Losing faith with NOD32 shocker!

Finally people are starting to see the light, thank you Jerry. I work in local government, and I have a lot of friends for the Citys Information Technology department. 2 years ago all they raved about was Nod this and Nod that. They dont anymore. Of course they now rave about Avast, so I am not sure what the moral is here.

 

Hi trjam,

Maybe the moral is that they are not married to any AV, but just go for what they understand to be the best at any particular time. I must admit that in my view NOD is better than Avast, although Avast is not bad.
I will be interested in seeing the results of the new version of NOD. I suspect it will be good.

Comment removed. Please focus on software only. - Ron

Regards,
Jerry

 

Don't listen to civil servants?

 

Neither am I!

 

It may seem strange to some, but I've never lost faith in any AV program over detection, even the Lanterne Rouge of the AV-Comparatives certified (standard and above) AV's. For me it's always revolved around performance with decent to better than decent protection. I can handle the bridge from decent to excellent manually if needed.

As for being wedded to a solution, I'm all for brand loyalty, but the vendors have to earn that loyalty from me each and every year.

Finally, I really don't believe that it's very healthy to define yourself solely by the products you use, or to define other folks by the solutions they choose to implement. While spreading the word of good and bad experiences and approaches generally benefits all, those experiences should be critically and objectively self-assessed before the sharing begins...

Blue

 

Yes, nod detection rate is not so good as in the test. The speed in adding samples is the key to fight malware, so kaspersky is better than other products for home users. In fact I am not very interested in advance detection, they are not reliable, I just use HIPS.

 

Hi Blue,
["For me it's always revolved around performance"]


What does that mean? Not an argument, but just curious as to how performance differs from protection. Maybe you are considering performance as how it runs on your system, conflicts, and updating??
I can sure agree that if there are problems in those areas an AV is not very useable.

Regards,
Jerry

 

I am quite interested in seeing some test results that support your contention that NOD32 has dropped in detection. NOD32 was the overall winner in 2006 according to Av-comparatives. NOD32 was also one of only two AVs (Norton, the other) which scored 12/12 in polymorphic detection for the Feb 2007 test. Are you basing your comments on the fact that NOD32 rated Advanced rather than Advanced+ during the Feb 2007 test? You are basing your comments based on this one test? Let's be fair.
If you have definitive proof that NOD32 is an inferior product, I would love to hear it. Bashing for the sake of bashing is one thing. Having reproducible test results is another.

 

Without defending the OP, I would not consider that stating one's personal experience is bashing. It may not be the experience of most users, but it is his, and is useful for consideration when choosing an AV.

Best Regards,
Jerry

 

Jerry,

Good catch, that was an ambiguous statement.

By performance I mean the operating performance (speed and stability) of basically the remainder of the machine - the OS and applications.

For most of what I do on my casual machines, that means browser and applications for writing, graphics, and simple numerics are not obviously slowed. To me, it should not be apparent, based on the speed/responsiveness/etc. of other applications that an AV (or other antimalware applications) is active.

You should not be innundated with extraneous alerts or notifications, applications should not stall while the AV figures out what to do, the system shouldn't crash because some security application got in the way.

That's the ideal. Now, real programs take CPU cycles. Resource consumption is finite. Some programs take system resources aggressively, others are quite parsimonius in their utilization of the system. I will trade some level of detection for a smaller footprint on the system ecology. That's basically what I mean by performance.

Areas like direct applications conflicts, updating and so on, are basic aspects of the AV functionality. Significant problems here result in removal of those applications.

Cheers,

Blue

 

I don't wish to minimize anyone's experience. Everyone has a right to post here.
That point will always be respected.
However, many people read the posts here and may use the information here in their security decisions. The problem the original poster had may or may not be malware related. How can a user lose faith with a product if it hasn't been determined whether malware is involved?

 

I would have to say that if a product did not run well, and had problems regardless of the cause, and did not detect as expected that is germane. I agree that it does not prove that on someone else's computer the results would be the same, but if an AV does not work on my system I would lose faith regardless of the root cause. It is only useful to me if it does work on my system.

It must be admitted that NOD did not show as well on IBK's tests of Feb 2007. I also admit that there is not much difference in 1%, and that would not impact my decision.

I think it is legitimate to use the information posted here in making security decisions. I thought malware was involved even though from a cracked site. Other posters confirmed that in their experience NOD did not perform up to expectations.

I take these things, normally, at face value and recognize that not all will have the same experience, including me, but am appreciative of folks sharing their experiences. In the end, I never consider one post as the last word, and investigate an application to the extent I can.

I would not go to a risky site to try to prove the effectiveness of my AV. I prefer to let IBK test it, and consider those results more than my very limited experience, and very little expertise.
Have a good evening.

Best Regards,
Jerry

 

Retrospective IMO is less important then detection. But NOD32 does well in both and so it gets overall winner while other AV's didn't because they screwed up in one retrospective or on-demand test. I don't think NOD32 has dropped in detection but I do think NOD32 isn't "the" best anti-virus. Or #2 or #3 for the matter.

 

I also don't think NOD32 has dropped in detection. The "best" is a subjective measure which is different for each user.

 

I am not bashing NOD32 at all - as I said in one of my first posts, I have been using it for years now - what I am is disappointed with it, and I have never been disappointed with it before. It missed three threats that Kaspersky picked up. These may be genuine, they may not, but at least with Kaspersky I have the choice to research and decide - I feel NOD32 isn't allowing me this choice and I am now doubting it's abilities. What else has it let go in the past that may have been malware or harmful without me knowing?

Again, my point here is as above - the threat might not have been genuine, but I would still like to be alerted just in case. I feel Kaspersky did this, NOD32 didn't. NOD32 was, in my setup along with FDISR, the program that I installed without even questioning - now I have doubts about it.

If I installed a HIPS that I wanted to alert me about threats and it didn't do so, then I would feel that the HIPS was not doing it's job properly, whether the threat be real or not - I would want to make that choice. I expect NOD32 to alert me if it finds anything suspicious, and in this case, it hasn't - three times. To me, it's not about the threats being genuine, it's about what I had considered to be the best AV without question letting me down. Perhaps it is so confident that it does not need to alert me, I don't know, but I am finding myself not trusting NOD's detection any more, and this saddens me.

This morning, for the first time in many years, I find myself looking to try Avira and Kaspersky instead on NOD32. Whichever of those two feels better to me and makes me feel more secure, I will probably replace it over NOD.

I feel that my system could be more secure, and with an AV I really don't want to worry about if it is doing it's job well enough. At the moment, I am wondering and I don't like it.

This has been fascinating for me to read and I have been surprised at many people's reactions. I was expecting many to slate me for saying I was not happy over a pretty insignificant little test, but to me it was a real-life test that could very well happen on my machine (from one or two family members) at any time. They download from P2P and extract archives all the time. Seems NOD isn't as on the ball as I expected it to be, and I feel uncomfortable knowing that and the one certainty is that by the end of the day I will have a different AV running than I have at the moment, and although this kind of saddens me, I feel that it has to be done.

 

I guess I forgot to put another IMO.

And @ mrfargoreed, Kaspersky always amazes me. Some user was having a splash screen thing... He tried McAfee, NOD32, AVG and others... I told him to try Kaspersky because I was 99% sure it would find it... He posted later and said that it did. It made me happy. lol

 

Unless you can find a scanner that gives you a 100% detection rate, there's always room for doubt no matter what you switch to.

 

Yep, I certainly feel that this could be the way forward for me, personally. I think the time has definitely come to give Kaspersky a proper go on my machine once and for all.

I totally accept this solcroft, just at the moment I don't even feel 50% secure with NOD32. I feel like I've been let down by my best friend

 

So what happens when you stumble across a virus your next anti-virus solution doesn't detect as well?

Just curious. And trust me, if it weren't for the PDM, Kaspersky is a scanner that misses a hell lot as well... at least on the Chinese malware scene.

 

I Agree

 

Hi AV guy's:

Please refer to the thread here:

https://www.wilderssecurity.com/showthread.php?t=167941

Although I missed my own self imposed deadline for my next "simplistic" have a look at the work needed to do this selection "right". IMHO as always!

Speculation about how your AV or mine might do or would have or could have done if only this had happened is known as post purchase rationalization. I'm suffering from it myself on BD BUT until it falls off my top group list I'm holding.

If it falls and then subscription lapses and if it is still off my list then BD will be replaced. We aren't married to vendors are we?

 

To me detection rate is not the holy crale, because in the next testing round product X could become nr 1. Take a look at support quality, system resource, easy of use...

 

I guess I'll at least know that I am being better protected that if I were using NOD32.

Very impressive!

 

Originally posted by Trjam

I guess the moral is that people change their mind. Sometimes they have a reason and sometimes they don't - sometimes it takes two years, sometimes it doesn't https://www.wilderssecurity.com/showthread.php?t=167555&highlight=trjam

 

To put things in perspective.
The OP cleary stated it was one event and his personal experience.

This is akin to MDs publishing single Case Reports in the medical journals.
Evryone reading these reports cleary understand that it is simply the experience of one individual BUT no one takes their conclusions as the definite law!

These case reports sometimes stimulate other researchers to undertake scientific studies based on the single case report, (very large groups of test subjects vs controls, double blinded, randomized etc. etc.)
Only after a few of these types of peer-reviewd studies are accepted for publishing by the major medical journals, can some type of "conclusion" be made... (and even then....)

I would think it should be the same with the OP's experience/case study.
It is an interesting read.
But again, one single case study does not make for an at-large conclusion (about any A-V, software, drug, product etc.)