messages to KL, the initial beta version hit the streets at the beginning of June 2004 and I think the initial release version appeared on Nov 1 or 2, 2004. I would guess they are aiming to try to release on the "2006 version release cycle" that AV's such as Symantec try for, which would be late summer/early fall of this year.

Blue

 

Thanks for the replies ! I will keep Kaspersky as my homepage just to see if they release any news saying anything about the security suite. Thanks very much for all your help, I want to compliment everyone for helping me in a very nice timely manner and polite too!

At this point, I think I am going to stick with NOD32 for the trial... then decide and also remember what all of you said.

Thanks again and take care

~GuardianofNight