Discussion in 'other anti-virus software' started by WestEnd, Oct 6, 2006.
But you didn't use any mathematical proofs!
I let AV Comparatives speak for itself. It is easily read.
I like Igor Daniloff's philosophy concerning his company and his antivirus (Dr.Web). Big difference between lab tests and real world enviroment. In my opinion, Dr.Web performance is well ahead of the so called top tier antiviruses.
To each his own. "We pays our money and takes our choice."
Don't nearly all vendors talk about "real world" when they do not do well in whatever test? As far as I am concerned it it does not do well in such a test as AVC, it is not going to do as well in the real world, but then again we each make a choice. Mine are KAV 6 and Avira.
Frankly, I think any of the well known AVs are adequate for most of us who do not do risky surfing, but even then I prefer one which does well in the tests that seem to be objective.
Dr Web does have a following of some who are very knowledgeable, and so does F-Prot. I'm glad that we have so many choices.
I would have to agree, lab is a sterile environment, the internet can throw curves that when you find out real time if you security solution works but in real time nothing security wise will save you from poor web surfing habits.
Sorry it took a while for me to respond.
I should have said that heuristc detection is overrated for now and because some are so quick to point out how great NOD32 heuristics are, I, by association said it was slightly overrated. Updating signatures as rapidly and as frequently as Kaspersky does is still the most effective way of detecting malware, not perfect but the most effective. This will change as time passes, but I am speaking strictly about the present. When you look at a straight comparison, not testing heuritsics, KAV or those AV's that use its engine are almost always on top.
People talk about how great NOD32 heuristics are when detecting a little over half of the samples heuristically is meaningless to me when you speak in terms of real world detection. Detect over 90% and then we'll talk.
i think nod32 should relie less on heristics. im not being biased here but am i right in thinking that antivir has the right combination quite alot of updates per day and good heristics but quite alot of fp's. when i tryed nod32 i really liked it alot. and kept on trying it again and again. so customisable its just a shame you cant save all the settings you changed, but i hear you will be able to do that in version 3.0 so cant wait for that.
We have many choices when it comes to security for our computers and many resources to draw from in making our decision, like you said, most well known antivirus programs provide the protection we need, irrespective of some test. Your choices are good ones also... best of luck.
i might have to get nod32 so i can get 3.0 when it comes out.
its either nod32 or antivir both great av's.
I reinstalled my old pc today so im gonna do some more tests.
before I reformatted my old pc i checked out my old backup cd's and it was lucky i had my av on because on the disc it had a old virus. at the time of that backup i didnt care where i surfed so i guess thats why. so im gonna randomly test that old virus against some av's on my old pc. I know they will detect it. its like 2 years old now.
NOD32 is on my very short list of all-time favorite programs. It's very powerful, very light, and equal to me in importance, always compatible with the other security apps that I run. If I have one gripe, it's that their servers could use an enema.
i have about three gripes with it and most are gonna be added or fixed soon.
2.exclude list for on demand scanning.
3. a way to save setting to a file (rather than having to change em if you ever have to reinstall)
1. will be fixed in version 2.7
2. should be put in version 3.0
3. also in version 3.0 so soon all my gripes with it will be gone
eset need some hammers to hit those servers to give em a kick
yeuxbleus, are you saying you want nod32 to detect over 90percent of malware with just heristics? because if you are thats nearly impossible without alot of false possitves at least
It is possible in the current version , it was possible with previous versions
rele? with just the standard version of nod32?
It's an easy task when using NOD32 Remote administrator. Holders of a single user license can store desired settings from the Eset registry key in a reg file.
ah i see what i meant was an easy way in the interface. like a load settings and save settings bit. and then save it to a little nod32 settings file.
About NOD32? Well, its a great AV program! Only NOD32 is capable of running into my vintage PC (P150Mhz, 32 MB memory, win98 ), and is still performing very fast in that PC. One thing I dont like much is its multiple configurations, not a novice friendly huh! I also have one unresolved issue that concerns AMON (https://www.wilderssecurity.com/showthread.php?t=150326). In general, I give it a out of 5.
You're right. The major disadvantage to strong heuristics is the higher probability of false positives. There is a balance. I think for now, the most effective detection method is the frequency of well reearched updates that KAV does. Without question, NOD32 is among the top AV's. The only reason I said NOD32 was slightly overrated is that IMHO too much emphasis is placed on heuristics.
This is not true in the case of NOD32's advanced heuristics, you can see it in the tests conducted by www.av-comparatives.org. Quite the contrary, ThreatSense contributes to lowering the number of false positives to the very minimum. 99% of the so-called false positives were actually tools for remote administration which of course can be exploited for malicious purposes.
Its a very good product,at the moment I prefer Kav but that may change when new version is released:-tend to stick with those two as I have found them to be the best ones for me
I already tried all the AV's over the last years, and NOD32 is clearly the winner.
- Always is in the front of the technology, introducing new ways to protect us and speed its program...
- Have an excellent signature detection rate, and the best heuristics detection rate. With these both NOD32 have the best overall detection rate!
- Very configurable for all the needs.
- Fastest on-access and on-demand scanner...
- Updates very regularly, and sometimes more than one per day.
- Good support.
Of course that nothing is perfect, and NOD32 isn't an exception to the rule...
Sometimes NOD32 use some resources when open certain files, but that is because I use the Advanced Heuristics...
Doesn't have support for IMAP...
I have no doubts that the next version will be outstanding in the aspects...
I think what he meant was to achieve a 90% Heuristics detection, the Heuristics would have to be set so agressively, there would be many FP's.
I had NOD32 for two years. Then I had Bit Defender free for a year (that only no resident AV) and then BD 9.0 Pro for about six months until I was ordered to remove Spybot and Spyware Blaster. At that point I had been beta testing KIS 2006 for a long while on my virtual machine and it was just released. So, I got KAV 2006 for my host machine and ditched BD because I wasn't about to remove my favorite antispyware applications. I prefer KAV to NOD32 mainly because I remain convinced that signature detection with update checks every 5 minutes and actual updates 15-24 times a day is superior to reliance mostly on heuristics as NOD32 does and updating maybe once a day or less. If I were to ditch KAV (because of the chkdsk problem), I would likely go with the new F-Prot. Unlike others here, I found the support for NOD32 (Rodzilla an exception) to not be good and the forum here is awful (except when Rod was managing it when he created it). The GUI is difficult to use...but I also do not like KAV's new GUI. It is just as maddening as NOD32's. Bit Defender and F-Prot have good GUIs as does McAfee Enterprise and Symantec. The KAV forum is excellent and F-Prot has world class support.
Quite the contary, advanced heuristics could detect much more at the cost of false positives. We do not make any changes to AH that would increase the number of false positives, but they always improve proactive detection of real threats. If you have an example of a false positive produced by AH, let me know Usually they are reported on remote administration tools that actually perform actions like backdoors do, so they are flagged by AH and then need to be corrected by a signature.
It is a fantastic AV, IMHO. Its Advanced Heuristics engine is brilliant. That coupled with its power without using a lot of resources demonstrate the genius of its developers. I never believe there is generally a best AV, but since this thread is asking for opinions of NOD32, I chose to stick to just talking about NOD32.
Separate names with a comma.