Discussion in 'other anti-virus software' started by gracie123, Oct 31, 2005.
OK. Maybe this is a new False Positive then.
And what has this to do with an outbreak?
I'm just a curious to know how do you determine an outbreak. This "MulDrop" is today very commonly downloaded executable, which we can see in a few days detected by many other av:s.
You should probably spend some time in basic understanding of malware before you try to educate people. How does YOUR trojan replicate itself? Does it get mass-spammed? No. Even if it's available on webservers that isn't an outbreak. Otherwise we would have daily outbreaks of spyware and dialers for instance! You have actually something TO DO before you get this! Downloading & Executing Files for instance. But if you get Malware on your machine without doing anything (a worm based on vulnerability for instance) or if every 2nd user get's a email with an infected attachment that's something different!
You can consider outbreak when there are massive numbers of same malware replicated globally in a very short timeframe. Rbots for example aren't outbreaks because they are constantly and slowly spreading among people (because of countless variants). While Beagles are usually causing outbreaks because they aren't seen for lets say month and then all the sudden we get loads of spam mails with it in mailboxes everywhere in the world.
I think that SOME TIME isn't enough for me!
After all, I just wanted an answer to this "outbreak", nothing more. The "educate" in this case was your own rendering. If someone is showing some scanning pictures, they are only informative to the case in subject.
Btw, it was only because I couldn't understand that this outbreak doesn't need user intervention, maybe they have to add that too in the definition in here. In my mind, an outbreak is also that when a thousand people will get infected, when they have downloaded some infected executable and after that they were executing that too. After all, these are only issues when we are playing with words.
There is simply no doubt but that KIS is superior. I'll take a definition based AV any day over NOD32's heuristics. We also all know NOD32 is inferior to KAV when it comes to trojans. Now KIS has a process guard...we don't need Diamond CS ProcessGuard any longer. ; KIS has it all. I have never believed any AV was superior to Kaspersky even when I used NOD32 I didn't consider it to be better than Kaspersky. It's a good AV...was much better before all the stuff added to version 2 such as the unnecessary IMON HTTP scanner which slowed it down so that it is unrecognizable as NOD32.
The official KIS beta is great (except for the too tiny font in the crappy GUI). It is lacking bugs so far and the earlier betas were very buggy.
Edit: Found the part of KIS causing the style sheet to show here when I try to post! I thought the official beta wasn't doing it anymore...but that was because I had Anti-Hacker shut down.
Hm, you cannot compare KIS 2006 BETA and NOD32 2.5 FINAL! You can compare KAV(final) to NOD32. KIS is still beta. How do you know that NOD32 3.0 maybe now in beta version which is not available but being developed has even better features??
Yes you can compare KIS/KAV 2006 to NOD 2.5, BECAUSE there's no NOD beta release / feature set available.
At this moment we can only compare the KAV and NOD32!
So, doesn't have any logic to say that KIS is better than NOD32...
And the new version of KAV only now introduced features that NOD32 already have some time ago, like HTTP Scanner, only scan files that was modified, etc...
Does NOD32 scan files again only if they´ve been modified, like KAV 5?
NOD32 have this, but only the new version of KAV will have it
At least to me the absolute absence of solid NOD32 v.3 information is quite disturbing. We don´t know what are the planned features, we don´t have an open beta and we don´t have any release date Schedule.
At least in this point I believe Kaspersky had a better idea by releasing an open pre-beta program that at least gave us all some idea of what they are planning for their next version.
By installing it in a test machine you'll know they´re implementing a proccess/registry guard and an active internet monitor.
What is NOD implementing? They won´t even release a list of confirmed features!
I am a NOD user and, at least unitl now, plan to renew my licenses, but the lack of solid information about the next major release actually worries me.
But KAV 5 have this too, or I´m wrong?
KAV 5 uses iStreams, and don´t need to rescan a file that have been scanned before, need only if the file have been modified...
Different ways of working
Did you had some problems with the way that ESET works?
If you use NOD32, it seems that not...
NOD32 3 will have a Process and a Registry protection...
I totally agree with you...
Well put my friend . And this is starting to turn into a war , AGAIN . KAV is excellent . NOD is too ! And to say that KIS is superior because it detects trojans is just plain silly . NOD32 detects trojans . But , NOD is an Antivirus program . KAV tries to catch more trojans and succeeds . But , it is an unfair assesment . If you like KAV , use it . If you like NOD , use it . Either one will give the normal home user plenty of protection . No need to toss out opinions as though they are facts . Try each one and see what you like and dislike in each . Do not concern yourself with which will catch more . Again , they both provide ample protection for the home user . Either choice will be an excellent one . Choose on looks , slow downs , and so on . The protection is there . Pick one and roll on . You will be fine
If we are talking about common new nasties detected in Jotti's or VirusTotal, the results are something else than admirable with almost any scanner. When I submitted my "MulDrop" sample on this morning to DrWeb in here,
it took only 1 h 30 min, when it was in Drweb's signatures. I scanned my sample then also in VirusTotal, but after about 11 hours, only Fortinet has added this sample to their signatures.
PS. Of course Kaspersky was able to detect this sample about four weeks ago, which else?
Nope, no problem at all, but november/december is when I usually start making my buying decisions for next year. I´d like to have some solid information to make my decisions
But what have happened to BitDefender now? Isn't that detection in here a heuristics one now, why not before?
I'm 100% sure that NOD32 3.0 will have more features.....
If I hear rumours right, then within the coming year, Kaspersky *may* improve its heuristics. If this is true, then the decision is yours, and yours only to make!
And Ikarus was a bit surprise too.
In my mind Kaspersky has the best protection against all kind of nasties money can buy. Why I don't use KAV then? In my PC use KAV has always been more sensitive to some kind of bugs than DrWeb for instance. DrWeb has always had so low impact to my system that I can live it. Also DrWeb is very cheap commercial av and the renewing costs are low.
The "outbreak" issue is in my mind only a marketing hype. I have never been infected with so called "outbreak" nasties even though I've used plenty of different av:s during my 6 years surfing history. I have to admit that I have not used Outlook or any other Windows email solution because we have in Finland other email providers free to use Finnish in the web which are also av-protected (mainly with F-secure, but there are also AntiVir protected ones).
Those infections I've met were always common trojan like nasties, where I want good heuristics detection because lack of KAV. In my mind DrWeb has nowadays at least the first class protection concerning heuristics in this issue. I don't know how the other members here at Wilders were get infected, but it's the my case that matters.
Separate names with a comma.