What other Anti Virus program in conjunction with NOD32?

Discussion in 'other anti-virus software' started by diesel, May 24, 2004.

Thread Status:
Not open for further replies.
  1. diesel

    diesel Guest

    All,

    I like NOD32 alot, however, i've read some complaints about NOD32 not catching everything or something, so i would like to take a "layered" approach to keeping my machine clean. I would like to install another anti virus program in conjunction with nod32. Of course i will only use one of them to act as the resident scanner, however i would like the other one on hand to use as an on demand scanner. does anyone have any experience in installing and running the on demand scanner of another AV program, such as KAV with nod32? Anyone find a good combination to offer high protection? TIA
     
  2. Sandish

    Sandish Registered Member

    Joined:
    Apr 29, 2004
    Posts:
    51
    Just use one of the various web-scanner like TrendMicro Housecall , RAV or Bitdefender. Free and easy.
    :)
     
  3. Arin

    Arin Registered Member

    Joined:
    May 1, 2004
    Posts:
    997
    Location:
    India
    if you want free solution then go for those in that order of preference:

    1. Panda platinum 7.07 ( AV + firewall )
    2. eTrust EZ antivirus
    3. F-Prot for DOS 3.14e
    4. AntiVir PE

    if you can shell out some quids then:

    1. KAV 4.5 Pro or KAV 5 Personal
    2. F-Prot for Windows 3.14e
    3. Trend Micro Internet Security 11.1 ( AV + firewall )
    4. McAfee

    by the way those are my personal preference so it can differ with other people.
     
  4. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Since this is in fact not a NOD32 issue, but about other antiviruses installing in conjunction - this thread has been moved to the apropriate forum.

    regards,

    paul
     
  5. Kobra

    Kobra Registered Member

    Joined:
    May 11, 2004
    Posts:
    129
    I used NOD32 + BOClean, and found it a good, very light combo. But sadly, it still wasn't enough. BOClean is very very good at keeping things from "Executing" on your box, but its heuristics seem a bit light, and it lacks good rebase detection.

    I've had 3-4 baddies pass through this layered level in the last week!

    I've decided to drop NOD32 like a bad habit, it just misses way way too many malware/trojans/keyloggers, and thats the main thing that i've run into in the last 2 months. I need heuristics in my onaccess scanning.

    Honestly, if I had to recommend anything to you, it wouldn't be NOD32, it would be something like F-Secure, AVK, Norman, or KAV.

    Perhaps the next version of NOD32 will address its deficiencies.

     
  6. Pigman

    Pigman Registered Member

    Joined:
    May 15, 2004
    Posts:
    381
    Umm, AMRX, it seems that both Panda and E-Trust have removed those offers. Last time I checked their websites, Panda Platinum was back to a 30-day trial version, and the EZ Armor and EZ Antivirus 1-year trials actually required money.
     
  7. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Facts please - without them, your statement is worthless.

    NOD32 is the one and only ITW antivirus, and is considered as such worldwide. You might dislike VB for exposing this - but there's no way around it.

    You have expressed your personal opinion; that's just fine. In case the pattern that surfaces - bashing NOD32 on each and every ocassion - continues: that's a different story, coming close to trolling. And we won't allow so over on this board, whatever software is involved. Thus: refrain from doing so from now on.

    regards,

    paul
     
  8. diesel

    diesel Guest

    Kobra,

    i read your other post about bitdefender, and in it i found the link to the trial version for AVK, downloaded it and running it now. so far it's great, much heavier on resources than nod32, but for the dual layered (KAV and Bit engine) protection from two great engines, it seems worth it

    so what will you be replacing nod32 with? have you made up your mind yet?
     
  9. Kobra

    Kobra Registered Member

    Joined:
    May 11, 2004
    Posts:
    129
    I might be going to the US version of AVK by eXpendia, its actually considerably lighter than the G-Data version of AVk, and if you call or email them, they will give you a download and a key to try it. Contrary to what Paul told me, these guys DO have good support, and offer toll free phone support, and during regular business hours - usually email responses within an hour... $29 for the pro version, ONE TIME fee, no yearly fees required.. Check here for more info:

    http://www.extendiaavk.com/

    This thing is racing through my tests with 100% perfect flying colors, its onaccess HTTP scanner is robust, you likely won't even be able to CLICK on a virus/trojan to download, even archived. It ripped up that little AVtest program bad, recognizing signatures in the actual EXE itself before even running the program. I put a really bad rebased/packed (with new packer) baddie I got hit with this week through it, and it tore that up as well. I put a CD with about 100 Keyloggers/Dialers/Backdoors on it through it, and it scored 100%.

    As for my evidence about BOC/NOD32 Paul, other than my personal tests, and my personal run-ins with various baddies - which have been sent off and confirmed by every other AV company, I can refer to these: (and a few others out and about) I still love BOClean, it does what it does well, if its a known baddie, and you get backended with it, BOClean works wonders, I love BOClean. =)

    http://home.arcor.de/scheinsicherheit/rebasing.htm

    d) NOD32 Version 2.009

    Advanced Heuristics default configuration: 0 out of 11

    and for BOClean:

    Also memory scanners like BOClean 4.11 are (obviously) not immune against rebasing. For instance, the rebased Beast 1.92, CIA 1.22 & Theef 2 beta 5 servers remained undetected. Rebased Bionet 3.18 and Optix Lite 0.4 servers were detected.
     
  10. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Kobra,

    You are and have been referring to personal expiriences - which baddies did go undetected? No doubt you do have log files. Provide the goodies, please.

    Although that's not exactly the issue here, I'm sure Kevin will be pleased to hear so.

    As for "scheinsicherheit" (Nautilus, right?): interesting, heavily critized (as you are well aware of). I nice project nevertheless. Rebasing - as well as other ways to fool AVs are well known. I for one would not count on results published over there. Andreas Clementi for example wouldn't either.

    Nevertheless: my former statement stands:

    regards.

    paul
     
  11. Kobra

    Kobra Registered Member

    Joined:
    May 11, 2004
    Posts:
    129
    Can't really log sometihng they both missed, but i'll be happy to refer you to emails between myself, TDS and BOClean about the files/programs in particular.

    But I do have logs of products like AVK, F-Secure and Norman picking up the very same files, even inside them. Theres a thread on this on the NOD32 forums here specifically.

    At any rate, BOClean seems like a good backup solution - or layered solution for almost any AV - at least in my opinion!
     
  12. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    I'm interested as ever - my addy is in my profile. Looking forward to the emails :)

    Looking forward to the logs as well :)

    Kevin and Nancy will be happy to hear so :)

    Now, since we've agreed to chill - let's move on in a decent way :)

    regards.

    paul
     
  13. diesel

    diesel Guest


    kobra, how is the extendia ATV program in terms of system resources? resource hog?
     
  14. Kobra

    Kobra Registered Member

    Joined:
    May 11, 2004
    Posts:
    129
    http://home.comcast.net/~prolawn00/cpu.JPG

    Actually, the program is way smaller than any other AV i've seen as far as resources.. Uhh, 8,288k of system resources with only 2 processes running.

    Now, there *IS* tiny pauses when you do things with both engines grinding away on full power.. Instead of say your web browser loading up in 1 second, it might take 2 seconds for example. But whats doing this is the KAV engine, which you can toggle off or configure differently. Running on only the RAV engine, theres absolutely zero difference than running nothing at all. So clearly, this badboy is using both engines and doing the double-check. KAV hasn't been known as a total speedster, so thats understandable.

    I run both full blown, and its totally tolerable considering the extreme protection. I'm going to dig into configurations a bit more, as you can tweak this down a good bit, and probably make it hardly even noticable.

    However, to give you an idea how good this protection is, I downloaded a rebased/repacked trojan from my own fileserver where I was storing it, a file which around 10+ AV/AT products completely miss. Well AVK wouldn't even let me DOWNLOAD IT... Thats pretty intense, no?

    RAV's definition database is almsot 100,000 strong based on what their website says. So even if you just ran the RAV side of it most of the time, and used the KAV+RAV for ondemand, you'd be massively protected from one product i'm betting.
     
  15. VikingStorm

    VikingStorm Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    387
    Hmm... didn't AVK drop RAV?
     
  16. Kobra

    Kobra Registered Member

    Joined:
    May 11, 2004
    Posts:
    129
    AVK-Germany changed to KAV+BitDefender. AVK-USA kept the KAV+RAV engine system. RAV has about 25,000 more definitions than BitDefender, and a better unpacker.

    I think that had something to do with it. :D
     
  17. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    If MS bought up RAV, be interesting to see what happens to support in the future.

    Interesting read
     
  18. Kobra

    Kobra Registered Member

    Joined:
    May 11, 2004
    Posts:
    129
    I was wondering about that too, and i'm looking for more data on that from eXpendia. With 98,000+ defs in the RAV database, its certainly impressive sounding.

    But I suspect the US folks will just switch to the BitDefender database should someday the RAV ones turn off. The reason they kept with RAV for the US version was due to its larger more comprehensive aspects compared to the Bit one.

    I'm going to call them tomorrow.
     
  19. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    Let us know what you hear. LOL keep up the good work. :D

    I'm back to KAV 5.0 (only AV I feel comfortable with based on testing and the fact that tech support answers emails for eval versions in a timely manner... same day generally) and waiting to hear if I can get an ETA for Personal Pro out of a contact in Marketing.

    So far I've been through BD 7.2, Panda Ti 2K4 & Plat, F-Secure, EZ, NOD32, AVK, F-Prot, NAV 2K3, NAV 2K4, TMIS 2K4.
     
  20. WYBaugh

    WYBaugh Registered Member

    Joined:
    Jan 23, 2003
    Posts:
    122
    Location:
    Florida
    Kobra,

    I may be missing something, but I have been an AVK user from day one (from eXtendia) as a backup to NOD32. My yearly license was up in February and I have to buy an additional year license for signatures. From their web site:

    Gold Support and License Extensions

    Each eXtendia Antivirus product comes with Gold Support which includes one year of free virus signature updates. Once your introductory year runs out, you will want to maintain your access to the latest virus signature updates by extending your current support agreement for a nominal cost. To extend your support coverage, select the product that you're currently using below

    Double-Engine Antivirus Users (Extendia AVK Pro or Extendia Antivirus Professional) - renewal cost :

    One year: $24.95
    Two Years: $45.95

    Single-Engine Antivirus Users (Extendia AVK or Extendia Antivirus )
    - renewal cost :

    One Year: $8.95
    Two Years: $16.95

    So if you're getting them for free definitely go for it.

    The product is ok for a backup on demand scanner. I would not personally use it as a primary scanner...it's noticably slower. Much more so than NOD32. I use the same combo that you used, NOD32 and BOClean and have never had a virus, trojan or malware infect my system.

    Bill
     
  21. Kobra

    Kobra Registered Member

    Joined:
    May 11, 2004
    Posts:
    129
    Your right Bill, thanks for correcting that. $24 per year.. Still a great value really, considering some AV's are triple that or more!

    I've not noticed a significant draw on my system from AVK, only about 8,000-9,000k in ram, and a tick to 1% on the AVK.EXE once in awhile. Loading some progs takes a second or two longer. For example my browser takes 2-2.5 seconds to load with BOTH engines running set to max, rather than 1-1.5 seconds. Keep in mind i'm running a fast 3.4ghz custom box.

    Now, my thought is this... This proggie might offer the best of both worlds.. If you are worried about the slight hit on performance for some things, then just run one engine for on-access realtime scanning, then for on-demand scanning, turn both engines on, and set them to max. You have probably the most incredible ondemand scanner known, as well as more than adequate 100% ITW+ realtime monitoring.

    My NOD32+BOClean combo I liked, but unfortunately 3 things passed it in one week, total of 6 this month, and I finally decided it just wasn't working out. I think i'll be moving exclusively to AVK for my AT/AV layout, with perhaps Ewido on standby for ondemand AT when I feel like it.

    At the very least, i'll run realtime with RAV, and ondemand with fullout both engines on deep/max. $29 I can't go wrong! Thats 10% of what I was spending before on products. =)
     
  22. Grumble

    Grumble Registered Member

    Joined:
    Apr 25, 2004
    Posts:
    185
    Location:
    the sunshine state
    Hmmm... the deal with eXtendia AVK gets even better... they are offering the complete Security Suite (which includes the double-engine AV, plus a firewall and eight other security apps) for the same price as the AV alone... $29.95... sounds like the bargain of the century...

    http://www.extendiaavk.com/SecuritySuite.htm
     
  23. Kobra

    Kobra Registered Member

    Joined:
    May 11, 2004
    Posts:
    129
    WTF sign me up! Even if that firewall is kinda lame, I could still use it on my test PC... Let alone the other toys to play with... Sounds good to me.

    Wonder if that whole suite, contains the "AVK Pro" or some other version of the AVK? I'm going to have to call them on that to I guess and ask. If it does, thats a super deal.

    For any questions, 7 days a week, call Toll Free 866.224.2140
     
  24. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    I believe the Internet Security version come with the AVPro.

    "eXtendia Antivirus (Double Engine solutions)"

    Have to admit, it's a compelling package but I'm skeptical, seems too good to be true. Something has to be up with either the company or the product. If they're trying to market aggressively, they can't do it on price alone. Lot of things missing from the equation. Although it is good to know that they do have phone support.
     
    Last edited: May 25, 2004
  25. --Nautilus--

    --Nautilus-- Guest

    @Paul

    1.
    I still can't log in. Are there any special requirements to enter this forum? Should
    I delete cookies etc.?

    2.
    "As for "scheinsicherheit" (Nautilus, right?): interesting, heavily critized (as you are well aware of). I nice project nevertheless. Rebasing - as well as other ways to fool AVs are well known."

    This comment is o.k.

    3.
    "I for one would not count on results published over there. Andreas Clementi for example wouldn't either."

    I do not like this comment:

    Do you mean our results are wrong, faked or something like this? If yes: please substantiate your claim.

    Or do you mean that our results do not tell the entire truth? If yes: no problem. That's what I always say myself.

    In addition, I wonder why you refer to Andreas Clementi. Is there any official statement from Andreas Clementi that our results are crap?

    Regards, Nautilus
     
Loading...
Thread Status:
Not open for further replies.