Nav 2003 vs Dr.Web

Discussion in 'other anti-virus software' started by JC, Sep 2, 2002.

Thread Status:
Not open for further replies.
  1. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Every AV product has heuristics code analyzer! But the question is how effective it is?
    Yes!

    Depending on Virus signatures is even worse!!!


    Technodrome
     
  2. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    I asked you to read VB archived magazines! See section about actual virus detection!
    Compare Norton and KAV!

    http://www.virusbtn.com/magazine/archives/
    or go here for tables
    http://members.tripod.com/technodrome24/lab.htm


    Technodrome
     
  3. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    To your info Randy_Bell:
    I never said that Norton is poor quality product! Norton AV is a solid product, but it's far from the best!

    Is there the best AV! No!

    But there are better ones!

    I respect your opinion! As long as you're satisfied with Norton Its all good with me!



    Technodrome
     
  4. I am going to jump in here with both feet because this is not DSLR

    Randy,

    1. You do not go to 10% of the sites with NAV most people that post here go with the other brands. That puts you at a disadvantage.

    2. You collect badboys but you do not exercise your NAV against them and not even your chosen Trojan program on your system except in a state where the files are zipped.

    3. You rely heavily on other people's testing and documentations and use that constantly as your benchmark.


    4. You constantly use other people's names..and the products they use to justify or nullify products when you address other people in a forum. Most of them have no idea who you are talking about.


    You are getting what you want out of this thread just like other sites..but it is transparent.


    The exact same words you are using here..you have said over and over again to the point one could dig up the same wording in past post you have presented..even in the same order.. but to different people.

    It is not a flame..it is just there.


    John
     
  5. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    The link to the vb100 archives (awards by product) is http://www.virusbtn.com/vb100/archives/products.xml. OK, I go there and click on the following, to find:

    Eset (NOD32), Result summary: 19 passes / 3 fails
    Symantec (NAV), Result summary: 17 passes / 6 fails
    Kaspersky (KAV), Result summary: 15 passes / 11 fails
    DialogueScience (DrWeb), Result summary: 10 passes / 12 fails

    This is exactly the results I have stated in previous posts: NOD32 has the best record, followed by NAV: although KAV and DrWeb have superior trojan detection rate, they have an inferior VB test record.

    The VB test record isn't the only thing to go on, obviously. But I have quoted the results accurately here, LOL. :) :)
     
  6. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    I asked you to read VB archived magazines not overall passes! See section about actual virus detection!
    Compare Norton and KAV!
    There is a lot of reading! But you might find it interesting or not!

    http://www.virusbtn.com/magazine/archives/
    or go here for tables
    http://members.tripod.com/technodrome24/lab.htm

    Maybe my English isn't that good? o_O


    Technodrome
     
  7. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    I was wondering who MyNethingyman was!! And I don't consider your comments to be a "flame" in any way...you're just being honest...no problem.

    If any of my posts are out-of-line here, Paul or whoever the moderator is will take care of it, I'm sure. When I happened upon this thread, there were posters advocating DrWeb over NAV. There was nobody to speak for NAV.

    Perhaps my statement about "marketing ploy" in DrWeb's requiring uninstallation of NAV was a bit strong, I apologize here to all. It did seem suspicious to me when I tried DrWeb for myself. And you seemed to agree with me about that, in some of our communication.

    I think there are several good av-products on the market, but since this is a thread for expressing opinions, I've expressed mine, and others are welcome too.

    Warmly, Ran
     
  8. jc

    jc Guest

    Ok, wow..thanks for all the great dialoge and links!
    Not to be persistant but:
    1. If one was to install Dr.web as a backup AV with NAV as a primary scanner would you disable at startup NAV reboot then install Dr.web or is there another format i should follow? (and thanks for the tip about backing up prior to such an attempt).

    2. Given a choice between Dr.Web and F-prot as a backup to NAV which one woul dyou choose and why? Again assuming you had only these two choices.

    Thanks all!
    JC
     
  9. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    Technodrome, your English is fine, but the link you gave contains a bunch of files in Acrobat Reader (.pdf) format, and it would be very very time-consuming...compared to the simple results I quoted...so perhaps you could summarize what you're getting at?

    I think I understand where you're coming from, LOL. And I respect your opinions here. :) :)
     
  10. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    Disable NAV Auto-Protect from the main screen, then reboot. Afterwards, do a custom install (not the default express install) of DrWeb, and make sure you don't install DrWeb's resident scanner, since you're going to re-enable NAV Auto-Protect when done.
    I mentioned my friend who uses KAV as main and resident scanner, with DrWeb and F-Prot as backups, with no problems. But if you had to choose, I think DrWeb has a much better detection rate, although I understand F-Prot has excellent cleaning capabilities. :)
     
  11. JC

    JC Guest

    Thank you randy for such a quick reply!

    JC
     
  12. Hi JC,
    Since you have already narrowed some things down on your choices..I would like you to post the following so that the best combination can be suggested for your needs.


    1.What is your OS (Version of Windows ?)

    2. Are you one dial up or broadband?

    3. How much RAM do you have installed?

    4.What other Security products do you have running at start up?

    5. Do you do your mail with a Microsoft Product? ie OE

    6. What Browser are you using?

    7. After everything is loaded at start up..how much active RAM do you have available?

    With that information. I think many could give you the best solutions.


    Regards,
    JOHN
     
  13. JC

    JC Guest

    Hi MyNethingyman, ok here are the specs!

    OS- Windows Xp Pro
    Internet - Broadband
    Ram - 512MB DDR 2100
    Security @ startup- NAV2002, Sygate Firewall.
    Mail - yes MS outlook or hotmail web-based.
    Browser - MS explorer v 6.0.2600
    PF usage - 236MB (give or take)

    Thanks for your help.
    JC
     
  14. Great,
    Then you can go anyway you wish with room to spare as you well know. I sure like fport but Dr Web is right in there as the back up. ;)
     
  15. Randy_Bell

    Randy_Bell Registered Member

    Joined:
    May 24, 2002
    Posts:
    3,004
    Location:
    Santa Clara, CA
    This is from Magnus post to a TH forum thread: "Heuristic scanning?", http://www.misec.net/cgi-bin/yabb/YaBB.cgi?board=TrojanHunter&action=display&num=1031257143

    "I'm currently doing research on heuristics; among other things machine learning and neural networks. It may or may not be included in TrojanHunter 3.0, depending on what detection/false positive ratios the different engines achieve. It would of course be easy to turn off, and come with a high threshold setting by default."

    My answer to your question is, I don't know enough about heuristics as applied to trojan detection...but the ability to turn it off, in case of false positives, is important, IMHO. I suppose I trust Magnus as the TH author to do what's right in this case.

    I don't know about TDS-3, but I take it that it has heuristics? But doesn't TDS also have some problems with false positives? Just curious, thanks. :) :)
     
  16. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,473
    Location:
    The Netherlands
    Hi Randy and all,

    Although at times strong words have been used, I'm glad this thread did not turn into a flame - kuddos for that :). I can't see anything posted being out of line.

    Randy,

    TDS has a quite different approach than the "usual" heuristics. Have a look over on the TDS forum and the sticky thread from Jan concerning basic configuration to get an indication.
    As for false positives: indeed they do occur on ocassion using TDS - not very often, but nevertheless.

    regards.

    paul
     
  17. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,514
    Location:
    Annie's Pub
    I agree 100% !!!
     
  18. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    When you read this "time consuming" PDF files, you might be able to make decision about AVs actual detection rate(In the Wild, Macro Virus, Polymorphic Virus, Standard Virus). You will see that some tested products get VB award, but it missed more viruses then the failed product! Not receiving VB award could be due false positives…Reviews, Facts, AV professional opinions and more! If you want to get the real picture, then you should read it!

    No, I am not from Russia!


    Technodrome
     
  19. Smokey

    Smokey Registered Member

    Joined:
    Apr 1, 2002
    Posts:
    1,514
    Location:
    Annie's Pub
     
  20. Tech, I can not stop laughing Comrade ! :D
    Thanks for the links.
     
  21. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Hehehe you guys are funny!
    Не забывайте проверять все файлы попадающие на Ваш компьютер из внешних источников на отсутствие вирусов.


    Technodrome
     
  22. Hello Mr Biggelsworth!

    http://www.masmol.com/archive/note/2


    http://hbar.phys.msu.su/gorm/wwwboard/korzina/7609.html
     
  23. Vampirefo

    Vampirefo Guest

    Heuristic, detection is just another way to get people to look at one's product, Heurist is nothing more than guessing, ie this may or may not be a Trojan or Virus.One will say something like possible, meaning nothing more than I am guessing this is a virus.

    Heuristic, tries to watch programs and what they do, based on this it will flag the program as a possible virus,ie profiling. This leads to large amounts of false detections, and causes confusion, and just plan bores some users, including myself.

    A vendor using Heuristic set ups up his engine to detect these bad guys, based on tricks, or what the vendors expects, a virus to do, so a unknown virus that doesn't meet these expectations simply get by the Heuristic, so again the Heuristic failed, as it didn't catch a real unknown virus.

    Can I show you a false positive from Drweb of course, here you go.
    http://www.wilderssecurity.com/showthread.php?t=3511

    Why this NAV VS Drweb debate started is beyond me, I have read all the posts, and haven't gotten much out of this thread, other than DRweb relies on Heuristic, which is a no no in my book.

    But each person needs to make up their own mind, and newbies will always get confused when Heuristic is talked about. So I just try not to talk about it, A AVP needs to stand on it's on feet, have good detections and perform well without Heuristic.

    Heuristic can be considered a bonus, or add on, but not a real effective method of detecting Trojans, or Viruses. Perhaps Heuristic can be used as selling point.

    Bottom Line NAV Rules. LOL have a great Sunday guys, and relax a little.
     
  24. TAG97

    TAG97 Registered Member

    Joined:
    Feb 10, 2002
    Posts:
    616
    Location:
    Connecticut USA
    I pick #1077 o_O
     
  25. JC

    JC Guest

    hi Vampirefo,
    this thread was started because i was trying to decide what AV to back up my NAV with. In addition to my subscription running out soon, i thought i would back up my Nav 2002 until it was time to upgrade. Needless to say, whether or not heuristics is your cup of tea, from what i gather Dr.Web does stand up on its own, with multiple updates almost everyday, and at least one up date per day. So, while others have supported Dr.Web's strong use of hueristics one should not forget that they are one of the most frequently updated Avs out there.

    P.S. sorry you didn't get anything out of this thread :'(
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.