NOD32 vs the rest...

EDIT: Removing this post from this thread.

 

NewNOD: this is ESET's Official forum which is why the mods in this forum are ESET staff and resellers (although as you've noticed other resellers often post here asking for assistance or providing input, and often their questions or comments include that info so one cannot just assume they are posing as shills, especially when they are discussing problems and their clients).

While the USA site and some others do not link directly to this site, the Oz site and perhaps a couple others do. That is a failing (among many others) of the main USA and other regional ESET sites. But this isn't a fan forum IMO, as one can tell by the many issues or criticisms raised here by users and other parties.

 

Yes I know, but so does Norto's BloodHound, MacAffe's whatever. EVery AV theese days have a heuritics scanner since only a few bytes added to a viral code end will bypass post definitions thus Heuritics are a common thing. I know that Nod32 has a stron Heuritics scanner but in my everyday life where I get new virrii and trojans from people the heurtics even the /ah flag detects the new code just ~20% of the time if that. Therefore the remaining 80%+ is up to the definitions.
If one company releases the Defs sooner then the other, then the company that did release the defs have ~100% chance of detecting the infiltration whereupon the company that did not must relay on heuritics which on occasions are only 20% effective.

I am not saying that NOD32 is bad I am just stateing that it's illogical to place your faith into one company, it's good to have an open mind since this is not a perfect world and thus perfection is impossible to attain. All things being equal NOD32 is a very good anti-virus, it does have it's drawbacks and it sometimes misses a few infections but so does the other companies product. Sometimes Nod32 might detect a bug that Norton, Kav, Bitdefender, Vexira, Sophos, F-prot, Panda, Macaffe, Atrend, Command does not and sometimes it's the opposite. There is many AV programs out there each with it's own heuritics algorithms some are better and some are worse but heuritics are nothing compared to solid definitions.

 

>Using the term "Official" in the name of a web site where I come from does not automatically constitute official sanctioning. If you are slightly familiar with the world of www, you'd know that many celebrity fan sites, for instance, may call themselves the "Official Joe Bob Site" but Joe Bob will disclaim any dealings or connection with said site. The only way this would be an official " web site that everyone would understand was connected to Eset and its partners would be for its pages to be part of the www.eset.com (if it existed), or part of the www.nod32.com domain. As far as I can tell, there is not even a link to this site from the Eset site, so how "official" is one supposed to believe this is?

This is the Official NOD32 forum. How do I know? Because I was the catalyst that got this forum created.
A little over a year ago, I was trialling NOD32 and I sent Eset, by email, some undetected samples. I also posted in the UNOFFICIAL NOD32 forum at Becky's. I then began discussing this in one of the first of the many "notorious" threads at DSLReports on NOD32. I didn't receive any response from Eset about my submission and didn't get any official Eset response at Becky's either. Two weeks went by with no response from Eset. Enter Rodzilla. Rod is awesome in action. He called Anton in New Orleans (the Eset biggies were all there for a major virus conference) and Anton called home to find out why I had been ignored by tech support. Turned out it was one of those human errors. Eset experts had looked at my submission and found that, although every other av I had run the samples by detected most or all of these, NOD32 detected two and did not detect the other two because they were corrupt/empty samples. NOD32 ignored them for this reason as being corrupt/empty they were harmless as they could not be executed. Then the Eset expert forgot to tell tech support so they could notify me by email.

This incident was the catalyst for Rod. He had been wanting to set up an official Eset NOD 32 forum and hadn't had the time. Becky's had Eset moderators there on a sporadic basis and Rod felt this was not good. He wanted an official forum. After my experience, which was upsetting to me and had me thinking I would not use NOD32 beyond the trial, and got negative exposure for NOD32, he felt it was even more imperative to set this up immediately. That is what he proceeded to do singlehandly and he chose this site to host the forum primarily because it is an excellent security site and also because he has great respect and friendship for Paul and has known him for many years.

After getting the forum set up in record time, I think, he then proceeded to convince many of the Eset owner/sellers around the globe to join as Mods here which I think is a big plus and a wonderful accomplishment as this forum has benefited a lot from having more than just Eset techs as the Mods. (This is not in any way to say that Jan's help here isn't excellent and much needed and appreciated...I think Jan's presence is essential). However, I think we also benefit from the other mods we have. For instance, we users probably wouldn't have access to Paolo's shell extension for the advanced heuristics if Rod hadn't encouraged NOD32 owners like him to become mods here in this forum.

So, yes, this IS the Official NOD32 forum. Rod's Australia NOD32 site provides an official link to this forum as the official support forum. Why the U.S. site doesn't do this? I have no idea and I have suggested that they do so.

As to the problem discussed in this thread about W98 and NOD32 causing kernal32 errors, I have W98SE on the box that I have NOD32 on and I have not had any problem of this nature with either version 1 or 2. In fact, one of the main reasons I like NOD32 so much is that it is the ONLY av I have tried that doesn't cause moderate to severe problems on W98! It runs smoothly, and uses less resources than many other av especially if you turn off windows graphics in version 2. I had the problem with the mouse stuttering when downloading new definitions in version 1 but I have not had that problem in version 2 and the downloads are so fast that it was a minor problem when I had it.

 

I fully share the views of TESTG....oh wait.

 

LOL TestG, and oh, welcome Temp

 

Okay...for everyone who wants to tell me this is the Official forum:

1) Thank you;
2) It's not necessary.

I know this is the "official" website forum for NOD32, but not for any other reason than I have been reading since May/June 2003.

In my previous posts where the "officialness" of the website was discussed, I was pointing out that regardless of the title of the forum (official in the title doesn't necessarily mean anything), by all other appearances, especially to new participants or people who drop by only occasionally, this forum looks to be an independent forum. As such, some people may not realize that the "advice" and "opinions" they are recieving may be coming from individuals/moderators with a vested interest in the product.

If the website domain were ESET or NOD32, the connection between the forum, the company and its partners would be fairly evident. As it stands this is not evident until one reads the forum for a while.

And yes, to the optimist, setting up a NOD32 forum on www.wilderssecurity.com and "inviting" resellers/partners to moderate seems like a good idea. What with all the expertise they can provide and all.

To the cynical, skeptical, realist it looks like a half-baked attempt to disguise a marketing tool as a forum. Bet ol' Rod had a really hard time convincing a bunch a resellers that a forum where they could promote their product was a good idea.

 

Gee, I'd think seeing some users and resellers posting about problems or complaining about a lack of timely effective support from ESET might have the opposite impact.

But your objections re: "officialness" also apply to the open TDS forum here, the Trojan Hunter forum at Gladiator's (it may still be there with Magnus moderating, I haven't checked lately) as well as the two PSC forums at MTM's and the former Gladiator's sites where the CEO is the forum mod. In none of these cases do I believe there is any propensity to be deceptive by having their forums hosted on third party boards and the presence of other users and vendor reps is generally considered a plus for those who visit and seek assistance.

There also are some other software vendor owned and run sites (not necessarily in this field) where no criticism or uncomfortable questions are allowed. I don't believe that is generally the case with these other venues as a visitor can usually readily see for himself.

In no case where any software vendor of any kind of product provides support, would one expect any vendor rep to say, "I confess, our product is crap and we're hanging on by our fingernails." (However refreshing that might be to see. LOL) But owning up to limitations or problems and then addressing them in a timely and effective manner is a factor that can be objectively judged by both users, potential users and lookiloos alike.

The advantage of an open forum, wherever it may be hosted, is that anyone can see for himself and make his own decision if a product is something he wants to try and/or keep based on a number of factors.

 

As far as official forum goes, I posed this exact questin to Larry McJanet at NOD USA. His response was:

"I guess it is a matter of definition - I know that one of the senior guys monitors and works that site but for
my definition the official support site is Support@eset.com"

 

Well here's where ESET was actively seeking and taking reports during its version 2 beta trials. And if I recall correctly long ago ESET announced that Jan was assigned to provide forum support. That's fairly official.

In part the forum was started to take some of the workload off of support@Eset through peer to peer support as well as vendor and reseller direct support. And perhaps it also was a bit of a PR move, although PRwise ESET appears a bit tonedeaf IMO.

Additionally, sometimes customers succeed in getting support from ESET as a result of posting here when Paul Wilders provides a bit of a friendly prod when reps here or support@eset have been not as timely in providing an effective response.

So this is an ESET official response venue and is not comparable to posting at dslr and on occasion happening to get a response from a ZoneLabs or Symantec employee.

 

I forgot to add that this info from Larry McJanet at NOD was dated Oct 28th, 2003.

 

That makes no difference, whether it was today or 3 months ago, if Larry wants to quibble about semantics.

But given that's his stance, I recommend everyone who posts here also send an email with his/her questions and issues to support@eset.com

 

Yes, I would agree. In fact, I have previously seen that mentioned here several times when things can't be answered by posting in this forum, etc...

 

To be a bit more serious in my response, there are a lot of basic questions that can be dealt with here and so siphoned off from the more formal direct support line. So the forum benefits both users and ESET staff in that respect. Although as noted, most ESET websites make no mention of the support forum at all.

Some issues posted here need more info, investigation and/or review by technical staff so on occasion some of those raised here do get dealt with on a one on one basis, just as if they had been emailed to ESET directly.

The two venues compliment each other but this forum can be best viewed as augmenting direct one on one vendor support ; it doesn't replace it.

 

Sorry, LWM, you are correct. I shall eat my cookies in shame. And then explode.

Frankly, as regards the original poster I suspect that your safe computing habits probably would keep you in good stead regardless of what reputable AV you use. Are you looking for something better or simply different?

If you already are rather cautious in your habits and limit the potential avenues for exploitation by malware, you might be looking for something lighter on your system that still gives you reasonable protection. NOD would probably fit that bill, especially if you already run an AT like TDS, Trojan Hunter or BOClean.

One NOD feature that appears to be a significant improvement and according to reports has assisted in catching new email borne worms, before updated virus signature definitions were available, is version 2's advanced heuristics used in IMON, the POP 3 email scanner. Now if you don't use an email client to view your email, this may not be of assistance to you. If you do and in your opinion you might be most likely to see email borne malware rather than trojans stuffed in warez or other common sources of malware (such as Kazaa, for one example), then you might want to give NOD a look.

If people are content with their AV and it and their own cautious computing habits have served well for years I don't encourage them to switch just for the sake of change.

Each AV has its own strengths and weaknesses or drawbacks. KAV is highly regarded but run at full strength is reportedly heavy on resources. Some people don't want to deal with that or their older systems don't allow it. Sometimes NOD's heuristics "beat" KAV's and McAfee's when a newly introduced email virus is on the loose and updates have not yet been issued Usually though these companies do a very good job at updating against the latest ITW threats. NOD IMO doesn't compete with KAV or McAfee in terms of trojans and runtime packers and that sort of thing. But I've not seen any trojans and more exotic stuff in ordinary daily use in years of relatively cautious computing. And I have an AT just in case I do.

And NAV 2004 reportedly is much improved with new features that some find useful.

As viewing some of the comments and threads here will reveal, NOD still does have some quirks. For some they pose a problem, for others not. So while I use it and have had no real issues with it, it might not meet others' preferences when compared to the GUI and features of say NAV for example. Can one be well protected using NOD and practicing safe hex? Sure. But you've evidently already found that to also be the case with NAV. Often the user is far more important a factor than the brand of AV one uses.

Sorry to not have been more helpful.

 

An additional possibility is WormGuard from DiamondCS.

Sorry to hear of Win98 problems. We use 98SE (is yours SE?) and we have no problems.

And a general response:
Most people (whether they realise it or not) desire just one programme to accomplish many security/privacy tasks. What they want is one program to be an effective:

Firewall
Anti-Virus
Anti-Trojan
Anti-Worm
Anti-Spyware
Privacy Protector and
Browser Protector

It would truly be quite a programme and perhaps one day we shall have such a wonder. Meanwhile - if we are fully layered then we shall have the best opportunity to withstand every threat to our computer.

Best wishes

 

My thanks to GuruGuy, Blackspear and NewNod for replies. I think that
is everybody.

 

EDIT: Removing this post from this thread.

 

Here's to hoping that you are absolutely right and I am absolutely wrong!

Acadia

 

For Paul Wilders:

I wrote the following comments last night, but by the time I was ready to post, I saw LowWaterMark's request for everyone to get back on topic. So, I honored that. However, seeing your (Paul's) response, I feel compelled to go ahead with my post. What struck me is your inability to acknowledge that getting sales people involved might give out the wrong signals. How many people here would criticize certain magazines for accepting advertising from companies' whose software is reviewed / praised favorably in those magazines? It happens all the time, but people are aware of it and adjust their skepticism accordingly. I have noted your denial of the events as Mele20 saw them regarding the establishment of this forum (which probably is a good thing), but with that said, here goes:

______

Sig wrote regarding my "objections" (really just observations) about a forum modded by resellers and the implications that may have in certain situations:

I never said they didn't apply to other similarly structured forums. It's as simple as this: if you know who you are dealing with, you will ask certain questions and avoid others. When someone asks a "compare & contrast" question on a forum like this, I think it's only fair to point out that the answers will be coming, in some cases, from people with a vested interest in the product. Anyone willing to ask such a question is likely to have come here thinking that there was no relationship between this site and Eset or its partners.

According to GuruGuy, even Eset's rep distances his company from this forum in correspondence, probably at the insistance of an attorney or two. If Eset really wanted to provide this forum in a proper way (and not a low budget way), it would have been set up under Eset's domain staffed by technical people. No one would be asking opinion-based questions because they would understand that such a question would get an obviously biased answer. So based on Guru's info and on the expose from Mele20, this is the "official site but not really the official site". The resellers think it's the official site but Eset doesn't recognize it as such in writing. Eset benefits from certain aspects (like the beta testing info) without officially recognizing the forum as theirs (thus avoiding any potential black eyes from misinformation, bad information, slow reponses etc. given out in the forum), and the resellers benefit by using it to promote the product (which ultimately benefits Eset). And, Wilders benefits by selling space and bandwidth. Nice set-up. The forum user benefits or suffers depending on his ability to filter the sales promotions from unbiased opinions/advice.

Based on what Mele20 said (referring to Rod/zilla setting up this forum):

one could take this a step further by asking whether the integrity of the entire Wilders site is above reproach...or not. Is Mele20 referring to Paul as in Paul Wilders? Is his friendship with Rod something to consider when reading that Wilders.org ranks NOD32 as the "best choice" for anti-virus software? Are these facts coincidental: Wormguard, TDS-3 (I use this product), and NOD32 all have their forums hosted by Wilders Security and they all have been given the Wilders.org "best" ranking.

None of the above proves anything... but any good consumer would have to take these things into consideration when reading the reviews. Having sales people involved will always bring a taint to the discussion of any product, and that is a well recognized.

 

Very well said!