WOW have you guys read the PCMAG review of nod32?

Discussion in 'NOD32 version 2 Forum' started by tempnexus, May 13, 2004.

Thread Status:
Not open for further replies.
  1. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
    Scanning speed is nice but it doesn't actually protect your PC. And there are trade offs ESET has made for scanning speed. Some trade offs that do involve proactive rather than reactive detection. (KAV for example is not known for being a speedster, but it apparently can do some things NOD can't in terms of detecting without actually first uncompressing a compressed file and/or running an executable. And that is important to a lot of people.)

    Detection performance is the critical factor I've been discussing here and is where the testing methodology is critical. The test unquestionably indicates that Norton and McAfee have the best detection rates.

    So I do not concur that a careful reader would come away after reading the test results with the conclusion that NOD is the best scanner. I certainly don't. The 31 false positives alone are enough to sink it in that competition. I don't necessarily credit the false positive results as I noted earlier. But in my view false positives can be more dangerous than a missed virus if a user cripples his system based on trusting an AV when it's reporting fp's (as some novice Dr. Web users have discovered). No way is a reader, casual or otherwise, going to consider NOD the "best" AV based on that test's results.
     
  2. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    I don't have the time or patience like Sig :) and others to try and teach you. I'll just be blunt. Please grow up! Each succeeding comment you make in this thread and others here, where you are so chatty, just reveals more and more ignorance not only of AV's but of how things work in this world in general.

    I'll give you a little clue though. When you take exception to someone like Sig who is one of the most respected and knowledgeable members here, and at my home site of dslreports, you make yourself look dumb. I thought your user name was just supposed to be a joke but now it appears quite apt. ;)
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    163,085
    Location:
    Texas
    Mele20
    Please respect people and their comments. No need to be rude.
    This is a learning and support forum. Everyone doesn't have the knowledge you do or Sig or others. We all started somewhere. :)
     
  4. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Absolutely,

    No need for any personal remarks. Let's all have a civil discussion here.


    snowbound
     
  5. Sandish

    Sandish Registered Member

    Joined:
    Apr 29, 2004
    Posts:
    51
    Oh my god - i didn´t know that there are people here that are forced to read each and every post. :eek: I´m realy sorry for you Mele. :doubt:

    I just thought this forum was up for discussion. So if i got it right there is a rule that if a Senior Member gives an answer there is no further need to post another opinion since they are always right?

    Come on, if she wants to disuss it - let her, just ignore her post if it bothers you that much. ;)
     
  6. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA
    Understood. But what I really don't understand is how they selected PC-cillin as the top product based on their own stats.

    Sorry Sig. Didn't mean to offend. I appreciate your comments.

    Maybe so. Sorry oh great one.
     
  7. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
    Yikes! I keep telling people I don't know anything, really. :D Well, certainly not much. Very little, in fact. ;)

    Naw, we're just having a discussion which may or may not be interesting or informational. And here or in the other AV forum we can pick at tests and analyze stuff that in the real world no average user would care to listen to for a minute. ;) Mostly I want to know how the heck AV-Test managed to get NOD to give them 31 false positives. o_O

    And also, if a test is credible and reliable I could refer people to it, like a cheat sheet. The VB test has its limitations (no trojans) but within those limitations it's OK as a starting point to look at various AV's although just relying on the summary 100% awards could be misleading as to the overall value of an AV. But at least people (paying subscribers at least) can review what they've done and how.

    PCWorld really is reviewing security suites and is telling people that for the money the PC-cillin suite overall was the best deal based on cost, ease of use and AV detection wasn't the primary consideration. (Apparently they also had problems using McAfee which didn't help despite its detection abilities.) I personally don't care for suites (although they are attractive to a lot of users...they just get the package and go with that) and to my mind a good deal isn't very good if the protection afforded isn't necessarily enough for the user's computing habits, which their own test results would suggest. It's kind of like looking at a test where AVG doesn't do as well as some other AV's but since it's free one can say it's the best deal. ;)

    As for testing in general, I'm not surprised if people throw a whole lot of glop into a big bucket and KAV detects the most and McAfee runs a second. A lot of AV tests are like that. They'll have zoo viruses that exist only in collections and have never been released in the wild or garbage files (bits of code, viruses that don't work or aren't really viruses, etc.). When it comes to a database test on that score alone KAV has the edge I figure.

    Then there are trojans. Trojans can be problematical for AV's. Sometimes if they detect them they aren't good at removing them. So dedicated AT's are recommended for adventurous websurfers regardless of what AV they use.

    NOD has improved and has room for more improvement to meet real current and as yet unknown threats. It's not KAV and I really don't see any reason to try and make it so (as another thread in the other AV forum seems to want to do, LOL). But it can be improved and to the extent that it can be done without becoming another PC borging draining app, I hope ESET will continue to do so.
     
  8. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    Snowbound posted already that we don't want any personal remarks in here and unless my eyes deceive me, there has been two more made since then. If I see any more such remarks I'll close the thread.
     
  9. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    778
    Location:
    Headquarters - London & Field Offices -Worldwide
    So now we went out to acquire a copy of the June 8, 2004 issue of PCMag.

    On page 114 there is an article by Larry Seltzer with a title of "ANTIVIRUS:Why Your Antivirus Program Won't Catch The Next Attack".

    On page 116 in the "Conclusions" section he says, "But our testing - and all other evidence - shows that today's heuristics cannot be an effective tool on a single-user PC."

    Under the individual comments for NOD32 Antivirus System he states "The bottom line is that NOD32's failure to detect any of the new vuruses in the e-mail stream speaks badly of its capabilities."

    The fact is that NOD32 stops and has stopped 100% of all in the wild virii from infecting a system. If a virus enters a computer for example through an e-mail attachment but has not executed its payload then no harm, damage or threat has come to the computer up to that point. If then the virus were to execute successfully the computer would suffer harm and/or damage. NOD32 stops all ITW virii from executing and damaging a computer. Hence its protection. Computers using NOD32 have protection from harm and damage from virii. If the virus does not/can not execute then there is no harm or damage. Hence 100% protection.

    What of it if it never has the chance to execute? Sure we all wish to never even have a virus in our computer but if a virus does not/can not execute then it is just so much code and no threat in reality, not now or as long as NOD32 is installed and running properly set.

    Scan speed, light on system resources, ability to catch Trojans and worms, user interface etc. make for interesting and exciting topics but in the end can you not imagine an article like "ANTIVIRUS:Why Your Antivirus Program Will Catch The Next Attack Against Its Reputation By Inferiour Testing Methods?"

    Be seeing you
     
  10. tempnexus

    tempnexus Registered Member

    Joined:
    Apr 16, 2003
    Posts:
    280

    Sorry I don't really keep logs, since I ghost the drives one in a while. BUt everything that infects me I send to them so they should know.
    But if my word is in question and if I really need logs to prove that what I am saying is right then ok from now on I will keep logs and post them but be warned what I will post will not look pretty for NOD32 rep.

    But if you really need some fun just pm me and I will send you one which I've sent to NOD32 42 hours ago currently it's not up yet...so you can test the /ah on that.
     
  11. Q Section

    Q Section Registered Member

    Joined:
    Feb 5, 2003
    Posts:
    778
    Location:
    Headquarters - London & Field Offices -Worldwide
    tempnexus -
    Thank you for the offer but we do not test malware. It is not that you are not trusted but many times it turns out that a security program user either has not got the program set to maximum protection or the program was not installed properly or the user has a wrong idea about what the individual program is supposed to do.

    As in our earlier post we mentioned that a virus may be downloaded via an e-mail attachment for example and has not or was not set to execute immediately. NOD32 catches virii upon execution attempt of the virus and not necessarily upon download.

    So if you are saying that NOD32 does not stop a certain ITW virus from executing on a system then we would like to hear about it. If we get a name of an ITW virus that allegedly executes that NOD32 does not stop from executing and ESET (or some third-party independent trusted organisation) verifies then we shall have the question settled. (Side note - every virus may not have been given a name at the onset of its "career" but some designation can be temporarily useful.)

    This seems like a fair way to go about obtaining any such information does it not?

    Thank you
     
  12. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
    Tempnexus: I've seen several of your threads in various places where you've recently had some frustrating experiences with clients' PC's. I don't think QSection has seen some of your other recent threads as I have. Although my memory of them all is a bit fuzzy at the moment I do recall you were having a heck of a time.

    One thread on sasser if I recall correctly was puzzling. Although I think someone suggested in a thread (if not perhaps in your thread) that perhaps the attempt to infect was enough to result in the PC rebooting even if it wasn't actually infected. I dunno. But I wondered if IMON is now supposed to protect against network-borne worms (or so I understand), what happened?

    Anyway, I know you've had a difficult time of late and I can certainly understand that you're not at all a happy camper as a result of your recent experiences.
     
    Last edited: May 16, 2004
  13. anders

    anders Eset Staff Account

    Joined:
    Oct 25, 2002
    Posts:
    410
    Sorry if I missed if someone pointed out the obvious...

    Note the "separate outbreak response survey" text.. that's important.. It's a different test.. NOD32 wasn't included in that test. Don't know why.. but.. NOD32 detected the tested Netsky variant without updates with its advanced heuristics (it also detected the first variant of Netsky, and the first variant of Bagle, and a big bunch of other worms, with the advanced heuristics, without the need for an update).

    I'm quite sure that Eset isn't done with this issue, and that Av-Test will provide detailed information (samples?) regarding the files that caused problems (31(!) false positives, and which new malware they scanned with the heuristics)

    Best regards,
    Anders
     
  14. sig

    sig Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    716
    That was my point earlier: Marx's early response surveys do not include NOD so I don't see how they can be said to "confirm" the tests results featured in PCWorld in regards to NOD. His article on how the outbreak response surveys are conducted is here : http://www.av-test.org/down/papers/2004-02_vb_outbreak.pdf

    I also find assertions that IMON doesn't detect *any* new email worms heuristically as extremely curious. Not that I think IMON necessarily does or will detect *all* new critters all the time just with heuristics alone. But "none?"
     
    Last edited: May 16, 2004
  15. spm

    spm Registered Member

    Joined:
    Dec 9, 2002
    Posts:
    440
    Location:
    U.K.
    Look guys - this thread consists of absolutely nothing but truck loads of hot air. I'm not saying the PCWorld tests were valid, and not that they were invalid. I'm also not saying whether their conclusions were valid, nor that their conclusions were invalid (and the conclusions can be valid, even if the methodolgy was not perfect).

    There are some people here who are so lacking in character and so lacking in common sense that they are completely unable to stomach the fact that their beloved NOD32 is not as perfect as they so mistakenly believe.

    Grow up, please.

    When you actually have (a) specific evidence which invalidates the testing methodolgy used in the referred-to test and (b) specific evidence which materially invalidates the conclusions of the test, then post it here. So far - on 4 pages of this thread - there is absolutely none. So your hollow attempts at discrediting something you don't even know to be true (or otherwise) speaks volumes about you, and nothing else.
     
  16. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,475
    Location:
    The Netherlands
    Wether or not tests are valid or not is the main issue here.

    No offense, but you are missing the point. No software is perfect, all can be improved, wether it's NOD32, KAV or whatever software. The issue here is a simple one: a test without backup and software involved. NOD32 is one of these softwares.

    Grin...you are turning things upside down. In case for example I would publish a test stating the brakes from a a Mercedes don't function very well, I'm pretty sure Mercedes owners would like to know how, where, under which conditions etc. I tested those breaks. In case I as the tester wouldn't come up with those facts, it's me who's to blame - not the Merc owners.

    Read my comment above once more, and thanks for your personal point of view.

    regards.

    paul
     
  17. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    I don't usually pay much attention to these tests, nor post to any of these type of threads as long as NOD32 is working well for me.

    However, when they report that NOD32 had 31 false positives on clean files
    that just doesn't seem valid from what other real world users post on this and other forums.
     
  18. Grasshopper

    Grasshopper Registered Member

    Joined:
    Sep 30, 2002
    Posts:
    77
    Hi Folks ,

    I've used Nod for awhile and I've danced around in a few sites I shouldn't be in as far as security is concerned and Nod has never allowed anything into my system . In that sense I am very happy with My AV .
    I've read a lot of negative comments about NOD and an equal amount of negative comments about some of the tests performed on it , I was wondering if there are any test groups or persons other than VB that have tested most of the big AVs out there ,and the folks here at Wilder's would consider reputable and reliable?
    Just curious .
    Thanks
    Frank
     
  19. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,475
    Location:
    The Netherlands
    Seems like a soound approach.

    It boils down to what has been expressed many times in this thread: deliver the test goods - and sofar, this hasn't been the case :rolleyes:

    regards.

    paul
     
  20. Charon

    Charon Guest

    The printed VB magazine lists all the viruses used in each test. They are all real viruses, with none of the crap used by AV-Test. This alone makes VB superior.
     
  21. Charon

    Charon Guest

    Larry Seltzer should stick to writing about soundcards, because he knows nothing about anti-virus software.
     
  22. Charon

    Charon Guest

    It's not "extremely curious", it's "absolute crap".
     
  23. Charon

    Charon Guest

    There are some people here who are so lacking in character and so lacking in common sense that they are completely unable to stomach the fact that their beloved AV-Test is not as perfect as they so mistakenly believe.
     
  24. Charon

    Charon Guest

    An excellent comparison.
     
  25. Charon

    Charon Guest

    It's an unbelievable figure when you consider NOD32 generated only ONE false positive in SIX YEARS of VB testing. It's even more unbelievable when you consider PCMAG's test generated 31 false positives from 3,700,000 files and PCWORLD's test done by the same guy generated 30 false positives from only 20,000 files. It smells like test-set-rigging.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.