http://www.kaspersky.com/viruswatch?hour_offset=-2

Discussion in 'other anti-virus software' started by Bitz, Jun 2, 2005.

Thread Status:
Not open for further replies.
  1. Bitz

    Bitz Guest

    This is a great site to check out what viruses kaspersky lab finds and when. Its very impressive and show why Kaspersky is the best and why its important to update ones every hour. I cannot understand why for example NOD32 only updates ones a day. The lab seems to find at least 3-4 viruses an hour. Keep up the good work.
     
  2. q1aqza

    q1aqza Registered Member

    Joined:
    Jul 27, 2004
    Posts:
    312
    Great link. Totally agree with the comment. I usually have mine set to three hours but just changed it to one hour.
     
  3. rothko

    rothko Registered Member

    Joined:
    Jan 12, 2005
    Posts:
    579
    Location:
    UK
    so what is that showing, that kaspersky has released 10 signature defs today, and the first was at 19.32?
     
  4. Bitz

    Bitz Guest

    It shows that Kaspersky has found 10 new viruses in the last 3 hours....
    It updates every time it they find a new one
     
  5. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    I agree: It is difficult to "understand" something that isn't true. :rolleyes:
     
  6. Bitz

    Bitz Guest

    How many times have Nod32 updated their def today?
     
  7. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    3 times.

    And anyway seems like NOD32 is able to detect with their heuristics and months old updates more than some other AV's with up-to-date signatures :p
     
  8. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Twice so far.
     
  9. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
  10. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    3 until now... :p
     
  11. mvdu

    mvdu Registered Member

    Joined:
    Oct 14, 2003
    Posts:
    1,151
    Location:
    PA
    Good link.. I am a KAV 4.5 fan. Having up-to-date signatures is most important IMO.
     
  12. Bitz

    Bitz Guest

    I still think that 3 times a day is not enough and I surely feels more safe knowing that my defs will be updated every hour. I really think that nod32 have come a long way with their heuretics but I dont understand why they can't also work hard on the defs. If I send in a sample of a virus that for example Kaspersky AV find it may take up to a week until it ends up in the defs if it ends up there at all.
     
  13. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    On the other hand, someone could release an update every 30 minutes and adding just 1 virus while the other AV does release one update at day adding 100 viruses; what is better? Dunno.
    And it is not just NOD32 that sometimes takes some time to add a virus; also the other companies do not add everything they get immediatly. Also KAV in some cases takes months before some viruses are added. Its all a thing of priorities.
     
  14. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,729
    Location:
    Texas
  15. Bitz

    Bitz Guest

    Yeah but that one virus could be a new Sasser worm that's spreading very fast.
    So I rather have updates every hour with maybe just 3-4 viruses than only 3 times a day knowing that that worm have been out there 5-6 hours already.
     
  16. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,456
    When a dangerous malware appears, NOD32 is also very fast to release the signature agaisnt it as you can see in the last days...

    I never had a problem with NOD32, and their team is working to improve this area even more... ;)

    But, like said a lot of times, nothing is perfect...
     
  17. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Thats right. There are things NOD needs to improve but getting updates out in a timely fashion is not one of them. They are excellent in that area.
     
  18. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    Even if they update every hour it still may be several hours from the time the infections is out there until your PC is updated.

    I have both KAV and NOD on different machines. Actually NOD's AH was already detecting a wide spread outbreak before KAV in the few cases an infection came through on one of my machines.

    Just one example, that I took the time to post, of several from my end where NOD's AH detected a wide spread infection and also NOD was fast with the definition.
    https://www.wilderssecurity.com/showthread.php?t=42010

    I am very impressed with NOD's AH and actually feel more comfortable with their proactive zero-hour AH detection.
     
  19. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
  20. bre

    bre Guest

    Oh, yeah - great heuristics strikes again :)

    Why don't you look several times at http://virusscan.jotti.org/

    you will find some amazing NOD heuristics performances, such as:

    Last piece of malware found was Trojan.SCKeyLog.31 in all_in_one.exe, detected by:

    Scanner Malware name
    AntiVir X
    Avast X
    AVG Antivirus X
    BitDefender X
    ClamAV Trojan.Agent-33
    Dr.Web Trojan.SCKeyLog.31
    F-Prot Antivirus X
    Fortinet X
    Kaspersky Anti-Virus Trojan-Spy.Win32.SCKeyLog.y
    mks_vir X
    NOD32 X
    Norman Virus Control X
    VBA32 Trojan.SCKeyLog.31

    or

    Last piece of malware found was Trojan.Perflog in kabal_bot.zip, detected by:

    Scanner Malware name
    AntiVir TR/Spy.Perfloger.O
    Avast X
    AVG Antivirus X
    BitDefender Trojan.Keylogger.RT.A
    ClamAV X
    Dr.Web Trojan.DownLoader.2605
    F-Prot Antivirus X
    Fortinet X
    Kaspersky Anti-Virus not-a-virus:Monitor.Win32.Perflogger.az
    mks_vir Trojan.Spy.Perfloger.O
    NOD32 X
    Norman Virus Control X
    VBA32 Trojan.Perflog

    just take a pencil and write how many times NOD heuristics failed to detect and compare to fact how many times KAV did the same...
    You will be suprised how frequently updated bases can be much better than heuristics :p
     
  21. IBK

    IBK AV Expert

    Joined:
    Dec 22, 2003
    Posts:
    1,819
    Location:
    Innsbruck (Austria)
    I was not refering to KAV. Anyway, also test with up-to-date signatures can be found on the website. On Jotti most files are spyware, adware or corrupted files, I know it because I get the files too from Jotti. The Jotti site is a usefull resource to check files with many different scanners.
     
  22. dan_maran

    dan_maran Registered Member

    Joined:
    Aug 30, 2004
    Posts:
    1,053
    Location:
    Stamford, CT
    You can see this by simply looking at the extensions of the files the malware is contained in, I cannot recall how many times I have seen, .dll .ini etc in the file name...
     
  23. deeta

    deeta Guest

    but shouldnt nod (and other AVs) be identifying these sorts of files too? especially as nod32 is now putting itself forward as an anti-malware solution.
    i use nod32, but you cant argue with some of the posts on here - Nod32 seems to miss a lot on jotti that others identify.

    if nod32 is missing a lot of files that KAV identifies, then Kaspersky obviously deem the files to be a threat, otherwise their antivirus product wouldnt identify them.
     
  24. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,526
    Location:
    Arkham Asylum

    KAV also considers mIRC as a threat on my machine. :'(
     
  25. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    KAV also misses a lot that other AVs already catch on Jotti's scan.

    In addition, as far as I know, Jotti's scan doesn't use NOD32's "Potentially dangerous applications" settings because it is a Linux server.

    I don't think that site is that useful for making comparisons and judgements of AVs and their overall day to day user protection.
     
Loading...
Thread Status:
Not open for further replies.