NOD fails to detect its own crack as malware

Zombini, let me say that I totally understand where you are coming from. I also understand that you would not literally go into the IT Director's office and call their current product crap, but you were just saying that to prove a point; namely, you need good hard facts and plenty of supporting evidence to convince them to switch over to a different antivirus program.

Zombini has stated before that he has heard things about NOD32 for the past 6-8 months, so obviously he knows something about NOD32. That does not mean he has used it before, so of course he cannot be intimately familiar with it. That is the whole point of testing it out and asking questions about it.

Whether or not the IT Director at the company *should* have heard about NOD32 is irrelevant. The case still needs to be made that NOD32 is so much better than other antivirus solutions, a change is warranted. If NOD32 comes out in a tie with McAfee, or even a little bit ahead, that is probably not good enough to convince the company to switch over. Even if it is vastly superior, there is still the matter of convincing the company of that.

Zombini, I do not know if you realize this or not (you probably do), but Marcos is one of the top researchers at Eset. When he asks you to send a file in, there is a pretty good chance that it will be looked at. You do already have his attention, after all.

Since you are looking at the big picture of how NOD32 would fit into the company, I recommend you contact Eset sales and ask them for a trial version of the Enterprise edition, which includes the Remote Administrator utilities. That is what we did when our company was evaluating antivirus programs, and I am very glad we did.

 

One personal swipe removed.

Blackspear.

 

Good luck finding out that information on Vista or any other future plans.
I asked here a few months ago before renewing my license and got told that ESET shouldn't have to release information on future updates. And plans on future operating systems because the current one works fine and Vista is in beta.
Which is partly true/fine, they don't HAVE to. I renewed anyway. (don't care enough to go to the trouble of find anything new and never get viruses).
Still!!
If you are buying a license for a year or more. It would be "nice" to have some information of what that license gets you for the year/s. Like, does the the license allow for a new operating system.. and so on. When NOD32 is updated to a full security suite, with firewall and so on, will the current license get you that full update or only for the current anti virus version.
But customers don't matter do they.....
I am hoping that I won't need anti virus for Vista. If Microsoft pull that one out of the bag then it will be a happy day for all.

Most replys to this thread seems to be very hostile to zombini.......

That isn't of much use, is it? Zombini would no doubt have the answers to all those questions. Why is that your business? He/she was here to try and get some information on the lack of detection of a crack for nod32. I didn't get if that was an actual crack or a Trojan disguised as a crack....whatever ... It doesn't matter.
My point is. Zombini is here, the main NOD32 community, to find some answers for potential anomalies/problems/failures of NOD32. No doubt the other points for testing will be addressed, or not, maybe zombini is crap at his/her job. Who cares, if zombini is out in the market to potentially get a large account for NOD32. That is a good thing, isn't it? Troll or not, questioning the software's claims is perfectly reasonable thing to do. Mindlessly regarding NOD32 as the best in the world, regardless of whether it is or not, is fanboyism. Fanboyism for fricking anti virus software! Virus software is barely more than a necessary evil and some people here are getting angry over whether some one questions it. No, not if they question it, if they question it correctly. I.e. if they do it while saying its great.
Just my 2 cents.

 

Agree there with most of what you're seeing there joeydoo.

Just painted a different picture when reading the posts in different threads made by the OP around the time that this thread was started...and without the benefit of some of the posts that have been made since.

Cheers

 

So far no response to this request. Where is Zombini's file? Is he looking for one to submit? Blackspear is probably correct when he said its a troll.

And if I were a security analyst, I certainly wouldn't use one file to validate a product (if he ever did). Hi Tech Boy did it correctly by looking for and documenting previous tests and examples.

So besides Hi Tech's well thought out informative post, I don't see the point of this thread. We all know anti-malware products can miss malware or give false positives. This so long thread on a file which may or may not have been submitted.

 

I wouldn't say that my own response is hostile, even rereading it in light of your comment. There's a difference between hostile and probing, but maybe I'm simply missing something here. If so, my apologies.

It matters from the perspective of how much emphasis one should devote to the current question and whether the discussion should be broadened. I personally think it is germane since I don't believe there are terribly profound differences in the gross detection characteristics of most top tier products. If there is a specific aspect that a given client is sensitive to for whatever reason, perhaps it makes sense to heavily focus on that dimension. That's why is specifically asked "where is their pain"? It's a simple question, although one all too frequently ignored by people trying to solve the problems of others.

I don't really disagree with you here since I believe NOD32 is one of a number of peer products and choosing any option in that peer group is fairly neutral with respect to detection performance. I realize that this opinion doesn't play well to some - your underlying point is well taken though - an incredible amount of vitriol is spent over a nominal $40/seat purchase.

With respect to how the initial question was posed, it could have been perhaps better put as already acknowledged. With respect to whether the question is a germane one to ask, of course it is since this is a dimension that is heavily marketed by Eset and it is worthwhile to pose the question. My own answer would tend to rely on the more global result provided by the retrospective tests executed at av-comparatives.org. However, I do realize that the real world performance profile of a product is only partially reflected in that test - quick response time and comprehensive coverage of emerging threats can mitigate and even supercede apparently modest results in that specific test protocol, so it's not an end-all discriminator.

As far as providing input, it is always useful to understand the global question. Providing advice based on an out-of-context snippet can be counterproductive at the end of the day, even though the question posed has been answered.

Blue

 

Thanks for the reply there blue.
I mis wrote my hostility comment. I merely got that feeling from the entire thread. My quote of your's was more for the "lack of use" thing.

Zombini's original post was indeed badly made for extracting the information that was wanted. And the comments from he/she were just as hostile. So maybe zombini is a troll. But trolls don't propagate in forums that don't cater for trolls.

 

Been a little busy with setting up some test cases. Will send the file in tonight Pacific time both to ESET and virustotal. Regards.