is nod32 good enough against trojans?

Discussion in 'NOD32 version 2 Forum' started by Guzz, Dec 16, 2004.

Thread Status:
Not open for further replies.
  1. Guzz

    Guzz Registered Member

    Joined:
    Dec 16, 2004
    Posts:
    13
    Hi

    ive already got nod32 and i wonder if I should install an anti trojan program, like tds, as a complement ? Or is NOD32 sufficient ?
     
  2. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
    Depends on your surfing habits. If you are a conservative surfer, NOD is probably sufficient by itself, as it has improved dramatically with its trojan detection in the last 6-9months.

    If you visit more high- risk sites and want a more layered defense, then supplement NOD with one of the commercial or free AntiTrojan scanners.

    No harm in adding one of the free on-demand AT scanners ;)

    Most AV's detection of trojans are improved by an antitrojan program; https://www.wilderssecurity.com/showthread.php?t=58597

    Recent threads here;

    https://www.wilderssecurity.com/showthread.php?t=51850&highlight=trojans
    https://www.wilderssecurity.com/showthread.php?t=45763&highlight=trojans
     
    Last edited: Dec 16, 2004
  3. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
  4. Defenestration

    Defenestration Registered Member

    Joined:
    Jul 17, 2004
    Posts:
    1,086
    I currently use Kaspersky AV 5 with TDS-3 - the ultimate AV/AT solution IMHO.

    However, I'm strangely drawn towards NOD32 for some reason. When NOD32 reaches the detection levels and all-round capability of KAV, I might well switch , but until then I feel safer with KAV. EDIT: You never know when you might come across a dodgy site (maybe while you're surfing some ompletely innocuous sites), and if it contains a virus or trojan that's not ITW, then NOD32 might not protect you. KAV on the other hand will protect you.

    Make sure you also include an anti-spyware app in your configuration. I use AdAware SE Plus and SpyBot, although GiantAS, Ewido and Webroot Spysweeper are also good at their job.

    As Blackcat and Blackspear point out, a layered defence is the best option.
     
  5. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    All of the last major virii incidents to include the Mydoom variants, Zafi.D, the Sober variants, Bobax.A and the Bagle variants have ALL been detected and stopped by NOD using Advanced Heuristics, which as you know means they were stopped on first sight WITHOUT updating, KAV on the other required a def update to detect ALL of them, meaning if you encountered them before KAV updated KAV would not protect you. I feel safer using NOD for just this reason. Yes they seem to take awhile to add some of the obscure stuff, but for the really serious outbreaks of late, NOD seems to be way ahead of even KAV.
     
  6. Gauthreau

    Gauthreau Guest


    Yup. The only thing between you and tomorrow's virus is AH. For the most part, if you rely on yesterday's virus signatures, then you are bound to pick up something sooner or later. It's kind of like waiting for the doctor to tell you that you have an STD. Too little too late.

    Neil
     
  7. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    Well said Gauthreau, Much more eloquent than I said it.
     
  8. richrf

    richrf Registered Member

    Joined:
    Dec 11, 2003
    Posts:
    1,907
    Hi all,

    I also feel more comfortable with KAV 4.5 and TDS-3 along with ProcessGuard 3.0. From time to time I check on the online malware scan at:

    http://virusscan.jotti.dhs.org/

    and while both KAV and NOD32 pick up most of the viruses/trojans they will both miss some. In my casual glances, it appears that KAV will miss about half as many as NOD32 (in the few times that they miss). But this is not scientific. Only the owner of the site knows the exact count. For this reason, I use KAV 4.5 in real-time and NOD32 as a backup scanner. My layered defense is very tight now - especially since I adopted more conservative browsing habits.

    There are lots of nasties out there and I never know when I will drop in on one. The other day, I was delivered a virus through a Jave .jar file that got through KAV real-time but was detected in a temporary folder when I ran NOD32 on-demand. It was confirmed by KAV 4.5. on-demand and online-virusscan. It just showed me that things do get through and it pays to have backup - including a backup image that I can go back to as my fail-safe.

    Rich
     
  9. Mikkel

    Mikkel Registered Member

    Joined:
    Dec 8, 2004
    Posts:
    35
    Backup Image 4thewin :D
    Driving a system without a backup is kamikaze if you ask me :ninja:
     
  10. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    I have NOD with BOClean on one machine, a KAV AV on two machines and one of the free AVs on a fourth machine.

    All of these AVs are good at detecting current infections. However, I
    feel more comfortable with NOD running resident, (both AMON and the HTTP scanner with AH marked), over the rest because it stands a better chance of detecting 'zero-day' infections.
    https://www.wilderssecurity.com/showthread.php?t=58482

    Also Retrospective/ProActive Test:
    http://www.av-comparatives.org

    Plus I like the NOD IMON HTTP scanner, with AH marked, to stop possible
    infections from ever downloading to the machine by terminating the connection.
    Example:
    https://www.wilderssecurity.com/showthread.php?t=54093
     
  11. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,728
    Location:
    Texas
    I'll second that! It has worked well for me.
     
  12. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    I'm constantly amazed at how many sites have trojans and downloaders where NOD32 notifies me that the connection was terminated. I have now encouraged our hosting clients to open helpdesk tickets for us to check sites they are unsure about - if NOD32 triggers, we recommend not visiting.

    A number of clients have shown interest in purchasing NOD32 based almost solely on this feature! It's a pretty good selling point!

    regards

    GH-L
     
Thread Status:
Not open for further replies.