Norton 2003 & KAV 5.0 story

[Gary]

Here is one I could not believe. I was working on a friend computer which
was slow to a crawl so I did a virus scan with NAV 2003 and found nothing
with the latest definitions. I ran Ad-Aware,Spybot and SpySweeper and found
hundreds of spyware but it was still slow and all so crashing some times so
I uninstalled Norton and installed KAV 5.0 and as soon as I started
downloading the updates it started going crazy with detecting viruses and
when it was done it detected 2851 viruses and disinfected 1437 and deleted
1385 objects. I could not believe Norton did not find any of these viruses.
Most of them were Trojans and Backdoor viruses. I am sold on KAV. It has
gotten me out of a lot of jams lately working on other computers.

 

[Alex Makoque]

Here is one I could not believe. I was working on a friend computer which
was slow to a crawl so I did a virus scan with NAV 2003 and found nothing
with the latest definitions. I ran Ad-Aware,Spybot and SpySweeper and found
hundreds of spyware but it was still slow and all so crashing some times so
I uninstalled Norton and installed KAV 5.0 and as soon as I started
downloading the updates it started going crazy with detecting viruses and
when it was done it detected 2851 viruses and disinfected 1437 and deleted
1385 objects. I could not believe Norton did not find any of these viruses.
Most of them were Trojans and Backdoor viruses. I am sold on KAV. It has
gotten me out of a lot of jams lately working on other computers.

Maybe one of the viruses had neutered NAV so it was no longer
functioning correctly?

AL

 

[Bill]

Most of them were Trojans and Backdoor viruses

Which aren't viruses at all. KAV is known for having a very high
trojan malware detection rate, so it's not surprising.

 

[Vanguardx]

Which aren't viruses at all. KAV is known for having a very high
trojan malware detection rate, so it's not surprising.

Which makes me wonder if something like TDS-3 would have caught all the
trojans that NAV missed. At
http://www.av-comparatives.org/seiten/ergebnisse_2004_08zz.php, Norton
only caught 77.74% of the tested trojans and KAV caught 99.26%. I was
surprised NOD32 (72.10%) was worse than Norton. However, the
AV-Comparatives test only checked against 18,527 trojans whereas TDS-3
claims they detect 38,257 of them (which fits in with their claim that
they detect more than twice as many trojans as other programs).

Anyone know if the latest version of KAV stopped writing its file
signature or hash "tag" into the alternate data streams (ADS) of the
files it scans? If you uninstall it, all these ADS'es are left behind,
and I really don't want to be altering files by adding an ADS to each of
them just to speed up KAV's scan (so it doesn't have to recheck a file
that it can verify has not changed since its last scan). Apparently KAV
has released their "ADS Tag Remover Utility" (you have to ask them to
e-mail their KLStreamRemover utility) so I don't know if it is used to
remove the ADS "tags" that were added by their just their old versions
or is still added by their current version. From what I see in a Google
search, Kaspersky 5.0 (which is the latest version) still uses ADS. If
it were an option that could be disabled then users wouldn't still be
complaining about KAV [5.0] using ADS.

I don't know how TDS-3 fares against other anti-trojan programs, like
TrojanHunter. I saw no mention of ADS scanning for TrojanHunter in
their product description. On-demand anti-virus scanners, anti-trojan
scanners, and malware scanners all impact your system (via money,
resources, and performance) so, in a way, the a-holes proliferating the
viruses, trojans, spyware, and other malware already have a partial
victory.

 

[joke0]

Hello,

Vanguardx:

Apparently KAV has released their "ADS Tag Remover Utility"
(you have to ask them to e-mail their KLStreamRemover utility)

You can download it from their ftp:
ftp://updates3.kaspersky-labs.com/utils/klstreamremover/

 

[Nehmo Sergheyev]

- Bill -

KAV is known for having a very high
trojan malware detection rate, so it's not surprising.

- Nehmo -
I had an experience similar to OP. I switched from Symantec to Kaspersky
because KAV was ahead of NAV this time. I had to uninstall NAV to install
KAV. The safest solution would be to run a few AV programs. I'm trying to
figure out which ones and how now.

But the system of getting new definitions or signatures and scanning for
them is only marginally effective. An unknown malware could succeed before
anybody knew what it was. Malware has to be identified by what is does - not
who it is. I don't suggest this is easy to accomplish.

 

[null]

Which makes me wonder if something like TDS-3 would have caught all the
trojans that NAV missed. At
http://www.av-comparatives.org/seiten/ergebnisse_2004_08zz.php

Of course not. You're comparing apples and oranges. While TDS-3 has a
limited number of "frontier scanning" sig detections, much of its
detection capability is "after the fact", so to speak. IOW, it has
various types of capabilities for detecting that a PC is already
infested (mutexes, etc.). But it's relatively weak in terms of
alerting the user to files that _will_ infest a PC.

TDS-3 alerts on about 35% of the Trojan files in my collection. KAV
alerts on 99.9% of them. People are far better off using a strong
overall malware detector such as KAV or one of the products that use
the KAV scan engine. I'd much rather detect Trojans before they infest
my PC, not afterward


Art
http://www.epix.net/~artnpeg

 

[Ceily]

Maybe one of the viruses had neutered NAV so it was no longer

functioning correctly?

AL

My thoughts exactly. My Nav was neutered so many times (on 2 different
machines), I too switched to Kav.

Ceily

 

[Miles Fromier]

I'd much rather detect Trojans before they infest
my PC, not afterward

Yep! Really, they are trojans at that time and later they may become unwanted applications like backdoors or bots. But most
AV vendors will call the apps "backdoor trojan viruses" I guess one out of three ain't bad.

 

[Bu©KaRoo]

Here is one I could not believe. I was working on a friend computer
which was slow to a crawl so I did a virus scan with NAV 2003 and
found nothing with the latest definitions. I ran Ad-Aware,Spybot and
SpySweeper and found hundreds of spyware but it was still slow and all
so crashing some times so I uninstalled Norton and installed KAV 5.0
and as soon as I started downloading the updates it started going
crazy with detecting viruses and when it was done it detected 2851
viruses and disinfected 1437 and deleted 1385 objects. I could not
believe Norton did not find any of these viruses. Most of them were
Trojans and Backdoor viruses. I am sold on KAV. It has gotten me out
of a lot of jams lately working on other computers.

KAV is awesome.