Antiviruses facts

Discussion in 'other anti-virus software' started by chaos16, Aug 14, 2005.

Thread Status:
Not open for further replies.
  1. chaos16

    chaos16 Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,004
    Is it ture that bitdefender is becoming better than kaspersky?

    And other antiviruses are becoming better than kaspersky.

    coz a couple of antiviruses has the kaspersky engine plus there own.
     
  2. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,513
    Location:
    Annie's Pub
    Useless and overkill.

    Example F-Secure AV: program with 3 engines, KAV-engine included.

    KAV is still the better choice, better detection rates.
     
    Last edited: Aug 14, 2005
  3. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    well i wouldnt say becoming better than KAV but some AV like nod32 are greatly improving their signatures. well have to wait for teh next KAV 6 and nod32 v3 and see teh AV playing field then.
     
  4. chaos16

    chaos16 Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,004
    i really like nod32 when i used to use it but i saw that i wasn't as good for trojans and when i bought kav it found a couple of trojans that nod32 did not find.

    i find the adavantage of nod32 to kav is that its lighter and faster scan.

    if kav improves its scan speed and becomes lighter kav would be better.
     
  5. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    Yesterday my cousin was using my pc when I was out getting some beer for us, and apparently he visited some nasty sites while I was gone (using IE!).
    I could see in the Threat log that IMON had blocked 2 known trojans, 3 variants and 1 unknown.
    If that's not 'good detection' then you can just call me Pete ;)
    He told me he was looking for a NO-CD and didnt stop surfing because my AV stopped everything.. I'll smack him later..

    Anyways, as I was quite concerned that maybe NOD missed something, I scanned with Panda & KAV online scanners:
    They found nothing. So NOD did an excellent job, and also found a new trojan in the process (or whatever it was) :)
     
  6. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA

    LOL :D


    P.S. How was the beer?
     
  7. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    Nice hint. I was there too a bit after I saw this. Guess which were the 6 scanners that were able to catch them both in Jotti´s online scan?

    Best regards,
    Firefighter!
     

    Attached Files:

    Last edited: Aug 15, 2005
  8. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    OK, here are the results from the "Finnish Lottery Team"! Again it seems like a lottery which av is capable to pick them both up. These infections were as a result when I tried to download 3 key files from the source you just mentioned.

    Best regards,
    Firefighter!
     

    Attached Files:

  9. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    What source? I don't remember providing any links as I have no idea what sites he visited.

    Anyways, I think I got infected by the CWS-spyware/trojan/keylogger or whatever it is,
    but can't remove it as nothing detects it.
    So if your point is NOD let something through, it could very well be possible.
    CWS details: (https://www.wilderssecurity.com/showthread.php?t=93321) ;)
     
  10. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    NO-CD was enough for me! After that it's up to you how many infections you want to pick up! :D

    Best regards,
    Firefighter!
     
  11. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    I hope he had the good sense to check GameCopyWorld first for No-CD patches - that is the best site and I have never encountered malware there.

    However using a web filter to strip out any active content (Java, Javascript, ActiveX) for all sites except those you trust seems a far more secure method than relying on any AV's signature detection - some sites won't work fully but in many cases, active content is just used for trivial purposes (rollover effects, etc) so removing it makes sites load faster.
     
  12. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    Ah! 10-4 ;)
    And as Paranoid2000: If I really need a no-cd, I also use gamecopyworld.
    But it's hard to teach people stuff when your not in the same room you know :)
     
  13. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    My point was that any av can miss nowadays and even daily! o_O

    Best regards,
    Firefighter!
     
  14. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    the current version of the noscript extension for firefox lets u block not only javascript, but java, flash and other plugins for any sites u havent deemed as trusted.
     
  15. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    Already installed, but as I mentioned in my first post: he used IE (he has no idea what Firefox is).
    And I only use IE for Gmail and Banking.

    Sorry, english is not my native language so I make mistakes from time to time.
    Sorry
     
  16. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    And here are the same samples scanned in VirusTotal.

    Best regards,
    Firefighter!
     

    Attached Files:

  17. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    Online Armor will filter a lot of those kinds of scripts and objects (java, activex, etc) out, too.. one of it's most attractive features, IMO. NOD32 is definitely a keeper, but I too would want some generic protection for situations like that.

    Gee, what a surprise :rolleyes: :D :D
     
  18. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    One is Istbar again and another is just some java crappy. Nothing too special imo...
     
  19. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
  20. chaos16

    chaos16 Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,004
    i don't say that nod32 is bad for trojan i am only saying that nod32 didn't find the trojans and kaspersky did.
     
  21. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    KAV is known to have a really high F/P - But it does however catch almost anything.

    What I'm saying is: While KAV will detect a non-working trojan, NOD will skip this one because it's not working and can't do any damage to your system.
    This is called a False/Positive, but I'm sure you already know that ;)
     
  22. Firefighter

    Firefighter Registered Member

    Joined:
    Oct 28, 2002
    Posts:
    1,670
    Location:
    Finland
    The first I think it was a real working one because it launched a similar popup as in my post 21. in here.

    https://www.wilderssecurity.com/showthread.php?p=513694#post513694

    The second I don't know but the sites from where I picked those were not "virus collector sites" but sites where you can get real working PC games free, so I think that if there is an infected file, the purpose of that file have to be a hurting one.

    Best regards,
    Firefighter!
     
  23. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,818
    Location:
    Innsbruck (Austria)
    False Positive and non-working samples (garbage) is not the same.
     
  24. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    But it still could be a broken trojan.. I mean, what do they know - They just add games to their lists.
     
  25. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    I call garbage F/P because it's still is a false detection.
     
Loading...
Thread Status:
Not open for further replies.