http://www.kaspersky.com/viruswatch?hour_offset=-2

This is a great site to check out what viruses kaspersky lab finds and when. Its very impressive and show why Kaspersky is the best and why its important to update ones every hour. I cannot understand why for example NOD32 only updates ones a day. The lab seems to find at least 3-4 viruses an hour. Keep up the good work.

 

Great link. Totally agree with the comment. I usually have mine set to three hours but just changed it to one hour.

 

so what is that showing, that kaspersky has released 10 signature defs today, and the first was at 19.32?

 

It shows that Kaspersky has found 10 new viruses in the last 3 hours....
It updates every time it they find a new one

 

I agree: It is difficult to "understand" something that isn't true.

 

How many times have Nod32 updated their def today?

 

3 times.

And anyway seems like NOD32 is able to detect with their heuristics and months old updates more than some other AV's with up-to-date signatures

 

Twice so far.

 

See here http://www.nod32usa.com/nod32-updates/

 

3 until now...

 

Good link.. I am a KAV 4.5 fan. Having up-to-date signatures is most important IMO.

 

I still think that 3 times a day is not enough and I surely feels more safe knowing that my defs will be updated every hour. I really think that nod32 have come a long way with their heuretics but I dont understand why they can't also work hard on the defs. If I send in a sample of a virus that for example Kaspersky AV find it may take up to a week until it ends up in the defs if it ends up there at all.

 

On the other hand, someone could release an update every 30 minutes and adding just 1 virus while the other AV does release one update at day adding 100 viruses; what is better? Dunno.
And it is not just NOD32 that sometimes takes some time to add a virus; also the other companies do not add everything they get immediatly. Also KAV in some cases takes months before some viruses are added. Its all a thing of priorities.

 

Yeah but that one virus could be a new Sasser worm that's spreading very fast.
So I rather have updates every hour with maybe just 3-4 viruses than only 3 times a day knowing that that worm have been out there 5-6 hours already.

 

When a dangerous malware appears, NOD32 is also very fast to release the signature agaisnt it as you can see in the last days...

I never had a problem with NOD32, and their team is working to improve this area even more...

But, like said a lot of times, nothing is perfect...

 

Thats right. There are things NOD needs to improve but getting updates out in a timely fashion is not one of them. They are excellent in that area.

 

Even if they update every hour it still may be several hours from the time the infections is out there until your PC is updated.

I have both KAV and NOD on different machines. Actually NOD's AH was already detecting a wide spread outbreak before KAV in the few cases an infection came through on one of my machines.

Just one example, that I took the time to post, of several from my end where NOD's AH detected a wide spread infection and also NOD was fast with the definition.
https://www.wilderssecurity.com/showthread.php?t=42010

I am very impressed with NOD's AH and actually feel more comfortable with their proactive zero-hour AH detection.

 

Just for completation: www.av-comparatives.org

 

Oh, yeah - great heuristics strikes again

Why don't you look several times at http://virusscan.jotti.org/

you will find some amazing NOD heuristics performances, such as:

Last piece of malware found was Trojan.SCKeyLog.31 in all_in_one.exe, detected by:

Scanner Malware name
AntiVir X
Avast X
AVG Antivirus X
BitDefender X
ClamAV Trojan.Agent-33
Dr.Web Trojan.SCKeyLog.31
F-Prot Antivirus X
Fortinet X
Kaspersky Anti-Virus Trojan-Spy.Win32.SCKeyLog.y
mks_vir X
NOD32 X
Norman Virus Control X
VBA32 Trojan.SCKeyLog.31

or

Last piece of malware found was Trojan.Perflog in kabal_bot.zip, detected by:

Scanner Malware name
AntiVir TR/Spy.Perfloger.O
Avast X
AVG Antivirus X
BitDefender Trojan.Keylogger.RT.A
ClamAV X
Dr.Web Trojan.DownLoader.2605
F-Prot Antivirus X
Fortinet X
Kaspersky Anti-Virus not-a-virus:Monitor.Win32.Perflogger.az
mks_vir Trojan.Spy.Perfloger.O
NOD32 X
Norman Virus Control X
VBA32 Trojan.Perflog

just take a pencil and write how many times NOD heuristics failed to detect and compare to fact how many times KAV did the same...
You will be suprised how frequently updated bases can be much better than heuristics

 

I was not refering to KAV. Anyway, also test with up-to-date signatures can be found on the website. On Jotti most files are spyware, adware or corrupted files, I know it because I get the files too from Jotti. The Jotti site is a usefull resource to check files with many different scanners.

 

You can see this by simply looking at the extensions of the files the malware is contained in, I cannot recall how many times I have seen, .dll .ini etc in the file name...

 

but shouldnt nod (and other AVs) be identifying these sorts of files too? especially as nod32 is now putting itself forward as an anti-malware solution.
i use nod32, but you cant argue with some of the posts on here - Nod32 seems to miss a lot on jotti that others identify.

if nod32 is missing a lot of files that KAV identifies, then Kaspersky obviously deem the files to be a threat, otherwise their antivirus product wouldnt identify them.

 

KAV also considers mIRC as a threat on my machine.

 

KAV also misses a lot that other AVs already catch on Jotti's scan.

In addition, as far as I know, Jotti's scan doesn't use NOD32's "Potentially dangerous applications" settings because it is a Linux server.

I don't think that site is that useful for making comparisons and judgements of AVs and their overall day to day user protection.