Discussion in 'other anti-trojan software' started by coolguy_1000, Mar 22, 2004.
can tds-3 can detect more trojans than kaspersky
Hello coolguy_1000 and welcome to the forum!
Let's say they both have different ways, and own databases, would not dare to say which detects more, as both are very much up to date all time.
TDS-3 references: 32889. Last updated Mon Mar 22 2004. Which is really a lot!
Do you own both programs? They work very nice together, where KAV adds the anti-virus and several scripts detection among others.
it is very difficult to say which of them detects more trojans . both of them provides excellent protection for trojans .
I can tell you that TDS-3 detects a lot of trojans that few and in many cases NO other program detects. This is because of intensive underground research and investigation, and also from submissions from people who do the same as me - hang around the trojan scene and collect trojans. Some primarily do this to help since they are licensed users of TDS and Process Guard and appreciate the work we do to protect them.
IMHO these trojans are more dangerous than any that AV companies detect, since AV companies do mostly detect ITW threats, not rare samples. That is the nature of antivirus software, to react to large scale threats as they appear.
I've used a number of AT's before deciding on TDS-3. Even though I'm a newbie, I was able to use it quite easily. I fortunately have not run across any trojans in my travels, so I also cannot comment on which one best traps the most. But after using it for only a couple of weeks, I am very confident TDS is up to the task if one happens to find me!
Why not run BOTH.... I do!!!
I have used TDS3 for quite a while now, and in the last month [edit: changed my AV] to KAV, which IMO is a superb proggy for all-round, especially virus which is what it's primary function is.
TDS's primary role is the detection of Trojans.
TDS is a much deeper program coolguy, I just switched to it, after using Kapersky, although system resource is an issue with me, (TDS uses more), I think if you are in a lot of danger, you will be way ahead of the game with TDS. Just my two cents worth.
I'm very suprised Gavin thinks TDS is the better anti-trojan!
KAV isn't an antitrojan ?
It is also primarily an ITW system, like all AV. Yes they do have some submissions from underground trojan users, but if they detected EVERYTHING then there wouldn't be any trojans that are not detected by it. There ARE..
There are also many detection methods in an AT system, not just 1 scanning method.. no, not memory scanning - AV only use memory scanning for memory resident style viruses
Besides, Process Guard is the best anti trojan Trojan authors have spent years developing injection trojans for firewall bypass, and API hooking for stealthing - be it usermode or driver based rootkits. Process Guard defeats the METHOD of attack, no signatures required. Unknown trojans exist, private beta versions, patched versions, for sale versions. No AV can detect these especially the for sale recompiled versions. If an injection/rootkit trojan is blocked generically, your firewall can block any other style of trojan, that is what your firewall is for
So Gavin are you saying that there are no trojans that TDS doesn't detect?
I personally don't think it is ethical for one of the manufacturers of one of two products being discussed in comparison to each other should contribute to that discussion,if both contribute it would be balanced but only one involved will give the thread a very one sided view.I cannot believe that any vendor of any product can have such in depth knowledge of other vendors products to know EXACTLY how they work(If your knowledge of the workings of KAV are so exact why dont you produce an AV thats as effective/good?)
Please dont take offence at the above it isn't directed at TDS alone,I would feel the same if KAV had entered the thread and TDS hadn't
Personally, I did not see Gavin claim that TDS can detect "all" trojans. Besides, new ones are churned out all the time.
I also don't see Gavin saying anything "bad" about KAV - he just pointed out the obvious - KAV=AV and TDS=AT.
Personally, I don't use my toaster to grill my fajitas.
Yes I did not say KAV is bad - it isn't bad at all. This whole topic should probably have been locked considering it seems like trolling but anyway..
I also didn't say TDS detects ALL trojans, nothing possibly can, EVER. I DID however say why we created Process Guard and why there are trojans "out there" being used by smart attackers - trojans which nothing can stop except Process Guard
I'd just like to add I have the utmost respect for the KAV team, if it wasn't already evident - they do a great job Our job (AT) is about being an important part of layered security
I think there is not a big deal if one vendor contributes here to a discussion as long it is not going to be bashing the competition, making false claims or even posting here anonymous.
Sorry to be pedantic but to me the phrase:-
Yes they do have some submissions from underground trojan users, but if they detected EVERYTHING then there wouldn't be any trojans that are not detected by it. There ARE
makes it seem as though you are saying KAV onl gets submissions of a small number of trojans and in no uncertain terms states kav doesn't detect all trojans(which most people know) and would have been more balanced if it read:-
Yes they do have some submissions from underground trojan users, but if they detected EVERYTHING then there wouldn't be any trojans that are not detected by it. There ARE,we also admit that there are some that our product (TDS) doesn't detect also
I think Gavin's response was still o.k.
However, I believe that Kaspersky ACTIVELY searches the malware scene for new trojans. Contrary to other AV software producers, Kaspersky does not solely rely upon submissions. That's why KAV detects so MANY trojans.
It is not easy to determine whether KAV or TDS will detect more trojans. Both scanners are pretty good: Over the last few months I have tried to collect as many trojan samples as possible. Most of them are detected. But neither KAV nor TDS can detect all of them.
For example, both KAV and TDS will fail to detect BAD R.A.T. 1.1 ... (At least TDS heuristic will tell you that a non-compressed BAD R.A.T. server has keylogging abilities.)
I thought I had a sample of that, but maybe I was thinking of something else.. a source only release MAD-RAT might be the one I'm thinking of..
Please submit samples to both of us ? You know the addresses
- Agreed they do work hard on collecting and have good people too , SEARCHING is a requirement for detecting a lot of trojans.
Again, nothing will detect everything (which is the bad side of things)
One thing that does come out of this ,from my point of view, is that at least it is clear that Gavin and the people at TDS do take an interest in this(and perhaps other forums)so are therefore concerned about what the public/their customers want and are worried about.I wish other vendors (not just security software) would show the same interest and concerns,some seem to have the attitude(especially those in a very market dominating position) "this is the software we make- take it or leave it!"
hmmmm..... I cannot for the life of me, see how Gavin could have been any clearer in his definition of TDS and KAV.
His reply was simply based on the original poster's ?? and it made perfect sense, and the later posts merely confirmed he held KAV in high esteem, as I do [now, just changed over to it ]
edit: Agree with you Steve on last post. Yes, they certainly do take pride in their work and are probably THE most pro-active vendors out there today. Helping via their own webiste and here as well + DSL.
I do agree though, that I should exit this thread
I admire anyone that can tolerate Kaspersky. That product, in my opinion, redefines bloatware. Is there a trick to make the thing less clunky and slow?
Experiences differ SO much from person to person and systems...
In my PC KAV 4.5 was slowing things a bit and didn't choose it.
I didn't believe my eyes yesterday when I saw at a friend's PC with
XP pro how good was KAV (188.8.131.52).
Installed without a single problem
(I chose custom installation with core,Monitor and Updater only)
and Monitor was doing fine with the default settings.
For the man was really a relief after trying some other software !!!
I know this isn't a common experience with KAV,but
AVK ... KAV Engine + RAV Engine = Godlike Heuristics, not sure anything can beat that combo, plus the pool of about 200k definitions?
Theres your $29.00 winner right there guys.
Has grabbed MANY things that TDS or the others missed (yes I sent them to TDS and the others).
No offense, but apart from promoting an unsupported anti-virus heavily, you are merely moving air. It's very easy to make statements as you do without just one bit of proof coming with it. In the meanwhile, people over here are getting the message as it seems - finally.
You called me a troll, Kobra is merely moving air, Andreas Marx tests are absolutely flawed, etc.
Both of the last posts include personal comments of the like which cannot be tolerated in a forum such as this if some sort of order is to be maintained. At this time, I will not edit them. However, if this is continued in any form I will remove all such posts completely. Lets debate with dignity, gentlemen and ladies.
Separate names with a comma.