Antiviruses facts

Is it ture that bitdefender is becoming better than kaspersky?

And other antiviruses are becoming better than kaspersky.

coz a couple of antiviruses has the kaspersky engine plus there own.

 

Useless and overkill.

Example F-Secure AV: program with 3 engines, KAV-engine included.

KAV is still the better choice, better detection rates.

 

well i wouldnt say becoming better than KAV but some AV like nod32 are greatly improving their signatures. well have to wait for teh next KAV 6 and nod32 v3 and see teh AV playing field then.

 

i really like nod32 when i used to use it but i saw that i wasn't as good for trojans and when i bought kav it found a couple of trojans that nod32 did not find.

i find the adavantage of nod32 to kav is that its lighter and faster scan.

if kav improves its scan speed and becomes lighter kav would be better.

 

Yesterday my cousin was using my pc when I was out getting some beer for us, and apparently he visited some nasty sites while I was gone (using IE!).
I could see in the Threat log that IMON had blocked 2 known trojans, 3 variants and 1 unknown.
If that's not 'good detection' then you can just call me Pete
He told me he was looking for a NO-CD and didnt stop surfing because my AV stopped everything.. I'll smack him later..

Anyways, as I was quite concerned that maybe NOD missed something, I scanned with Panda & KAV online scanners:
They found nothing. So NOD did an excellent job, and also found a new trojan in the process (or whatever it was)

 

LOL


P.S. How was the beer?

 

Nice hint. I was there too a bit after I saw this. Guess which were the 6 scanners that were able to catch them both in Jotti´s online scan?

Best regards,
Firefighter!

 

OK, here are the results from the "Finnish Lottery Team"! Again it seems like a lottery which av is capable to pick them both up. These infections were as a result when I tried to download 3 key files from the source you just mentioned.

Best regards,
Firefighter!

 

What source? I don't remember providing any links as I have no idea what sites he visited.

Anyways, I think I got infected by the CWS-spyware/trojan/keylogger or whatever it is,
but can't remove it as nothing detects it.
So if your point is NOD let something through, it could very well be possible.
CWS details: (https://www.wilderssecurity.com/showthread.php?t=93321)

 

NO-CD was enough for me! After that it's up to you how many infections you want to pick up!

Best regards,
Firefighter!

 

I hope he had the good sense to check GameCopyWorld first for No-CD patches - that is the best site and I have never encountered malware there.

However using a web filter to strip out any active content (Java, Javascript, ActiveX) for all sites except those you trust seems a far more secure method than relying on any AV's signature detection - some sites won't work fully but in many cases, active content is just used for trivial purposes (rollover effects, etc) so removing it makes sites load faster.

 

Ah! 10-4
And as Paranoid2000: If I really need a no-cd, I also use gamecopyworld.
But it's hard to teach people stuff when your not in the same room you know

 

My point was that any av can miss nowadays and even daily!

Best regards,
Firefighter!

 

the current version of the noscript extension for firefox lets u block not only javascript, but java, flash and other plugins for any sites u havent deemed as trusted.

 

Already installed, but as I mentioned in my first post: he used IE (he has no idea what Firefox is).
And I only use IE for Gmail and Banking.

Sorry, english is not my native language so I make mistakes from time to time.
Sorry

 

And here are the same samples scanned in VirusTotal.

Best regards,
Firefighter!

 

Online Armor will filter a lot of those kinds of scripts and objects (java, activex, etc) out, too.. one of it's most attractive features, IMO. NOD32 is definitely a keeper, but I too would want some generic protection for situations like that.

Gee, what a surprise

 

One is Istbar again and another is just some java crappy. Nothing too special imo...

 

But is that last trojan a 'real working one'? If it's not, NOD won't detect it as it cannot do any damage.

And Istbar.nbf was added 2005.07.29
http://ip2.users.whitehat.dk/view.php?id=977&highlight=Istbar.nbf

 

i don't say that nod32 is bad for trojan i am only saying that nod32 didn't find the trojans and kaspersky did.

 

KAV is known to have a really high F/P - But it does however catch almost anything.

What I'm saying is: While KAV will detect a non-working trojan, NOD will skip this one because it's not working and can't do any damage to your system.
This is called a False/Positive, but I'm sure you already know that

 

The first I think it was a real working one because it launched a similar popup as in my post 21. in here.

https://www.wilderssecurity.com/showthread.php?p=513694#post513694

The second I don't know but the sites from where I picked those were not "virus collector sites" but sites where you can get real working PC games free, so I think that if there is an infected file, the purpose of that file have to be a hurting one.

Best regards,
Firefighter!

 

False Positive and non-working samples (garbage) is not the same.

 

But it still could be a broken trojan.. I mean, what do they know - They just add games to their lists.

 

I call garbage F/P because it's still is a false detection.