NOD32 what constitutes a threat?

Discussion in 'NOD32 version 2 Forum' started by Habiru, May 16, 2004.

Thread Status:
Not open for further replies.
  1. Habiru

    Habiru Registered Member

    Joined:
    May 4, 2004
    Posts:
    43
    Location:
    Fredericton
    Where do we draw the line when it comes to virus protection? From following the many posts here on different A/V products we all know there is a great degree in what is classified as a virus and what is not. This is especially true of end users without any level of security knowledge. There are a great many products out there that can’t come close to what the box EXCLAIMS!

    The bone of contention here seems to be what NOD32 classifies as a virus and what is not. While some products such as Avast classify known spyware as a virus, I’m sure many here would agree that this stepping over the line. I was somewhat appalled at the virus warning while testing this product when I purposely installed known spyware programs while at the same time testing the effectiveness of Aluria. While the known spyware may be a privacy issue, and loads of it may be harmful in that it consumes far too many resources, this is the only damage that is causes. We could get into a huge discussion on this topic alone, but lets says for now that the most malicious intent of spyware is to steal personal info and not to destroy your computer or documents. This after all would be counter productive to sales since this is what they ultimately want from the installation. (This is forsaking the argument upon removal that it destroys the winsock and spyware is disgusting at any rate.) OK??

    As far as Trojans go the line becomes less distinct. Many of us use multiple layers of defense plus common sense to protect our computers and network clients from this malware. Some would have it that NOD32 or any virus product for that matter should identify and terminate Trojans on detection. Since the product is identified as a virus scanner and not a combined product, I personally think that NOD32 stands on its own merit as a virus scanner. I subscribe to the belief that Trojans/RATS are not viruses and the usual intent is to gain access to and control a specifically infected remote computer. With Trojans, destruction of the end user machine again would be counter productive to the installations purpose, being anything from a zombie, plaything for some script kiddie, information harvester, to a FTP provider.

    Now, take for instance the great lengths that Norton has strived for in that it’s product now scans for spyware. They are not the only one using this combined approach. I found that some of these products don’t even come close to stand alone products that are built for a singular purpose such as Spybot S&D, Aluria, or Pest Patrol. In that these products are marketed towards people who have no idea of their purpose or effectiveness they could actually end up diluting the industry with a weaker and ineffective product since it does it all, but none of it effectively or efficiently. Notwithstanding any product name here. These are my own observations on these products.

    These products use descriptions that depend like hell on being updated while our preferred product NOD32 stands on its heuristics. I say that as a virus scanner it stands alone and Trojan scanning should be left to a stand alone scanner such as TDS-3 which excels in its purpose. While Trojans may be added to the list of detections, it’s main purpose should be a fast virus scanner with advance heuristics and the Trojan detection as an added luxury. :) I know many of us are looking forward to the inclusion of an effective tool for dealing with compressed files with Amon and that for me will be enough.
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,742
    Location:
    Texas
    Good post Habiru.
    I would hate to see Nod get bogged down trying to detect every known piece of malware.
    Let the Trojan experts give us help there.
    I didn't buy my fast computer just to have it crawl through programs.
    I have that need for speed! :D
     
  3. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Im not agree.
    NOD need detect trojans. For something, ESET has enhanced its heuristic and now detect new unknown yet backdoors, or not? For this, ESET add every day a lot of trojans, because they need to detect trojans. I understand that NOD isn't the best at trojans because NOD is a relative new AV, for this I sent many trojans. Currently the AVs are AntiMalware and not AntiVirus. Spyware are different, because spyware can't hurt you as trojan can. A good AV need to detect trojans/viruses/worms.
     
Thread Status:
Not open for further replies.