nod32 only finds 82% virii in test

??

Ciao,

Smokey​

("Senior" Member)

 

I just uninstalled McAfee, which I was pleased with, and installed a trial copy of KAV 4.5. The installation went very smoothly unlike 5.0 Personal. I do like the idea of getting updates more frequently than once a week which is what McAfee was offering. While I am being much more conservative in my browsing behavior nowadays, it only takes one bad site - as I learned - to get socked really bad. I am waiting to see if I can get a key from Kaspersky so that I can try out the update service.

So far, the product is looking very good for me. I am wondering whether Pro would be any use to me. I do use Microsoft Word from time to time but not all that frequently. My browser is Firefox. Any recommendations between 4.5. Personal and Pro? Thanks.

Rich

 

Take a look here for all your questions about Kaspersky Anti Virus.

Ciao,

Smokey​

 

And here; http://www.iggyz.com/book/kav.html/

 

Thanks guys.

Rich

 

As always, a very good post Blue...

Cheers

 

You fail to mention how they compare on a fast connection with a fast machine.

On my fast machine with a fast cable connection, I found NOD32 latest version to be slow at scanning and to slow down my surfing to the point that I would not use the HTTP scanner at all and even without it NOD32 is nothing like it used to be when it was fast, light and non-bloated. On this same fast connection, fast computer, KAV 4.5 had no effect with every possible option checked. I didn't know it was on my box. KAV 5.0 personal was a very different story. It slowed my box horribly due to the problems with rapid fragmentation and system restore.

F-Prot is like NOD32 used to be and I will probably keep it for that reason.

Anyhow, I was curious as to why you would leave out the fast/fast combination?

 

What do u class as fast?

Nod32 runs on my pc with out any troubles, I cant even notice the difference.

P4 3.6Ghz
1024 pc4000/550Mhz ram
1.5 mbs ADSL

 

P4 3.0GhZ
1GB Dual Channel DDR SDRAM @400MHz
3.0 mbs cable modem

 

Hi Mele20,

No slow down here running NOD and the HTTP scanner with a P4 2.8 machine and 3Mb/256 kbps cable connection

Speed test:
http://web100.rit.edu:7123/
WEB100 Enabled Statistics:
Checking for Middleboxes . . . . . . . . . . . . . . . . . . Done
running 10s outbound test (client to server) . . . . . 247.23Kb/s
running 10s inbound test (server to client) . . . . . . 2.98Mb/s

Plus no noticeable difference with browsing or speed tests with NOD and the
HTTP scanner running or removing NOD.

I have used NOD for over three years and I don't see NOD as bloated now, from my end, as there is no noticeable effect with the NOD real time protection running while gaming and that is the reason we use it on the game machine. I have F-Secure on two other machines but it isn't suitable, on this end, for the game machine due to CPU usage.

I am sure F-Prot would also be very good for a game machine. However, this
game machine is used by a bunch of teenagers and I prefer the way the NOD HTTP scanner stops things from ever downloading to that box. They check out the game platform and PC game walk throughs and cheat web pages that can contain infections.

Example of NOD's virus log on that machine.
----------------------
10/19/2004 20:46:05 PM IMON file http://(edit)
Win32/TrojanDownloader.IstBar.NAD trojan connection terminated
10/19/2004 20:25:32 PM IMON file http://(edit)
Win32/TrojanDownloader.Agent.BP trojan connection terminated
10/16/2004 18:06:43 PM IMON archive http://(edit) multiple infiltrations
connection terminated
10/16/2004 18:06:42 PM IMON file http://(edit) probably modified trojan
HTML/Exploit.Mht.A connection terminated
10/12/2004 17:41:18 PM IMON file http://(edit) Win32/SecondThought.C trojan
connection terminated
10/2/2004 22:33:09 PM IMON archive http://(edit) probably unknown SCRIPT
virus connection terminated
---------

I am sure other AVs may do just as well on a game machine but for now NOD is working well here. YMMV, of course, as all platforms are different.

 

Oh, I tend to agree. If I had teenagers here playing games I would probably want NOD32 with the HTTP scanner. But I don't do risky stuff or visit questionable sites...unless by accident so I like F-Prot for its simplicity although I do hope it acquires the ability to scan ADS in the next version. Frisk told me today they are working on it.

Oh, also, I didn't mean that if did a speed test by either testing at a Speakeasy site or downloading from the OOL ftp test that NOD32 would slow that down. I was referring to slower browsing because IMON was checking everything and I'd have sit and watch that download bar and wait. I don't like that. But if I had teenagers in the house I would put up with it!

 

@ Mele20,

Short answer - I can't afford to run the test I'd love to know.

It's a little harder to guess how that combination would play out (as is slow/slow). With a slow connection/quick PC, the connection is the transport bottleneck between your mind asking for something and your eyes seeing it pop onto the screen. Unless the AV performance is abysmal, they'll be faster than that bottleneck. On a slow PC/quick connection the transport bottleneck may have moved from the connection to the PC. It depends on lots of things, not the least of which is user expectation.

What do I call a fast PC? Basically anything with a 2.2+ GHz P4, 533+ MHz FSB, 512+ MB RAM, fast video (say ATI Radeon 9600/XT and above), and hard drives that spin at 7200+ rpm with a decently sized cache. Fast connection? Well, I consider 2-3 Mb connections fast, others may disagree.

User expectation is probably the largest lurking variable in this entire discussion. Let's say there are two AV's, A and B, and A runs twice as fast a B. If the run times are 30 sec vs. 1 minute, that's noticeable to everyone accustomed to current technology. If it's 1 sec vs. 2 sec, that appears a much more subtle difference, despite the fact there remains a factor of two difference in speed. Now, if one gets quite use to the 1 sec response time, there will be a point at which 2 sec just doesn't have the snappiness to be satisfactory. It will happen, as anyone with more than 10 years of PC use should easily attest. In time the subtle difference grows into the nagging sore.

Not sure why your experience with NOD32 vs. KAV is a lot different from my own, but I have noticed that IMON seems significantly faster with version 2.12.3. Perhaps I tweaked the settings better, I don't believe that's the case, but it could be.

I've never really felt a significant load from KAV 4.5 on my PC (2.8 GHz P4 533 FSB, 768 MB RAM, a pair of decent 7200 rpm HDD's, etc.). Occasionally I'd experience a single point slowdown, but it wasn't a major bog in performance. I've not tried KAV 5.0 Personal, but the KAV 5.0 WS beta's did yield a perceptible slowdown on my PC, even when I turned off iStreams/iChecker (I quantified the hit from these two things, see here). Mind you, that's beta material, I'm hoping things have improved and once KAV 5.0 WS is released I'll see how it runs, see how I can tweak it, and make the call of whether to stick with 4.5 or jump to 5.0.

I've never used F-Prot, but I hear good things about it and the licensing terms are excellent. It could be a great choice on a number of counts.

@ Sweetie(*)(*):

I think that PC is what I'd class as fast and the connection is very respectable. I did notice two days ago on my own machine that things seemed to be really lagging so I ran a speed test. My typical 3.0 Mb download speed was coming in at 1.3 Mb - who knows why - and that change was enough for me to really notice the in-use degradation since I was coming from a prolonged 3.0 Mb experience. In some respects, you may be in a regime where innate differences in the AV performance don't show because download time and variability in download speed are larger factors than intrinsic PC/application speed.

Blue

 

I'd love to get a faster connection but 1.5mbs is the best I can get here [country aust] no cable in my area yet.

 

Something no one has mentioned in this thread yet and that is that the more tasks an application does (i.e. KAV doing AV, AT, AS etc.) the easier it is to have one's protection knocked out in one fell swoop. There are many members here at Wilders who prefer a layered approach so as to have some sense of security without loosing "almost everything" if just one application is taken out.

Now we are not knocking Mr. Kasperkys' work at all. It seems to be a pretty good application. Of course ESET/NOD32 also claims to watch out for not only viruses but Trojans and other malware as well. The point of this post is to remind everyone to simply consider the ramifications of having one good application taking care of too many things so if it is compromised then where does that leave one?

Where does that leave us, then? Well we all know we need a good AV, AT, AMalware etc. If we overlap too much then we lose processor power and memory. Here on this computer we have 512MB of Dual Channel DDR RAM but as this is being typed and no other applications opened for the user (except the running security software installed which starts up with the computer) we have only 188MB of RAM free which is to say the browser and security apps are using just over 63% of the system memory. Since videos and games are not being played here on this machine (we create the big toys, remember?) there does not seem to be any apparent slow down of any sort simply using the computer. It is stable but it must be mentioned that seeing only 188MB of RAM is a little disconcerting

So beware of exactly how your layering is set up and do not place too many eggs in one basket. Our greatest task is to assist the non-security minded to get security conscious! Their lack affects us all.

 

I have 3mb (i could have 8mb if i wanted it) ADSL connection on good old cobber line's (and it's rock solid), next year my isp tell's me 20mb will be possible (it's called VDSL i believe), they are already starting to put up the nescessary equipment on their central's. The point is i don't think you need cable to get the higher speed's, maybe your isp doesn't see a viable market for the investment. I live in an area were some of the line's are from 1948.

Back on topic. As an old Nod32 costumer, i always like to see what they (and other's) are op to, i recently trialled it and didn't notice any slowdown's at all when using it.

Unfortunately, it only has a detection rate of 82.68 %.

Regards

 

kaspersky av, especially v5 is generally considered unkillable


to me the thing is simple

go for nod if you want adequate protection but at the same time you want to have a speedy pc. nod32 is IMO enough for the majority of users, as any brand name av, be it panda, trend micro or whatever

go for kav if you are prepared to sacrifice the speed for added protection, and more configuration options. kav scans more filetypes than any other av, unpacks more compressors/packers than any other av, detects more malware( especially with x- or ext-bases) than any other av, kav is the best among av's in trojan/backdoor detection( surpassed only by a couple of dedicated AT's).. well it tops every list

i have both, nod is on my other pc, kav is on my other pc
both have dedicated anti trojans for added protection+ plus system firewalls/sandboxes= i'm a super high risk user.. 99'5 % of all stuff i download is viral or malicious

 

That seems to be an interesting 'Real World' test. How are the two (Nod&Kaspersky) holding up? Has either pc been infected? What Anti Trojan is working with which Anti Virus? Is the firewall/sandox>Tiny?

 

Hi Tag97,

I've been thinking about purchasing NOD32 as a backup to KAV (I am running Personal Pro 4.5.104) because as I understand it, the technical approach is sufficiently different that one may catch what the other misses. I would be very much interested in your experiences since most tests that I have seen show which AV has an overall higher detection rate, but so far I have not seen any which highlight the overlapping and non-overlapping rates. This to me would be very valuable information.

Thanks,
Rich

 

Any references for this? Specifically we were wondering about Kaspersky vs Spytech Spyagent (key logger) and the use of rootkits against Kaspersky as well.

 

Q Section, i'd post you some links but i'm afraid the mods would remove those in seconds... its against the TOS to post links to malware sites

you can easily verify this, download APT from www.diamondcs.com.au, install kav5.xx and try to kill it's services/processes.
i have currently kav 4.5xx. APTdoes terminate those kav processes that run under user account, but it can't touch those processes that run under system account.



TAG97
both pc's are infected on a regular basis some times many times a day.. i dont want infections that i didn't initiate, thats why the extra protection.
like said, i mostly download spyware, backdoors viruses worms bots whatever

other has SSM, other has tiny pfw pro 6

other has TH/nod32 combination, other has kav /tds combination.

 

Hey... if you ARE going in for KAV... why not go for GDATA's AntiVirenKit (i think 2005 isn't available yet in english, but 2004 is there).... it uses two engines - KAV and BitDefender... and price is better(40 euro for gdata and $ 41.5 for KAV personal, $66 for Pro - which is what we all want).
http://www.kaspersky.com/store - KAV prices
Bitdefender: www.bitdefender.com
Extendia AV Pro uses KAV and Reliable AV engines and costs.... $30
http://www.extendia.com/eXtendiaAntiVirusPro.htm