Is an Anti-Trojan necessary to supplement NOD32?

Discussion in 'NOD32 version 2 Forum' started by Matt_Smi, Jan 22, 2005.

Thread Status:
Not open for further replies.
  1. Matt_Smi

    Matt_Smi Registered Member

    Joined:
    Jul 7, 2004
    Posts:
    359
    I am extremely close to replacing AVG Free edition with NOD32, one last concern I have is NOD’s Trojan detection. Is it good enough or should one supplement NOD with an Anti-Trojan? I have very safe browsing habits so I am not sure that an Anti-Trojan would be necessary for me, in fact I am not even sure that NOD is fully necessary, AVG may be fine but I want piece of mind and I am going back to college in a few days where my computer will be on a network and may be more susceptible to a virus (although I had no problems first semester). Here are my browsing habits, let me know what you think, thanks.


    - I always keep up on critical updates
    - Use Firefox
    - Run ad-aware, Spybot (they never find anything) and use Spyware blaster
    - Don’t use any type of P2P program
    - Don’t download anything unknown and research before I download anything
    - Barely use my e-mail and I never open ANY attachments
    - Never visit any adult or sketchy websites
    - Backup all my files to an external hard drive regularly
    - I am the only one who uses my computer so I don’t have to worry about someone else picking something up
     
  2. Notok

    Notok Registered Member

    Joined:
    May 28, 2004
    Posts:
    2,969
    Location:
    Portland, OR (USA)
    In my experience NOD32's trojan detection is nothing to scoff at, and with your habits I doubt you'd have any problems. Being on a college network, however, would probably make me (personally) a little paranoid. You could keep something like Ewido and/or a2 for on demand scans.. they cover more than just trojans anyway. Another thing you could consider is a behavior blocker. ProcessGuard and Prevx are my favorites and will stop infections without needing to scan anything (which means no signatures necessary.) And, of course, a good firewall.
     
  3. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    My experience basically reflects Notok's. There have been a couple of times when things have made it past NOD32 and were handled by BOClean. These were all deliberate challenges at sites that I knew would attempt to infect me with malware. They were Active-X based and required me to use IE. I generally also use Firefox for surfing where possible, and Firefox rendered these sites benign. In one case a NOD32 system scan with Potentially Dangerous Applications checked would have flagged the files, the others were mainly various pieces of spyware and browser hijacks. Mainly annoying. I personally believe some type of AT backup is desireable and right now I use BOClean for the realtime secondary AT coverage on my machine. You can see what I use here.

    The other thing to ask yourself is what else is floating on the network branch you're on and what level of security encapsulates your local branch.

    Blue
     
  4. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    NOD32's Advanced Heuristic (AH) is excellent detecting new yet unknown trojans and worms.
     
  5. AJohn

    AJohn Registered Member

    Joined:
    Sep 29, 2004
    Posts:
    935
    Seems like NOD32 will be perfect for you. If you are going to be on a college network you should get a good firewall with application protection. Tiny Personal Firewall would be good for your situation.
     
  6. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Even the Anti-trojan companies recognise the big improvement in AV's detection abilities, including NOD, in the last 6-12 months.

    However, on a college network, an additional AT program would be a good idea as part of a layered defense.
     
  7. JimF

    JimF Registered Member

    Joined:
    Apr 17, 2004
    Posts:
    54
    Location:
    Allentown, PA USA
    It is really your safe surfing habits that will protect you. The fact that you will be on a college network is more or less irrelevant. In fact, you could be even a little safer if they virus scan their email servers and firewall their network (some do and some don't).

    But have you ever considered operating in a limited user account (assuming you use WinXP or 2K)? It is a pain to set up at first, but I wouldn't ever use an Administrative account while on the Internet. A user account will prevent any accidental drive-by trojans from installing, and since you are careful about what you download, you won't pick them up from any legitimate download site anyway. And NOD will be there just in case.
     
  8. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    blue,

    I wholeheartedly agree that a backup trojan/malware solution is a must - but I'm no malware expert - do you (or anyone else) know of a malware tools test site where anyone can find fairly un-biased reviews of such tools?

    I'm a strong NOD32 supporter, and I like to have some independent information - I know my client value my opinion much more than I can back up my recommendations with the findings and recommendations of other!

    tia

    Greg Hewitt-long
     
  9. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    Today it seems most of the bad stuff is trojans. I have NOD32, TDS3,Process Guard and Ewido . I feel that a dedicated anti Trojan is a good idea. Layered protection.
     
  10. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Greg,

    I don't know of any sites that cover antitrojan applications with the same detail and objectiveness that antivirus software is covered. There are some (for example Anti-Trojan Software Reviews), but they tend to be cursory relative to the AV reviews. Like AT applications themselves, it's a bit of a niche area. The most detailed of the informed amateur sites that I've seen is here, but in my opinion it's a tad technical for a typical end-user. You'll see some of the best supporting arguments developed at Wilders. See, for example, here.

    My main guide has been experience in the field. In a business environment and from a pure support perspective, I'd tend to lean towards BOClean or TDS3. Of the two, right now I'd use BOClean in a business desktop setting. It runs innocuously in the background with very little consumption of resources, doesn't have a whole lot of settings to be fiddled with, and is very compatible with anything I've ever thrown at it. It is also only a realtime monitor, no file scanner included - this isn't a bad thing. Once DCS releases the TDS-4 family, they may have a realtime only variant that is basically equivalent to BOClean (stand alone realtime guard only) and I might revise my thinking at that time.

    I use both at home. I've recommended TDS3 for IT support staff at work and believe that anyone performing PC service should have a roving TDS3 license with them. As noted above, for desktop deployment I lean towards BOClean and thats how all my home machines are configured - they have a mix of KAV WS or NOD32 as the AV depending on the specific PC/boot partition. Either AT product mentioned is your backup to prevent downtime. If the argument is in terms of hours of downtime invested in a machine - the last one in my R&D group took ~ 12 man-hours or so of dedicated work time to fix - it's a small price to bear and this machine had NAV Corporate on it and it was current. Do the math on an hourly rate basis accounting for all idled people/tasks - it's cheap insurance.

    My main personal configuration is NOD32/BOClean. Complete configuration information for my machine is here. Sorry I don't have more detail information.

    Blue
     
  11. Matt_Smi

    Matt_Smi Registered Member

    Joined:
    Jul 7, 2004
    Posts:
    359
    Well I just finally got NOD32, so far it seems good the interface is nice and my computer runs slightly (but noticeably) faster than it did with AVG 7 free. I am now going to check out the sticky in this forum about how to set it up correctly. I am still going to look into an anti-Trojan such as TDS-3.
     
  12. claire

    claire Guest

  13. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    Too many FPs.
     
  14. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,044
    I assume you mean false positives? Which program are you referring to? :)
     
  15. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    Of course. TH.

    Have to say I'm very happy with BOClean. No discernable system impact. Did notice some system slowdown with Ewido. TDS3, no interest.
     
  16. mercurie

    mercurie A Friendly Creature

    Joined:
    Nov 28, 2003
    Posts:
    2,442
    Location:
    Sky over the Wilders Forest
    I am not a user of NOD, not yet anyway. Machine wise it would likely replace AVG 7 Free too. My research indicates NOD is a super AV especially for a slightly older machine. I would add BoClean to your mix for sure.

    IMHO you would then have excellent portection in these programs specialized areas. ;)
     
  17. claire

    claire Guest


    I respectfully disagree of course
     
  18. DanL

    DanL Registered Member

    Joined:
    Nov 25, 2004
    Posts:
    159
    I've been using TH for over a year now, no FPs on my system.
     
  19. sflorack

    sflorack Registered Member

    Joined:
    Aug 26, 2004
    Posts:
    45
    Does anyone here use Webroots SpySweeper? It has a scanner as well as resident protection. I *believe* it also protects against trojans.. can anyone give any opinions on this software?
     
  20. Mr2cents

    Mr2cents Registered Member

    Joined:
    Sep 18, 2004
    Posts:
    497
    I think it depends on your surfing habits. If you go to p2p sites such as kazza, porn sites, casino sites, if you surf on the wild side. I say yes. I practice safe computing. However, I believe in layered protection. I run boclean as my anti trojan. I mostly hang around forums, and read news sites. Still I want the best protection I can get. I run boclean with nod32 or any other antivirus I try out.

    I'm not comfortable depending on nod32 to catch everything. That's the reasons anti trojan products were invented. Just as anti spyware products are a must. Just my opinion.
     
  21. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    SpySweeper is a anti-spyware app and does a solid job. It is not intended to be an AT but does catch the occasional trojan. That being said, SpySweeper is just not on par with BOClean and TDS.

    I've been happy with BOClean and NOD32.
     
  22. DanL

    DanL Registered Member

    Joined:
    Nov 25, 2004
    Posts:
    159
    I use Spysweeper along with NOD32 and Trojan Hunter.
    Spysweeper is not intended for Trojans.

    I agree with Mr2cents, that's why there are AVs, ATs and AS.
    For the best protection use layered defense and let the ATs deal with Trojans, let the AVs deal with virus.
     
  23. HandsOff

    HandsOff Registered Member

    Joined:
    Sep 16, 2003
    Posts:
    1,946
    Location:
    Bay Area, California
    I can't let that swipe go by without defending TH.

    No false positives here, and it works very nicely. On top of that it has a friendly ergonomic interface, and good support. But since you have been getting false positives, I guess you probably have been using TH longer than I have been. (3 or 4 months, probably).


    - HandsOff
     
Thread Status:
Not open for further replies.