How is this......

Discussion in 'NOD32 version 2 Forum' started by -z3r0-, Jan 2, 2005.

Thread Status:
Not open for further replies.
  1. -z3r0-
    Offline

    -z3r0- Registered Member

    I was wandering how this NOD32 stacks up against the big guns of virus protection (norton, mcafee, kaspersky).

    I really like the idea that it isnt a resource hog as I am a gamer and that means alot to me but I also dont want something that is not going to protect me.

    How does this fair at detecting trojans? worms?

    I was going to definatly go with this till I read this report and now my mind is kind of up in the air.

    Overall review of tested Scanners

    NOD32 review

    I have decided either on NOD32 or Kaspersky as a stand alone virus protection.
  2. BlueZannetti
    Offline

    BlueZannetti Administrator

    -z3r0-,

    Personally, I prefer av-comparatives.org as a testing group. NOD32 has been significantly improving trojan detection over the past few months - check out the latest retrospective analysis at av-comparatives. Both AV's mentioned are solid options. NOD32 is the decidedly lighter one on resource consumption.

    Blue
  3. -z3r0-
    Offline

    -z3r0- Registered Member

    Wow seems like NOD32 beat out everything in the latest round of tests if I read the report right.

    In your personal opinion would you reccomend NOD32 over Kaspersky?
    Also what would you get to go with it for Worm? Trojon? protection, or do you think NOD32 would make a good stand alone product? I only use firefox to browse with unless its a microsoft site that doesnt support it.
  4. BlueZannetti
    Offline

    BlueZannetti Administrator

    Thats the retrospective test - the best effort that I've run across at assessing the likelihood of an AV dealing with day zero infections (i.e. before a viable signature can be deployed). It's a testament to NOD32's heuristic engine.
    It depends on surfing and usage habits. There are 5 machines at home among 4 reasonably heavy users. I have a KAV 5.0 WS 5-pack and two discrete NOD32 licenses. My older son runs NOD32 exclusively. I run both NOD32 and KAV 5.0 WS, but on different boot partitions. My primary partition has NOD32. We are both "speed sensitive" and that's part of the reason, although he is a major gamer and ran into a compatibility issue with KAV 4.5 and his Max Payne game - don't know if it was addressed in 5.0 - he doesn't want to change at this point.
    Same here with Firefox. I have all PC's running BOClean as well for backup - this includes the KAV machines and I realize that it could be overkill - but due to BOclean's light footprint and PSC's licensing policy for home use, it was an easy call.

    I have run into only one instance where NOD32's AMON didn't stop something in front of BOClean - and that was a grey area which would have been dealt with via an on-demand NOD32 scan under "Potentially Dangerous Applications". This was on a challenge visit to a site that I knew would try to infect via ActiveX, and which I explicitly allowed to occur, using IE.

    With normal surfing habits, I've not personally run into a situation where NOD32 let anything through for a subsequent find by KAV.

    Blue
  5. -z3r0-
    Offline

    -z3r0- Registered Member

    Sounds like it will be NOD32 for me then. I only have one PC and the wife and I are the only ones who use it. Its mainly just used for gaming, and going to message boards and shopping.

    To knock on wood I have been on the net now for 7 years and for some of that time was without any protection and we have only ever gotten one virus and that was a stupid mistake by me.
  6. BlueZannetti
    Offline

    BlueZannetti Administrator

    Check out Blackspears sticky thread on NOD32 settings. It a great guide to configuring NOD32.

    Blue
  7. Culvin
    Offline

    Culvin Registered Member

    Kaspersky and NOD32 are my favorite AV's -- you can't go wrong with either of them.

    In a nutshell, I think NOD32's advantages over KAV are its advanced heuristics and its light footprint. KAV actually has good heuristics too ("code analysis"), but I usually see NOD32 testing slightly better there. I think KAV's advantage over NOD32 is its detection rate. Kaspersky is the king of detection, scoring ~99.8%+ in every comprehensive review I see (thanks to its unmatched detection of trojans amongst AV's). NOD32 scores between 82% and 95% depending on the review.

    I'd go with whatever's important to you: heuristics and light footprint, or overall detection including trojans. I can be quite "adventurous" online, so real-time trojan detection is important to me. I don't want to buy and use a seperate AT program when, IMHO, trojans should be covered under an AV. So I use KAV, but I still love NOD32 and will switch over when NOD32 beefs up its trojan definitions.

    Hope that helps :D
  8. Sweetie(*)(*)
    Offline

    Sweetie(*)(*) Registered Member

    Nod32 is a big gun AV, Microsoft use it.
  9. -z3r0-
    Offline

    -z3r0- Registered Member


    Well I dont venture into the grey area's of the internet but I do still want something that has good trojan/worm detection. I am really leaning towards NOD32 because of its light footprint but I dont like is then you have to buy something else for trojan/worm protection.
  10. Blackspear
    Offline

    Blackspear Global Moderator

    The advancements in Heuristic detection of Trojans has vastly improved in the latest version of Nod32, together with your surfing habits, I don't think you are going to have an issue at all.

    If you are at all concerned you may want to take a look here for further discussion on security and how to make your system that much stronger and here for more.

    This is what works really well for me, very simple to use and maintain.

    Hope this helps...

    Let us know how you go...

    Cheers :D
  11. -z3r0-
    Offline

    -z3r0- Registered Member

    I currently use:

    • Antivir
    • Zone Alarm Pro
    • Ewido (free trial) not sure if will purchase or stay free
    • FireFox
    • Thunderbird
    • Spyware Blaster
    • Spybot Search and Destroy
    • Spyware Guard
    • Adaware
    • Crap Cleaner
    • Reg Scrubber
    • Reg Seeker

    I am probably pretty well covered but I just am not convinced Antivir is doing its job. It doesnt update very often and it has never blocked anything maybe that means I never ran across anything, but I am starting to feel a false sense of security from it.
  12. Blackspear
    Offline

    Blackspear Global Moderator

    That's a pretty good set up, though I would suggest that Nod32 with the use of it's HTTP scanner and advanced Heuristics will see your system that much stronger...

    Cheers :D
  13. -z3r0-
    Offline

    -z3r0- Registered Member

    I am probably gonna go with the free trial and see how it reacts to my system.

    Is the free trial any different than the bought version?

    Do you have to download a different version when purchased?
  14. ronjor
    Online

    ronjor Global Moderator

    And will catch as yet unknown viruses and worms.

    And with a support forum here that will do everything to help you if you have problems.

    Easy pick for me.
  15. Blackspear
    Offline

    Blackspear Global Moderator

    A good idea.


    Only in the way that it updates, the Trial Version updates the entire virus signature database each time (about 2.5Mb), whereas the commercial paid version updates incrementally, with each update being on average approximately 7 to 70k in size.


    Yes, you will need to uninstall the trial version, delete the Eset folder from C Drive> Program Files and then install a FRESH copy of the commercial version which is available using a Username and Password provided upon payment.

    There is a thread here for tweaking Nod32: http://www.wilderssecurity.com/showthread.php?t=37509

    Hope this helps….

    Cheers :D
  16. -z3r0-
    Offline

    -z3r0- Registered Member

    Yeah this does seem like a very friendly place and people seem very willing to help. I am very happy and thankfull of you guys in the last few days who have put up with and answered my dumb questions.

    I think I am going with NOD32 after I redo the PC tonight. Probably go with the trial just to make sure its gonna work ok with my system before I purchase it.
  17. -z3r0-
    Offline

    -z3r0- Registered Member

  18. Blackspear
    Offline

    Blackspear Global Moderator

    Ther are no dumb questions, ask as many questions as you like, better that way than sitting in the dark, only to find there is a light switch above your head that you could have turned on had you known about it…

    Cheers :D
  19. Blackspear
    Offline

    Blackspear Global Moderator

    Both versions :D

    Cheers :D
  20. -z3r0-
    Offline

    -z3r0- Registered Member

    How come on test 3 NOD32 didnt do very well but on Test 4 it did really well?
  21. BlueZannetti
    Offline

    BlueZannetti Administrator

    -z3ro-

    They are different types of tests.

    Test 3 is an on-demand comparision. According to the report, the test bed of malware was frozen on August 4, and all AV's were updated to virus definitions available on August 6. It is a historical look of the ability of an AV to portect against "known" malware. Look at the catgories examined and where the gaps are for NOD32. The biggest gaps were in dialer detection and "other OS malware". Personally, not a major deal for me. Detection was solid in Windows viruses/macros/worms/scripts, not stellar as with KAV & McAfee, but quite solid. Trojan detection lagged somewhat (my opinion).

    Test 4 is a retrospective comparison. Here, the test bed consisted of "new" in-the-wild and zoo samples. For the in-the-wild samples, these were samples that had appeared, according to the report, between Aug 6 and Oct 6, 2004. All of these samples were scanned using virus definitions dating from Aug 6 (i.e. the last update prior to the start of the collection of malware). During this period, 8 new in-the-wild viruses appeared. NOD32 was the only program able to detect all of them, the next best effort yielded two detections from the eight samples. This is a small population, but it's a population that actually appeared in the open and infected users, which I feel is significant. As I've stated in a number of places, I view this as a reasonably objective test of zero-day performance - the ability to protect before anyone has had a chance to develop and deploy a signature. Rapid response, as typified by Kaspersky, mitigates the risk here by significantly shortening the potential period of vulnerability. However, while the risk is mitigated, it is not eliminated.

    Blue
  22. -z3r0-
    Offline

    -z3r0- Registered Member

    How does it do against keyloggers?
Thread Status:
Not open for further replies.