2004 Test Review of Latest AV: NOD32 performs poorly

Nameless, AVP detected CIH virus 22 days before Symantec or any other av. So what? Someone is always first, someone is always last, but most times, Symantec is not first.

 

Yes someone is first and someone is last but no AV vendor worth their salt should be 8 days/22 days behind any of the others,normally the updates should be within hours of each other(perhaps a day can be forgiven but 8!!?,22!!! no excuses unless of course all the company takes their annual leave at same time(meant as joke)but the should book the same weeks as the malware writers!)

 

True, lagging 8 days behind Symantec /Norton and 22 days behind AVP sounds sigificant, but it does not tell a complete story. What if we're talking about a virus not in the wild? Wouldn't that be a horse of a different color?

As it turns out, W32.Dumaru.AH@mm (W32/Mimail.u@MM) is listed on Symantec's site as "low distribution (localized or non-wild)", and the number of infections is given as 0 - 49. So it is ITW, but barely. All in all, I'm not terribly concerned over an eight day lag on this one.

Also, Nameless's post doesn't seem to directly address QSection's challenge to identify an infection that NOD32 has failed to prevent.

Having said all this, I will now hit the deck and crawl out of the saloon before a barstool gets swung in my direction.

Best regards to all of you,
Optigrab

 

No need for concern--I won't get emotional over NOD32 of all things.

The request was "Can you document just one case of NOD32 not stopping an in the wild virus?" I can't give the names, addresses, and birth dates of NOD32 users who became infected by Dumaru.AH, no. But obviously if you ran NOD32 exclusively, you'd have been open to that virus during that long window.

Sure, the occurrence is low, but the "Distribution" (potential for rapid distribution) is high.

Obviously, if you're not a total dope who opens everything that enters your inbox, you've already got "common sense heuristics" in place, so this virus is not a real threat to you. It's just nice to know that your scanner will back you up if you have a momentary lapse of sense (as we all do from time to time).

@Bender: And you won't find me touting the responsiveness of Symantec! Quite the opposite; the fact that Symantec was on this by February 10 goes to show when even a slow AV company was able to respond to it.

I'm sure this thread will get locked, just like any other thread that calls NOD32's capabilities into question to any extent.

 

It may not be as important to be lagging behind with some viruses but it is still important,millions of customers rely on these firms to protect their PCs,and if you are the one to get infected it matters to you that the AV vendor whose product you use didn't consider the outbreak"wide enough" to warrant a speedy update!
We all pay our money for protection not "protection if they feel like it or can be bothered"

 

Amen to that (my lapses aren't really momentary).

Cheers,
Optigrab