detection

Discussion in 'other anti-virus software' started by chaos16, May 16, 2005.

Thread Status:
Not open for further replies.
  1. chaos16

    chaos16 Registered Member

    Joined:
    Feb 14, 2005
    Posts:
    1,004
    this is not a antivirus vs antivirus i would just like to know is the new nod32 2.5 has better detection than the kaspersky 5.0 o_O
     
  2. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
    This depends are you talking 0-day or known malware, Both are excellent products and perform rather well. Making a statement as to which has a better detection rate is hard to do but I would say KAV simply due to the huge signature base they use. On the heuristic side NOD32 wins hands down, so it is a tough call. There are some very useful posts here to help you out. Also have a look at AV-Comparatives and VB100 etc. etc. As I believe no one has done any formal testing of 2.5 yet it is hard to say.
    HTH
     
  3. Nika

    Nika Registered Member

    Joined:
    Apr 20, 2005
    Posts:
    27
    I don't see why NOD32 2.5 would have a better detection then the earlier versions, a slightly mofified engine but using the same database... Kaspersky would be better detection overall... NOD32 is good too, but can't touch Kaspersky and BitDefender (and McAfee) yet... Read my words, yet... We can't judge the future ;)

    [edit]
    Whoops, I used Nika's account by mistake :p She was logged in...
     
  4. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    Since when did McAfee become worthy of being in the same paragraph as NOD32 and KAV? :p
     
  5. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
    As of lately, it seems ever since they started updating VSE daily, the over all detection has sky rocketed, don't get me wrong they have always been good, but now it is getting even better IMO. :)
    Sorry OT.
     
  6. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi,

    I just came off of a substantial cleaning process. Kaspersky definitely was able to find more malware than NOD32. In particular, it was able to detect some lurking trojan data in ADS files.

    Rich
     
  7. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    Did you run NOD first then KAV?
     
  8. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi Stan,

    Originally, the infected machine had Norton AV and Internet security. Norton AV was turned off, and system restore was turned off.

    The sequence was this:

    1) Ewido Licensed: found about 200 pieces of malware including many dlls and exe's.

    2) TDS-3:- found about 150 pieces of malware similar to Ewido but in a different system folder.

    3) KAV 5.0 Personal Personal in real-time: 3 pieces of malware detected on startup - deleted.

    4) KAV 5.0 Personal MP3 on-demand scan in regular mode: Nothing

    5) McAfee in safe mode: nothing

    6) NOD32 beta in safe mode: nothing

    7) KAV 5.0 real-time: one piece of trojan in ADS

    8 ) ADSSPY: 40 pieces of trojans in ADS deleted

    I also used HijackThis to remove registry entries. About 30 in total were deleted.


    Hope this answers your question.

    Rich
     
    Last edited: May 16, 2005
  9. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    I wonder why the KAV on-demand scan didn't find anything but
    the KAV real-time did find one piece of a trojan?
     
  10. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    In a range of testing sites and over a long period of time these 2 AV's are always at or near to the top.

    The McAfee engine is on par with Kaspersky's which is considered by many people to be the best.
     
  11. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    I agree that it is a decent AV...right up there with Norton, but IMO, I don't consider it to be near as good as NOD or KAV. It's bloatware and that is a big negative in my books. Remember <---My opinion :)
     
  12. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi Stan,

    No idea why KAV behaved differently between on-demand and real-time scan. I was pretty surprised, but I recognized the trojan alert as being associated with ADS, so I ran ADSSPY and found lots of stuff lurking in the ADS. Different file types. Some were system, some were BMP. I do not know if they were associated with the same trojans or different ones. In the heat of battle, I just fire away. :D

    As of today, my friend is now using KAV 5.0 MP3 Beta Personal, ProcessGuard and RegDefend on his system. I believe he is going to stick with the Norton Firewall. Norton AV is gone. Frankly, I am shocked at how inept Norton was. I had previous issues with Norton before I switched to KAV (also due to leakages), but the severity of this breach was one to behold. My friend is still getting over it, since there was lots of financial stuff going on. Hopefully, Norton stopped all efforts by the keylogger(s) to transmit data.

    Rich
     
  13. tahoma

    tahoma Registered Member

    Joined:
    May 31, 2003
    Posts:
    228
    i think a person who runs norton generally dont know much about whats going on on a machine. i had this friend who kept clicking 'add to ignore' every time her AV detected something, thinking that...i dont know what she was thinking. im not sure waht AV she was using but the result was that her AV was told to ignore all infections. and this went on for about a year. only discovered it because she was sending me viruses on msn and irc
     
  14. clansman77

    clansman77 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    234
    Location:
    kochi,kerala,india
    kaspersky,mcafee defenitely has better detection than nod32,and nod32 may equal bitdefenders detection IMHO..
    kav until now is the best in detection and cleaning..
     
  15. tahoma

    tahoma Registered Member

    Joined:
    May 31, 2003
    Posts:
    228
    kav is (in my opinion) in a league of its own. its suffereing from not having good heuristics though, and nod may be better in such cases. however kis2006 prototype has very impressive heuristics. internal tests at KL indicate that kav06's heuristics will catch 95% of all viruses

    edit: i should probably back that up. here goes: http://forum.kaspersky.com/index.php?showtopic=410&hl=proactive
     
    Last edited: May 16, 2005
  16. .....

    ..... Registered Member

    Joined:
    Jan 14, 2005
    Posts:
    312
    ITW and ALL viruses are very different :rolleyes: .
    BTW... i wouldnt class the proactive defence system of KIS 2006 as "heuristics"... rather a IDS/ Behaviour blocking system.
     
  17. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi tahoma,

    My friend has worked on mainframe security systems for over 35 years and is very familiar with the nature of viruses. While he did get alerts from Norton Internet Security (which he blocked), what surprised him was that he never got any indication from Norton AV. Not real-time, not on-demand. He was not familiar with products like Kaspersky, ProcessGuard, and RegDefend, but he was pretty familar with other well-known products and basically took it for granted that the "market-leader" would have exceptional protection. I will not repeat his words concerning Norton.

    Rich
     
  18. Ianb

    Ianb Registered Member

    Joined:
    Nov 26, 2004
    Posts:
    232
    Location:
    UK
    As the question is DETECTION........

    Nod is not better than KAV or McAfee and that has been proved time and time again (Av Comparatives - FF).
    Just because Nod "once" detected a zero day virus people seem to thing it's heuristics will catch anything :rolleyes: IT WON'T.
     
  19. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    Exactly. NOD32 heuristics are very good,but not almighty. NOD32 still lacks strong generic engine which is used in McAfee and also KAV.
     
  20. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    Even with those generic detections it still seems that NOD32 does better on the Retrospective/ProActive Test provided by Av-comparatives.
    http://www.av-comparatives.org/forum/index.php
     
  21. Dr_Krall

    Dr_Krall Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    6
    The biggest weakness in NOD32 is it's defense aginst trojans. And yesterday i'll just had enought. NOD32 detects the trojan allright, and as usual, is unable to remove them.

    After uninstalling NOD32 and installing Kaspersky Personal Pro i ran a complete scan and it removed all the trojans.

    Even thoes i didn't know about. :D

    And now Kaspersky Personal Pro is a definite keeper.
     
  22. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    I said that heuristics are nice,but general detection is still more important.
    For example,i don't need heuristics since my mail is bullet proof. But files that i download are usually already old enough that signatures pick them. And thats where McAfee works like a charm (same with KAV).
     
  23. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    I run NOD32 and Ewido and I have had no problems with detecting/removing viruses/worms/trojans/etc..The Heuristics have done an excellent job in detecting threats as well.

    I'm not trying to start an argument, but I have had clients that went from Norton to McAfee and they still have all kinds of infection problems. After I implemented NOD32, the problems went away.

    I praise NOD because of its heuristics and because of the size and the minimal amount of resources if consumes.
     
  24. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    I am not sure I would state that good heuristics are not important
    in an AV because your mail is "bullet proof" and you only download
    older files?

    I think proactive protection like good heuristics are also an important
    part of an AV and it is good to see more AVs are providing this like
    Bitdefender, DrWeb, NOD, etc..

    I also like the fact that NOD's HTTP scanner is using AH.
     
  25. Honyak

    Honyak Registered Member

    Joined:
    Jul 19, 2004
    Posts:
    346
    Location:
    Deep South
    The endless battle rages on.....
     
Loading...
Thread Status:
Not open for further replies.