AV's - Heuristics vs Signatures

Discussion in 'other anti-virus software' started by muf, Dec 11, 2005.

Thread Status:
Not open for further replies.
  1. tuatara

    tuatara Registered Member

    Joined:
    Apr 7, 2004
    Posts:
    775
    Muf wrote:

    This is interresting to hear, i have KAV2006Beta running here,
    and it will take up to 8 times as long to scan the same disk
    as NOD32 does.
    Also with all setting on 'max' in both. (please read further!)

    But i think this is because of the setup i use,
    both virusscanners always ' think' that they run for the first time.
    This way i can test 20 virusscanners on one disk.

    After you have done a full scan ones, KAV probably will only
    scan the files that are changed.
    That makes it logical for me.

    But working with a full system scan with NOD32 or KAV is
    another story, but then you can always decide to do schedule
    the full scan, when you are not working.

    yes, true. , and to be honest, all Anti Malware products
    are difficult to compare, because of partly overlap,
    and doing other things. Other things are important as well for customers.
    If the price is important, if you have an old system with little RAM and an old CPU or a high-end new server
    with lots of RAM, what your other Security products are,
    and support, experiences from friends or others,reviews,
    what kind of data there is on your system etc., how the GUI is.
    is the product easy to find if you want to buy it etc.

    And in the end there is just no proof of which one is the best,
    for every pro test, there is a contra.

    ---
    The thing that i always find very strange is that a small (in numbers)
    computer magazine can do a test with 20 AV's
    and can find lots of virusses to test with, that can't be found by the top 10 AV's.

    How is that possible?, ...that a trained team of professionals with
    special labs and computers to find virusses on the web,
    are unable to find these virusses, and any reviewer
    has access to lots of those ?
    ----
     
  2. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,535
    I agree that this Topic have a very good points a view about this subject!

    Thanks for share ;)

    I prefer to have an AV with very good or excellent detection by signatures and heuristics. Together they work great!
    This also depends of the user habits on the Internet...

    Talking about NOD32, the time that the updates are released is much better now and I think that is sufficient. They are working hard on it...

    The stability and speed are other reasons to me...
     
  3. muf

    muf Registered Member

    Joined:
    Dec 30, 2003
    Posts:
    926
    Location:
    Manchester, England
    Well i have the istreams feature in KAV disabled. I unchecked that option when i installed it. It can be misinterpreted by some antimalware products. So it's a full system scan of every file each time i scan. It's just faster than NOD32 on my system. The previous build of NOD32 used to take 22 minutes, but this current one 1.1318 (20051211) took 52 minutes yesterday.

    muf

    Edit - Added correct version details. See below.

    Advanced heuristics module version: 1.023 (20051109)
    Advanced heuristics module build: 1094
    Internet filter version: 1.002 (20040708 )
    Internet filter build: 1013
    Archive support module version: 1.036 (20051130)
    Archive support module build version: 1135

    Information about installed components
    NOD32 For Windows NT/2000/XP/2003 - Base
    Version: 2.50.25
    NOD32 For Windows NT/2000/XP/2003 - Internet support
    Version: 2.50.25
    NOD32 for Windows NT/2000/XP/2003 - Standard component
    Version: 2.50.25
     
    Last edited: Dec 12, 2005
  4. RejZoR

    RejZoR Lurker

    Joined:
    May 31, 2004
    Posts:
    6,426
    Why people always mess up signatures version with program version in NOD32 case?
     
  5. Happy Bytes

    Happy Bytes Guest

    Here's the link to the PDF:
    https://www.wilderssecurity.com/attachment.php?attachmentid=167797&d=1129809959

    Edit: Point 6 in this document is what you probably mean
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.