Virus Bulletin 100% Award for November...

I look 4wards to the independant tests . I dont think independant companies should necesarily be put down or threatened with law suites because there testings do not meet the approval of the few either . We can get overly influenced depending which forum we reside at most by a certain "brand" of security software . To say that others are "shonky" etc because they dare to stand up "outside " of the sacred sanctum " and be counted is BS . I look forewards to those testings such as you mentioned firefighter . As do many others , Im sure. So keep posting them.

 

let's get this straight:
Q:what does virus bulletin test?
A: it tests if a given antivirus program has a signature for those viruses found in the ITW list, AND it tests if the said signature is strong enough not to cause false alarms.. that's it.. IIT DOES NOT REPRESENT HOW EFFECTIVE A VIRUS SCANNER IS DETECTING OVERALL

this is a fact and you guys can argue about this until armageddon comes
what jimiIT wrote in his post just confirms what i said about ITW list and the corporate world. ITW VIRUSES ARE A BIG THREAT...
if no-one of your employees downloads anything, if no-one of them has installed kazaa to download warez with your high speed corporate broadband, if no-one of your workers uses his/her pc to IM chat with the opposite sex etc..in that case ITW viruses are the biggest threat...

 

Well, I don't really need to defend rod, but he was not saying the tests were "shonky" because they "dare to stand up", he is saying they are "shonky" because they often contain heaps of "malware" that are not, in fact, malware--which has been proven more than once in other threads here.

He is saying that relying on tests which pit an AV against a large percentage of "files" that:

1. Are not a threat to anyone's PC

and

2. Are not, in fact, malware at all

...is a disservice to people who trust the AV companies to provide their computers with protection. It's also a disservice to people who come to Wilder's for help.

But hey...that's just my opinion.

 

Wrong! As was posted above, VB tests against ITW and ZOO malware. It awards the VB100% based on ITW. Read the thread again.

It represents "how effective a virus scanner is" in detecting 100% LIVE, CONFIRMED MALWARE.

The other "tests" "measure" how well a scanner works against 100% UNCONFIRMED "malware"--including JUNK FILES THAT AREN'T MALWARE AT ALL.

No, it isn't. And the "facts" are above.

With all due respect, you know nothing of my network's security setup.

In regards to your comments above, a good AV is not the only defense on a network--or an individual PC--a fact also mentioned in previous posts in this thread.

And even if we didn't have the "extra" protection, ITW viruses are still BY FAR the biggest threat.

 

yes i know nothing about your networks security setup, one thing i know is human nature though..the setup is as strong as the weakest link... do you know everything your people do while they sit in front of their pc's?yeah vb test against zoo malware, i read that, i also read that you think zoo malware is meaningless.. what was your point reminding me about that? we both agree that the zoo test is meaningless... the itw test is the big test in vb, and it's just what i described above.

no it does not represent ability to detect 100% live known malware, read the symantec link i posted, those are all reported infections, no they're not ITW list stuff, but they still infect peoples computers ...i have personally submitted a lot of trojans to av companies, while they're not in the ITW list, some of them have now been downloaded 100000 times from their author's sites, not all of those did it to send samples to av companies...

 

Jim It I really do think that testings from


Rokop
checkvir.com
Virus Test Center; University of Hamburg, Computer Science Department
and perhaps a few others are, I thought, quite credible and impartial and give another facet to this whole business . (however if Im wrong here i stand corrected)
They only add to the rich tapestry that is provided in computing for us . both now and perhaps looking ahead I dont think most responsible anti virus companies would quote them in their success stories if they did not want to be tested ,or felt they were rubbish or misleading or of no worth.
However I agree with you that there will always be the odd individual who may have a personal vendetta against one or more and that is wrong .and misleading.

 

illukka and spc,

I hope you guys don't take offense to my comments. I too, read the results from "independent testers", and some of the University stuff, but it's very important to realize that unless the samples used are 100% verified and all the testing methodology is consistent and logical--the results are WORTHLESS to anyone who is trying to make an informed decision on virus protection. I'm pretty sure that's what rod is pointing out, although far be it for me to put words in his fingers.

There have just been too many "independent" virus tests that turned out to be full of worthless "non-viruses", and C-Net kind of stuff...

Imagine this stupid little analogy, if you will:

1. You have 25 boxes of eggs.

2. You have 20 different "egg-detectors". They all claim to be able to detect eggs without opening the boxes at close to 100% ability.

3. 20 of the boxes have real eggs in them. The other 5 have plastic eggs in them.
***************************

Now then...

A. After running the "tests" 17 of the "egg-detectors" detect 24-25 boxes as having eggs in them.

B. 3 other "egg-detectors" detect 20 boxes of eggs. The other 5 boxes do not set off the "egg-detector".

Which result, A or B, do you prefer?

 

yeah we agree that it is necessary to have real malware when doing av tests..
take for example virusP's test, he used several scanners to verify his testset. when we talk about viruses, this is a relevant way of verification, let's say that two scanners( for example kav&mcafee) detect a sample, then it is guaranteed virus, because two very different kind of scanners detected it.. i'd like to remind you that generally virus traders do not accept reports from all av's as verification, usually they want reportfiles of at least 2 scanners when trading
this does not count for trojans though, because all av's(and some at's) detect editservers and clients, some even detect certain vb runtimes needed for trojan clients/editservers to run, or help files..
only trojan hunter detects servers only, and even that is going to change soon.
that's why i take virusP's virustest seriously(not his trojan test).. and with all the criticism he received last time,i can almost guarantee that his next test will be better in that respect

 

collecting samples and and guessing it is a virus because 2 other scanners said so is one thing - replicating viruses to make sure it is a really a living sample is the other one. Just one simple example: polymorph viruses.
How many difernet & certificated samples does a virus collect own of one polymorph virus type ? Right. In the most cases only ONE SINGLE SAMPLE. Detecting this sample MEANS NOTHING. It could be done with a signature over this sample. Everyone in the av business knows you can not detect (real) polymorph viruses with search pattern (signatures). Now calculate... Over 1000 (real) polymorph viruses available. It starts with "old" dos viruses such as OneHalf, goes into Win32 with Marburg over Marburg (with the same poly engine modificated) to CTX or the SK Virus for instance. Try to find them with signatures. Doesn't matter if you have good or bad signatures you wan't find them without at least an half opcode emulator. You need thousends of samples per virus type to make sure it is detected. And virus traders sharing viruses ( there is nothing new so far ) but there starts the snowball effect - they may share dead samples without knowing it. That's also the reason why AV Vendors do not like to share samples with VX traders. They have more work with analysing and dead samples than asking an other av vendor for real samples. There are a lot of garbish files in the "free" virus collections - half cleaned files - some of the scanners still detecting this dead sample because it caries the byte inside from the scanpattern. But this virus would not even more run. And speaking about KAV and collecting viruses... They are the leaders in Trojan detection and the leaders in nonsense detections, such as stupid batch files with only a "COPY xyz C:\Windows32\" inside. Best example here is a batch file from the optix backdoor. It does nothing else than copying a file into the windows folder - THIS COULD BE ANYTHING ELSE - NOT ONLY THE BACKDOOR, but its flagged by KAV. Oh well...

 

May I ask a question to anyone who wants to take a crack at this? This is more of a summary...

What tests (according to NOD32/Rodzilla/or anyone else) are valid?

Which ones are the "shonky" ones?

I believe you, it's not that.. It's that this is a very confusing thread....

 

> Because my name was quoted too many times I had to react.

You're welcome to react whether your name is mentioned or not. That's what forum communication is all about.

> Because the capability of av-products is hidden inside all independent tester's results

I strongly disagree. Most antivirus product tests and reviews are not worth the paper they're printed on or the bandwidth they waste.

> and VB is the one which measures that what it's name is, VIRUSBulletin.

You hit the nail on the head! AntiVIRUS programs should be tested ONLY against VIRUSES. The inclusion of any type of non-VIRAL malware taints the test ... just as running TDS3 against a mixed bag of non-Trojans tainted the test.

> But when you asked, here are some that are including more (malwares too) to detect than VB in alphabetical order.

> av-test.org

ZERO credibility.

> checkvir.com

A relative newcomer to antivirus testing. I don't have much information about them, so I will give them the benefit of the doubt for now.

> Rokop

Not up to scratch at present, but Roman's not too "big time" to listen to advice, and he's working on improving his methodology.

> Virus Test Center; University of Hamburg, Computer Science Department

The VTC tests against a mountain of "zoo" stuff as well as ItW viruses, but its sample suite now includes Trojans, backdoors, "intendeds", etc ... which belies the name "VIRUS Test Center". Professor Klaus Brunnstein is an ethical and respected member of the antivirus community, but I've never been greatly impressed by his tests, and I don't consider VTC in the same league as Virus Bulletin, Checkmark, and ICSA.

> You missed the point. I meant that AWARDING ONLY clean in the Wild detectings with no false positives in the clean file test isn't fair to those very good performers overall.

Sorry ... it's you who (still) misses the point. You have "Virus Bulletin tests only against clean In the Wild samples" implanted firmly in your head ... but this is incorrect. VB also tests against "zoo" viruses ... BUT ... they are all guaranteed to be live viruses which have infected someone's computer during everyday operations. Virus Bulletin tests against the real viruses which you are most likely to encounter in the real world ... and that's the difference between a VB test and shonky tests conducted on poorly-maintained "collections" which include non-viral crud, non-viral malware, never-seen-outside-the-lab specimens, and other assorted garbage.

>> Your anti-NOD32 arguments are, and always have been, sheer puffery anyway. In addition to holding the world record in VB100 awards, NOD32 is also ISCA-certified ... and NOD32 is the first (and to date, the only) antivirus program in the world with Checkmark certification for Windows 2003 Server.

> Be happy with it. But why you even reply to those sheer puffery makers?

Because, unfortunately, some people who read them may be sucked in by your fairytales.

> I have used several av:s and hardly ever have infected with a virus. How I know that? I have scanned my PC with NOD periodically and it hasn't found a single virus! Still I have got several bad things like trojans, worms or exploits etc, by using something else primary av than KAV engined ones.

Mind telling me which worms NOD32 missed ?

> By the way, do you know what does it cost to an average dial-up modem user to update fully your WinXP to make those exploits harmless?

Probably a lot less than it would cost to repair the damage you might suffer without the critical updates.

>> Firefighter, you go out of your way to seek out shonky tests in which NOD32 performed badly ... then you tout those tests as Gospel Truths and blindly refuse to accept that they have little or no standing in the antivirus industry.

> I have not said NOD is the worst available av in the market,

Perhaps not ... but you have been evangelical in your attempts to make it appear much worse than it is.

> I am not a NOD basher if you think so!

I do think so!

> The only that I tried to say that without KAV engined av, you are in trouble, use KAV at least with your backup because KAV is still the best against trojans and other malware.

Here we go again with "Trojans and other malware".

Read my lips .... "V-I-R-U-S" !!!

>> Virus Bulletin, Checkmark, and ICSA do not test only against In the Wild viruses ... they also test against "zoo" viruses

> Where Ckeckmark testers use 6 000 different viruses and VB some 1 600 different virus names.

So what ? NOD32 has Checkmark certification!

>> where is the "true situation" representation in a test score of 11.77% for TDS3, a highly rated anti-Trojan program, if it is tested against anything except Trojans?

> TDS3 detecting rate in VirusP 5-2003 against Trojans and Backdoors was 55,17%, not 11.77%, by the way, NOD has 59,70% detecting rate against Trojans and Backdoors in VirusP 5-2003.

OK ... 55.17%.

I suppose I should be rejoicing and snake oiling the world with "NOD32 beat TDS3 in Trojan and backdoor detection!" ... but I find it impossible to believe that NOD32 out-detected TDS3 at its own game unless something was drastically wrong with the test set.

>> if you care to check you will find that NOD32 has won numerous awards other than the VB100.

> Even I can learn something. Now I know where to find other than "Poopsville Gazette" tests!

There are several on my website, and several more "local" awards on other international NOD32 websites.

>> NOD32 specializes in virus detection, but it does detect many (if not most) common Trojans.

> And even YOU admit that!!!

Sure I admit that. Why would I not admit it ? BUT ... NOD32 is still primarily an antiVIRUS program, and it should be regarded (and tested) as such. There is no way I, or anyone else at Eset, will tell you "You don't need an anti-Trojan program if you use NOD32."

>> More people drive Volkswagens than Ferraris. So what?

>> I'm not trying to convince you to buy NOD32 ... or a Ferrari.

> Are you sure about that?

Quite sure.

> By the way, using Ferrari here in Finland during winter time is the greatest joke ever!

Using a Ski-Doo on the freeway in summer is almost as funny.

> Does it have a correlation with NOD too in difficult circumtances?

If your "difficult circumstances" include Trojans and mailbombs and backdoors and browser hijackers and gaping holes in your operating system then there may be some correlation. Don't drive a Ferrari in Finland during winter, and don't expect NOD32 to protect yourself against Trojans and mailbombs and backdoors and browser hijackers and gaping holes in your operating system.

>> This isn't a "NOD32 vs The World" thread, Tinribs ... it's a "Rod vs All The Gullible People Who Believe In The Validity Of Shonky Antivirus Product Tests And Think Virus Bulletin Is A Shill For NOD32" thread.

> Unfortunately it was only your opininion about those gullible people!

I think I can safely say I've been in the antivirus industry longer than 99.99% of the people who will read this, so my opinion is based on a lot of experience.

>> Despite all the negative "NOD32 missed 27 356 viruses in my collection" crap you read in security forums, NOD32 seldom lets anyone down in the real world.

> I can only say that you know a source, from where it is easy to make a false positive test with 27 356 files, the winner we know of course, but let's think that NOD is a reference prog in there. I can help you a bit more, 5 671 clean files from av-test.org 2-2003 and 13 058 clean files from VirusP 5-2003 checked by NOD!

How about quoting a test with at least a little credibility!

>> NOD32 isn't perfect ... but it's not one tenth of one percent as bad as certain people seem to spend every waking moment trying to convince everyone else it is.

> It's nice to see that from your keyboard.

When have you ever seen me, or anyone else from Eset, claim that NOD32 was the perfect antivirus program ?

>> It probably won't. I have a low tolerance threshold for people who won't admit they're wrong when presented with irrefutable evidence ... and there are a lot of those around.

> I totally agree the low tolerance! Are you sure that it's a valuable character feature?

It is for me!

>> Read your history and it will become obvious that Firefighter takes potshots at Virus Bulletin for no reason other than the fact that Virus Bulletin tests put NOD32 at the top of the mountain ... and he heaps praise and adulation on any test that doesn't.

> It's your opinion, unfortunately! Don't you see the correlation between that arrogance of some NOD folks and the reaction of so called NOD bashers as you called them?

I don't know to whom you are referring with "some NOD folks", but in my case you confuse "arrogance" with "confidence".

> I don't classify people to GOOD or BAD here at Wilders but they are either customers or salesmen. Obviously you Rod are not a customer in here!

No, I'm not a customer ... but I'm not trying to sell you anything either.

> By the way, do you know where I can open my own bank account to collect my share of that the amount of members here at Wilders is growing rapidly everytime you and me have a debate?

Paul sends you a nice shiny new Krugerrand for every new member. Haven't you been receiving them ?

 

> Well, I don't really need to defend rod, but he was not saying the tests were "shonky" because they "dare to stand up", he is saying they are "shonky" because they often contain heaps of "malware" that are not, in fact, malware--which has been proven more than once in other threads here.

> He is saying that relying on tests which pit an AV against a large percentage of "files" that:

> 1. Are not a threat to anyone's PC

> and

> 2. Are not, in fact, malware at all

> ...is a disservice to people who trust the AV companies to provide their computers with protection. It's also a disservice to people who come to Wilder's for help.

Thanks Jim ... that is exactly why I consider some antivirus program tests "shonky"!

Virus Bulletin is (afaik) the only antivirus product tester in the world with an "open door" policy. If you're a bona fide antivirus researcher and you suspect some crud may have crept into their test suite, you're welcome to check it out yourself ... VB wants to know about it if it is crud. If you want to see how they conduct their tests, you can visit their test lab ... there's nothing shonky about their operation, and they have nothing to hide.

ICSA and Checkmark don't have (again, afaik) the same "open door" policy ... but they're both respected, reputable, ethical members of the antivirus community, and I have seen no evidence in their published test results to indicate that they test against non-viral crud, nor anything else to make me consider their tests shonky. I don't rate them as highly as I rate Virus Bulletin ... but they can toss a coin for the #2 and #3 slots in my book.

If those VXers and wannabe antivirus program testers whose tests I regard as "shonky" opened up their test suites for independent scrutiny and verification and used bulletproof testing methodology then I would no longer regard them as shonky ... but as things stand right now, their test results are nothing but useless misleading crap ... and I doubt that any professional AVer in the world will disagree.

 

> take for example virusP's test, he used several scanners to verify his testset. when we talk about viruses, this is a relevant way of verification, let's say that two scanners( for example kav&mcafee) detect a sample, then it is guaranteed virus, because two very different kind of scanners detected it..

Not even close to guaranteed!

This is the very reason why all VX "collections" are filled with crud. Disassembly can reveal that a file might be almost certainly a virus, but the only way to verify with 100% accuracy that a file is viral is to execute it and infect something ... and this is what Virus Bulletin has done with each and every virus in their test suite.

> i'd like to remind you that generally virus traders do not accept reports from all av's as verification, usually they want reportfiles of at least 2 scanners when trading

I'd like to remind you that a few months ago NOD32 was canned in the forums for not detecting an example of Magistr when FIVE other "big name" scanners said it was a virus. That file was available for dowload on no less than 22 VX sites! Eventually the sample was proved to be a damaged non-viral Magistr which could not have infected you if it bit you on the nose.

Tell me again about "guaranteed virus, because two very different kind of scanners detected it.."

> that's why i take virusP's virustest seriously(not his trojan test).. and with all the criticism he received last time,i can almost guarantee that his next test will be better in that respect

The antivirus industry will take VirusP's tests seriously when he cleans out the mountain of crud in his collection and tests antivirus programs only against live viruses. (I doubt that he will do this ... proper verification of every virus in his collection would take thousands of man-hours ... and he won't be getting paid for it.)

 

> May I ask a question to anyone who wants to take a crack at this? This is more of a summary...

> What tests (according to NOD32/Rodzilla/or anyone else) are valid?

According to me ... Virus Bulletin, ICSA, and Checkmark ... and a few computer magazines scattered across the world which call on the resources of one or more of those three organizations.

> Which ones are the "shonky" ones?

All the rest.

(Actually I don't regard U.Hamburg/VTC tests as "shonky" ... I simply think their tests aren't in the same league as "The Big Three".)

 

To everyone from Firefighter!

This is especially targetted to those whose native language is other than english.

Sorry about that it took so long to make clear what "shonky" actually means! ---

Classic FM Breakfast

Word of the Day: Thursday 24 July 2003

---Shonky---

Kel Richards writes:

According to Jonathon Green's Dictionary of Slang the word "shonky" is Australian and New Zealand slang, first recorded in the 1970s, and meaning "unreliable, dishonest, crooked, one who is engaged in irregular or illegal business activities". However, it turns out that this the expression -- which we think of as being quite harmless today -- had its origins in anti-Semitism.

After that Honorary Award I had changed my Avatar as you can see now.

http://news.bbc.co.uk/sport1/shared/spl/hi/cricket/02/ashes/game/html/shonky_or_drongo.stm

From the link above I can even make more nicknames if it is necessary.


Best regards,
Firefighter!

 

To Rodzilla from Firefighter!

> Sorry ... it's you who (still) misses the point. You have "Virus Bulletin tests only against clean In the Wild samples" implanted firmly in your head ... but this is incorrect. VB also tests against "zoo" viruses ... BUT ... they are all guaranteed to be live viruses which have infected someone's computer during everyday operations. Virus Bulletin tests against the real viruses which you are most likely to encounter in the real world ... and that's the difference between a VB test and shonky tests conducted on poorly-maintained "collections" which include non-viral crud, non-viral malware, never-seen-outside-the-lab specimens, and other assorted garbage.

VB is really AWARDING ONLY clean "in the Wild" tests together with clean test result of their false positive tests and all progs with default settings only. (So according to VB, NOD missed Swen if I understood right that default settings issue with NOD?)

It is an other story that VB makes also the Zoo tests with some 1 600 viruses which are hiding in some 21 000 infected files!

Counting only the Awards some prog has got, you are missing the point, YOU have to read the test reports in VB Magazines, to make clear how good some av is to detecting VIRUSES!

I have never said that NOD was performing average in those VB test reports but there are some progs too that are capable to detect every viruses too, perhaps there may be only one or couple samples within certain same virus collections that they missed but that's irrelevant when we are looking at the whole statistics with other progs.


I said before: Where Ckeckmark testers use 6 000 different viruses and VB some 1 600 different virus names.

> So what ? NOD32 has Checkmark certification!

The point was that ICSA's (not Checkmark as I wrote before) virusbase was almost four times as large as VB:s, that has nothing to with NOD or have I said somewhere about that! I'm just a curious to see those detecting rankings from ICSA, but unfortunately I couldn't find them!


> Mind telling me which worms NOD32 missed?

I told that I was checking my PC with NOD some 5-6 times a year and NOD hasn't found any virus or other infections either from my PC. So my virus protection is at least on the same level as by using NOD!

Unfortunately I have copied my infections just after August this year, so I haven't any copy of those possible worms that were in my puter before and I can't remember if NOD missed some (hardly happened)!


> Sure I admit that. Why would I not admit it? BUT ... NOD32 is still primarily an antiVIRUS program, and it should be regarded (and tested) as such. There is no way I, or anyone else at Eset, will tell you "You don't need an anti-Trojan program if you use NOD32."

So is there something bad to have KAV or some of KAV clones in your primary AV when the whole resident protection level against viruses plus malwares are after that on the best level?

Personally I use Outpost 2 Firewall, eXtendia AVK Pro as my resident AV, TrojanHunter as my AT and eTrust v7 Promo as my backup AV, because every prog can break down sometimes. Was that so RAV detected Swen with heuristics too, or remember I wrong again? If RAV detected that, eXtendia didn't have Swen problem either with DEFAULT settings!


> If your "difficult circumstances" include Trojans and mailbombs and backdoors and browser hijackers and gaping holes in your operating system then there may be some correlation. Don't drive a Ferrari in Finland during winter, and don't expect NOD32 to protect yourself against Trojans and mailbombs and backdoors and browser hijackers and gaping holes in your operating system.

After that you just said NOD is an excellent AV when some IF:s were patched to my use with other costly progs you choose carefully! I agree that.


I dont consider myself the more liar than you, the only difference is that I am fond of numbers and statistics when you are fond of verbal acrobatics!


Maybe it's our way here in Scandinavia, the home of Jewish Vikings, or how was that with the "Shonky" issue?


Best regards,
Firefighter!

 

Firefighter, PLEASE DON'T try to win the argument with Rod by subtly implying now that he's an Anti Semite... That's a pretty weak and cowardly way .... Stick to the issues, I swear I'll hit the Mod's button if this crap continues...
Everything was going along fine until the "Jewish" thing came around... If you are a closet Nazi, keep it to yoursself...

 

> VB is really AWARDING ONLY clean "in the Wild" tests together with clean test result of their false positive tests and all progs with default settings only. (So according to VB, NOD missed Swen if I understood right that default settings issue with NOD?)

Pedantically, if Virus Bulletin used a copy of Swen.A in its test before NOD32 released a detection update (this would never happen, but I'll play your game) then the NOD32 on demand scanner at its default settings would have missed it ... just like every other antivirus scanner missed it.

However, NOD32's email scanners at their default settings and NOD32's on access scanner at its default settings did detect and block Swen.A heuristically the instant it appeared ... and not one single NOD32 user in the world was affected by Swen.A.

> It is an other story that VB makes also the Zoo tests with some 1 600 viruses which are hiding in some 21 000 infected files!

You're the mathematical genius ... not me.

> Counting only the Awards some prog has got, you are missing the point, YOU have to read the test reports in VB Magazines, to make clear how good some av is to detecting VIRUSES!

I do read them.

> have never said that NOD was performing average in those VB test reports but there are some progs too that are capable to detect every viruses too, perhaps there may be only one or couple samples within certain same virus collections that they missed but that's irrelevant when we are looking at the whole statistics with other progs.

A miss by any other name is still a miss.

I'm not saying that an antivirus program which misses one virus in a VB test is a waste of money ... but skilled mathematician that you are, you must accept that 99.999999% is not the same as 100%.

> said before: Where Ckeckmark testers use 6 000 different viruses and VB some 1 600 different virus names.

> So what ? NOD32 has Checkmark certification!

> The point was that ICSA's (not Checkmark as I wrote before) virusbase was almost four times as large as VB:s, that has nothing to with NOD or have I said somewhere about that! I'm just a curious to see those detecting rankings from ICSA, but unfortunately I couldn't find them!

So what ? NOD32 has ICSA certification too!

> Mind telling me which worms NOD32 missed?

> I told that I was checking my PC with NOD some 5-6 times a year and NOD hasn't found any virus or other infections either from my PC. So my virus protection is at least on the same level as by using NOD!

You've been lucky. You wouldn't be singing that song if you'd been hit by any one of the several hundred viruses/worms which NOD32 has detected heuristically this year alone hours before any other vendor released their first update. This information is readily available ... and provable. You're an expert at digging up shonky tests which trash NOD32. Why don't you check out the real facts ?

> Unfortunately I have copied my infections just after August this year, so I haven't any copy of those possible worms that were in my puter before and I can't remember if NOD missed some (hardly happened)!

Oh ... I see. The old "NOD32 missed some worms on my PC but I can't remember what they were" story. Sorry ... I've heard it all before.

> Sure I admit that. Why would I not admit it? BUT ... NOD32 is still primarily an antiVIRUS program, and it should be regarded (and tested) as such. There is no way I, or anyone else at Eset, will tell you "You don't need an anti-Trojan program if you use NOD32."

> So is there something bad to have KAV or some of KAV clones in your primary AV when the whole resident protection level against viruses plus malwares are after that on the best level?

Have I ever said KAV was a bad choice ? Ignoring malware (we're talking viruses here) I will state right here and now that KAV is one of the best virus detectors in the world. (I distributed AVP/KAV for more than five years, and I've probably forgotten more about it than you ever knew.)

> Personally I use Outpost 2 Firewall, eXtendia AVK Pro as my resident AV, TrojanHunter as my AT and eTrust v7 Promo as my backup AV, because every prog can break down sometimes. Was that so RAV detected Swen with heuristics too, or remember I wrong again? If RAV detected that, eXtendia didn't have Swen problem either with DEFAULT settings!

As far as I'm aware (I could be wrong) NOD32 was the only antivirus program to detect Swen.A heuristically in incoming email ... which is why we saw no urgent need to release an update for it.

>> If your "difficult circumstances" include Trojans and mailbombs and backdoors and browser hijackers and gaping holes in your operating system then there may be some correlation. Don't drive a Ferrari in Finland during winter, and don't expect NOD32 to protect yourself against Trojans and mailbombs and backdoors and browser hijackers and gaping holes in your operating system.

> After that you just said NOD is an excellent AV when some IF:s were patched to my use with other costly progs you choose carefully! I agree that.

Sorry ... my English skills are not good enough to decipher your meaning.

> I dont consider myself the more liar than you, the only difference is that I am fond of numbers and statistics when you are fond of verbal acrobatics!

I don't tell lies ... and I've never accused you of telling lies.

> Maybe it's our way here in Scandinavia, the home of Jewish Vikings, or how was that with the "Shonky" issue?

I actually replied to that post, but I deleted my reply in the hope that this "anti-Semitic" bullshit would die a natural death ... but it hasn't.

Don't believe everything you read!

The word "shonky" is C0ckney (London, England) slang dating back to the dim dark ages of human memory. Kel Richards' suggestion that it's an Australian slang term which first appeared in the 1970s is laughable.

This "shonky is anti-Semitic" crap dates back only as far as Hitler's 1930s, when some clod claimed that "schonk"was a distortion of the Hebraic "shoniker" (street vendor) and was intended as an insult to German Jews. This ridiculous claim became an urban myth which was later expanded to include the British "shonk" ... and unfortunately numerous supposedly reputable literary reference sources have since "legitimized" it.

The word "shonky" is heard in all walks of life, all over the world. It has been uttered in Parliament. The governments of several Asian countries print English language leaflets warning tourists about shonky merchants. We often hear it in Australia on TV News broadcasts and read it in newspapers. An Oxford University paper on the Enron scandal states: "With hindsight, the 'Cayman Islands' strategy employed by Enron should have been a red light to investors and regulators alike. Yet all the shonky practices and unsustainable debt went under the official radar."

Do you really think that in this modern day of "political correctness", the regular use of an anti-Semitic insult by Parliamentarians, public officials, printed and visual media, and universities all over the world would be permitted without censure ?

One could draw a parallel with the Hebraic "shroff" (money lender) which can be used by Jews as a (probably jocular) insult among themselves. A Jewish friend of mine once told another Jewish friend who said he had to leave just when it was his turn to buy a round of beers, "Your arse is tighter than a shroff's!" The word was carried to Asia by the British a hundred years or more ago, where for some inexplicable reason it gained colloquial acceptance ... and the guy who collects money at a Hong Kong toll booth (for example) became officially known as a shroff.

I imagine that if I put my mind to it, within a few years I could have the word "shroff" designated as anti-Semitic too.

Edit .........
SS ... I don't think FF was accusing me of anti-Semitism. He just thinks "shonky" is an anti-Semitic word. Maybe I can get him a job as a shroff.

Edit #2 .........
A helpful Wilders regular just gave me a link to a site which dates "schonk" back to 1913 in Germany. Now I've read it, I remember this as being correct. My memory isn't as clear as it used to be, and I guess the fact that "Hitler" and "anti-Semitism" go hand in hand confused me a little. I had the facts right in my head, but the timeframe was out by 20 years. Blame it on Alzheimers.

 

No need for that Straight Shooter.

I would appreciate it as well if this stayed focused on the topic.
That alone will be enough to warm up a rainy autumn day.

Regards,

Pieter

 

clever language tricks form ol'roddy boy, trying to fool a non english member with language tricks, maybe it would be wise (and fair too) if firefighter started posting in finnish, he could do same kind of verbal acrobatics..
firefighter can you write in savo-dialect?
roddys tactics apperar to be the same as veikko vennamos.. a deceased political party leader in finland
you can keep your etymological knowledge to yourself rod(google?)
why did you start defending nod here in the first place? you was the first to mention nod 32 in this thread..paranoid about nod?

 

Where I come from.. some people go out and get snockered (drunk) and then go out and shag (dance).

I see alot of that in this thread..

Virus Bulletin slams shonky CNet reviews !!!



http://www.nod32.com.au/nod32/awards/vb_cnet_zdnet.htm



"Genius is the ability to reduce the complicated to the simple."
http://www.shonky.com/


Getting all this upset over testing results, when most of you are perfectly happy with the Antivirus each is currently using is hilarious.

Some of you have to get out of the house..and relax.

 

thanks john for the links! i had never been to rod's site.. found lots of interesting stuff there...
this is a fun thread to read and participate..
i'm just waiting if firefighter speaks savo...
and what rod makes of it.... it'll be great..
nuijasota was nothing compared to this...

 

 

illukka ... GROW UP!

 

Well, I for one, don't know what the heck you're referring to, illukka. Sounds pretty much like straight-forward English to me.

*sigh!*

He suggested that Firefighter should view ezAV and it's ICSA-certified proclamations in the same light as Firefighter views NOD's VB100% proclamations. He was pointing out inconsistencies in Firefighter's argument.

But, go ahead and slice the baloney another way! It's still baloney!

 

Agreed. The last sensible words I could find in this thread:

Closing this one for now.

Pieter