"Very badly catches viruses"?

Discussion in 'NOD32 version 2 Forum' started by Mele20, Apr 28, 2004.

Thread Status:
Not open for further replies.
  1. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    The following is a web translated, from Russian to English, portion of a long interview in a Russian newspaper recently with Eugene Kaspersky.
    His remarks are being discussed in a thread on NOD32 over at dslreports.

    http://www.gazeta.ru/avp.shtml

    Question:

    "How you do relate to the appearance of new competitors on the fight with the computer viruses, for example, such, as NOD32, which, as are considered many, are much more effective in comparison with the antivirus Of kasperskogo?//Sergey (Zelenograd)"

    Answer:

    "Speaking about other antivirus programs, I can make mistakes: it is not necessary to receive my opinion as the opinion of company - this is my the personal opinion of antiviral expert, which can not coincide with other opinions - companies and other antiviral experts.
    NOD32 - very convenient, very rapid antivirus program, which very badly catches viruses. Regularly are obtained the rewards WB -100%, since "it is sharpened" to obtaining of these rewards. In the real life it very frequently passes the cases of infection. It enjoys popularity among the users, that determine the effectiveness of antivirus program on the beauty of interface. It does not enjoy popularity among the system administrators, who are investigated, that to what."

    I don't agree, of course, with those remarks but I think it great that there this is this amount of competition as that is wonderful for the users. If NOD32 were not such a big competitor, I doubt Kaspersky would have made such strong remarks about it.
     
  2. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    I'm not agree with this selfcentered sir Eugene Kaspersky :mad:
    KAV detect more trojans than NOD, agree. But NOD has detected many of the new worms with heuristic than KAV not protecting its users without a update. KAV release every 3 hours update, because they want to hide its joke of heuristic. KAV is a good product, however many KAV empleoyee su*k*
     
  3. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Just some:
    >It enjoys popularity among the users, that determine the effectiveness of antivirus program on the beauty of interface. It does not enjoy popularity among the system administrators, who are investigated, that to what."

    Microsoft, yes Microsoft, has choose NOD as their AV products and NOT KAV or other, are they system administrators or users that determine the effectiveness on the beauty of the interface?
    Kaspersky is speaking without argues!
     
  4. rodzilla

    rodzilla Registered Member

    Joined:
    Jun 15, 2002
    Posts:
    653
    Location:
    australia
    I know Eugene personally, and I'm somewhat disappointed to see him talking like this. Perhaps comparing NOD32's 26/3 pass/fail VB100 rate with KAV's 21/13 pass/fail VB100 rate has affected his view of the real world.

    Eugene isn't the first to postulate that NOD32 is "sharpened" to win VB100s. My standard retort is ... "If it's so easy to "sharpen" a program to win VB100s, why don't all antivirus programs win every time ?"

    I rest my case!
     
  5. Sandish

    Sandish Registered Member

    Joined:
    Apr 29, 2004
    Posts:
    51
    I don´t think Eugene Kaspersky is that wrong. For sure NOD32 is a fine AV, but it´s lightyears away from the quality and overall detection rate of KAV or others (Dr. Web, McAfee). The heuristic is of course excellent - for worms and viruses, but if it comes to Trojans it fails - Advanced Heuristic or not. The next thing is the lack of known packers / crypters / archives. The VB awards are nice, but imho the wildlist is a easy thing for an AV (the samples are all avaiable). I know that it´s a policy in this forum to doubt any test that isn´t made by VB, but in the "real life" it´s a bit different. And believe it or not - NOD32 isn´t the first choice of sysadmins. If Dell decides to use it, you can bet it´s mostly the decission of bussinesmen not admins or engineers - same with MS. However, i like the speed and the heuristic,but there is a lot of work to do, not only improving the detection rate.
     
  6. rodzilla

    rodzilla Registered Member

    Joined:
    Jun 15, 2002
    Posts:
    653
    Location:
    australia
    If it's so easy, why doesn't every antivirus program have a string of VB100 awards ?
     
  7. Tweakie

    Tweakie Registered Member

    Joined:
    Feb 28, 2004
    Posts:
    90
    Location:
    E.U.
  8. izi

    izi Registered Member

    Joined:
    Jan 19, 2004
    Posts:
    354
    Location:
    Slovenia
    Hi!

    I agree with Sandish. In the Wildlist is not real life. Real life is Trojans, adware, backdoors etc. and all files from In the wild list. My experiance with support is better with KAV!!
    I have licensed for NOD32 and KAV.

    Allmost all antivirus program detect In the wild viruses, but some has false detection. If AV has false detection, then doesn't get VB 100 awards.

    NOD32 has AH, I think that it is the best heuristics on market, but only IMON use AH. All other components doesn't use AH by default. Scanner use only with swich /ah, but this is not written in manual. Average user doen't know for this /AH switch. I hope that ESET will soon release IMON for http and ftp.

    How quick is support from ESET: https://www.wilderssecurity.com/showthread.php?t=25373 (post 4):mad: I have licensed NOD32, so they need to answer me if that file was virus or not.


    Izi
     
    Last edited: Apr 29, 2004
  9. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    Well, most of the major A/Vs do have: and those that fail have often (but not exclusively) done so because of false positives. Of course, *you* may argue that only NOD32 has the right to false positives...

    Also, could it be that not all A/V manufacturers place such over-importance on the vB tests? Maybe users don't either. Shock horror.

    Not correct. They have also chosen others *in parallel*. Could it be that Microsoft, yes Microsoft, don't have the total faith that some here seem to have in NOD32?? Shock horror.
     
  10. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Why do some folk get so "upset" if Nod is criticised? as long as they are happy and confident in its abilities does it matter what other people think?sometimes the way they react is akin to football fans when their team is criticised,after all any AV is only a "tool" and really should be regarded as such
    Steve
    PS as anybody thought Kaspersky may have made his comments to "wind up" Eset and Nod users(seems to have worked!)
     
  11. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    Absolutely. Fortunately, it is only really a minority of such users who react so irrationally. It is quite surprising, though, who some of those people are. In any case, the problem with those people is that they end up compromising the general education that most users need (and will willingly receive), with misleading implications of how NOD32 will cure all their ills.

    Indeed. It could become an enjoyable sport for those so inclined ;)
     
  12. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    If you use a diferent translation service you get a different slant on the translation, I've just done 3 different translations of that site and every one of them has quite distinct differences with much of the language when translated

    web translation especially from slavic languages loses a lot of the nuances and feelings in the words and always take literal translations with a pinch of salt

    I don't doubt that he would try and put down his competitors as they would given the same opportunity

    He is trying to compete in a very diffficult martket place where the majors, NAV & MC'affee are preinstalled in many computers and he would like any other businesss man try to rubbish his opponents products and say that his is better.
     
  13. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    spm,

    You are most welcome to post your comments. That said: please refrain from turning this thread into an individual combat/spitting contest. "Shock and horror" comments are no substantial contributions either. Thus let's play a fair game, OK?

    Fair, to the point and factual comments in regard to NOD32 are welcome as ever - in the end, the user will benefit from these.

    Bottom line: we will not allow this thread turning into any kind of spitting contest. If so, this thread will be moved to a more appropriate forum.

    regards.

    paul
     
  14. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    Fine, no problem - assuming, that is, you demonstrate some balance and deal publicly with rodzilla's juvenile name calling and personal insults in the currently related thread. That is quite unacceptable behaviour by him, and it is IMO important for these forums to be seen as impartial to all.
     
  15. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    No go - period. As stated: fair, factual and to the point comments are welcome.

    Reading this thread carefully over and over, rodzilla never played hard ball on a personal level. You may have felt personally attacked - it's plain for all to see this never ever has been rodzilla's intention; it's your personal way of perspective.

    That said: I won't allow anyone - your person included - drag this thread into a personal sort of combat for no reason at all. Thus: stick to this rule.

    These forums are open minded to all - as long as the contributions are solid, valid, factual and by no means personal.

    regards.

    paul
     
  16. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    437
    Location:
    U.K.
    Err ... so you consider "Dimbulb" and other such comments meet those criteria and are an acceptable way to use your forums?
     
  17. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Drop it, spm - I've been perfectly clear: standards have been set. Play by the - very sensible - rules or don't play at all. I'm not going to repeat myself here in an endless loop.

    regards.

    paul
     
  18. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Speaking about Kaspersky, I'm not agree with he's comments, not only because I'm a NOD user, because I'm not agree when the competitors attack the others. Maybe Kaspersky can said: NOD has a excellent heuristic, but need a more solid signature engine, but said that NOD very badly catches viruses?, it sound as a attack. Worse is that he said that ESET has many users because users find detection in the beauty of the interface, it sounds for me as a insults against ESET workers and their work!
    Is true that ESET need to solve some details, but the work in general is excelent, the heuristic, the speed and light, etc.

    Sandish said:
    The next thing is the lack of known packers / crypters / archives.

    If you don't know, Advanced Heuristic of NOD32 use a generic unpacker engine, in others words, if a virus appear compressed with a new packer never seen before, NOD for the moment will be the only in decompress this!, due to this generic unpacker. Richard told me that.
     
  19. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    sir carew,

    No offense intended - but it's a hard competitive world out there - same as Coke vs Pepsi. At times, attacks do come with the territory; at times shaking hands is the commercial way to go. Eugene has very nice softwares IMHO - KAV is one of them. That said: Eset has a top notch contender - NOD32. There's room for the both of them for sure. Knowing this: let's move on ;). We are happy and glad in hosting the Eset/NOD32 support forum - for good reasons.

    Sure: I for one am not looking forward to a spitting contest, and it's sad to see one vendor feeling the urge to start such a contest. No need for that at all. Kaspersky as well as Eset will survive ;).

    Now, as far as I'm concerned: this is the Eset/Nod32 Support forum; let's focus on NOD32 from now on.

    regards.

    paul
     
  20. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Just to clarify, the person who first talked about this article is fluent in Russian. After someone else (over at dslr) posted this translation, this person compared the translation to the Russian original and said that the translation "is very, very close to the original". This is why I provided this particular translation.

    http://www.dslreports.com/forum/remark,10094231~mode=flat#10099092
     
  21. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    If by this you mean that I should not have posted Eugene Kaspersky's comments about NOD32 in this NOD32 support forum, I am afraid I don't understand or agree with that. I for one do not wish to go through life wearing a pair of rose colored glasses. I also get a bit weary of the attitude in these forums here. Life is rough and tough at times and I don't see how that can realistically be avoided here...unless Wilders is asking that we all don our tinted glasses upon entering this site! I don't see the need for spitting contests either...but this is real life and I also have no desire to remain ignorant of important facts. I also don't think that NOD32 users should have to go to forums such as dslr to find the interesting discussions about NOD32.

    If I have misinterpreted your intent here, then I apologize in advance. If not, then I stand behind what I stated above.
     
  22. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    You have misinterpreted my intent indeed. No problem in posting those comments; problems as for turning a thread into a sort of personal battle. Those who feel the need to do so are free to do so in private; posts coming close to that will be removed.

    Bottom line: let's keep up standards in a thread - and this goes for the entire board. That's all there's to it.

    regards.

    paul
     
  23. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Thanks for the clarification and I agree with what you have stated.

    (Plus, I'm glad the site is back up! Of course, we had a thread about it over at dlsr and Gavin said he was seeing, like I was, the worst Ping Plotter I've ever seen to anywhere was to here during the outage...all hops beyond my first two were knocked out..usually it is just one or two hops with much packet loss or unpingable at or just before the target not all hops from Oahu, Hawaii totally unpingable)!
     
  24. rodzilla

    rodzilla Registered Member

    Joined:
    Jun 15, 2002
    Posts:
    653
    Location:
    australia
    Running a major forum is like dancing on a greased tightrope above a pit of starving crocodiles while juggling vials of nitroglycerine and trying to avoid spears thrown by the audience.

    Paul's job requires everything from pacifying those sensitive souls who faint at the sight of the word "poopookikkiweeweebum" through keeping stirrers and ratbags who deliberately set out to disrupt the forum under control to persuading certain aggro members not to launch vicious retaliatory strikes against the aforementioned stirrers and ratbags.

    I'm sure Paul has no real problem with you posting Eugene's comments, Mele ... they're public property, and if Eugene hadn't wanted them publicized (and criticized) then he should have stayed schtum.

    I think Paul's muscle-flexing was aimed at the way the "Eugene" topic was degenerating, not at you for starting it ... probably with a bit of bleed-over aggro due to an obvious attempt to resuscitate and transplant a dead topic into this thread thrown in. :)
     
  25. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    LOL! Please don't disappear for such long periods. I have so missed your posting style here. I get such a kick out of your way with words. Sometimes it just gets staid and boring here. :( You tell it like it is using facts and reasoned argument and perhaps a bit of sarcasm now then..but only if really provoked. I always learn a lot from your posts.

    Paul has stated that his concern was not with my posting these remarks so I'm cool. Actually you know, I think Kaspersky's sharp comments about NOD32 may have come about because Anton Zajac's interview in Information Week recently. I'm certain Kaspersky took a dim view of Anton's comments which, while he did not mention any vendor by name, are obviously directed at Kaspersky AV in particular IMO.

    "Basically, there are two types of scanning systems. One is based on prior knowledge where a signature is extracted and the companies prepare updates. The second approach is based on heuristics. I strongly believe that the system which has any chance of survival is a system which has the strongest heuristics implemented in its scanning engine. And our system has the strongest heuristics to date. It can detect more than 85 percent of all the newest infiltrations.

    CRN: Why do you think an antivirus system based on updates is flawed?

    Zajac: A classical antivirus system that relies on signature scanning needs to get an update from a vendor. That usually takes anywhere from an hour to several days before the vendor is able to analyze the infiltration and prepare the update. It takes time to actually detect the infiltration to realize that there is malicious code traffic. ..... In general, we're two to 50 times faster than any competing system. We have the only system in the world that not only detects all existing viruses in the world, but does it in record time."

    http://informationweek.securitypipeline.com/trends/18900335;jsessionid=K3IP3GNIYA5XCQSNDBCSKHY

    Those are fighting words to a man like Kaspersky who has just been trumpeting his latest policy of releasing new signature updates every three hours (edited to add) and whose AV is probably the slowest of all in scanning times.
     
    Last edited: Apr 30, 2004
Thread Status:
Not open for further replies.