Eset - PC Pro review

Discussion in 'ESET NOD32 Antivirus' started by volvic, May 21, 2011.

Thread Status:
Not open for further replies.
  1. volvic

    volvic Registered Member

    Joined:
    Aug 17, 2009
    Posts:
    220
  2. volvic

    volvic Registered Member

    Joined:
    Aug 17, 2009
    Posts:
    220
    and what we have been saying for ages:

    Unfortunately, Smart Security 4 shares one less-prestigious characteristic with its earlier incarnation. Its performance in our simple malware detection test wasn't shameful, but it failed to keep up with its rivals, indentifying only 90% of threats in this month's test. It overlooked an Ardamax dropper and a generic Krap.G Trojan that were caught by all its competitors.

    For that reason, we're held back from recommending Eset's offering as a general-purpose security suite. But if a light footprint or an impeccable firewall are more important to you than comprehensive malware detection, it's a fine choice; and while the new features in version 4 are hardly thrilling, they certainly do no harm.
     
  3. Dermot7

    Dermot7 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    3,196
    Location:
    Surrey, England.
    Review is dated 24th March 2009, and for ESS( not NOD32), is this relevant?
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    1, simple malware detection test
    If 2 samples were undetected and represented 10% out of all tested samples, the test set must have consisted of 20 samples out of which 18 (90%) were detected by ESET.
    Needless to say this is a very small test set to make any conclusions given that dozens of thousands of new threats emerge on a daily basis.
    What I'm missing is a description of the methodology used which is a necessity when one wants to make unbiased conclusions.
    Were the samples tested for functionality, ie. all samples were saved to the disk and executed, without the malware being detected and blocked? Did the malware actually perform any malicious action? What was the source of the samples? Couldn't it be that they were re-packed samples or samples used only in laboratories with no or little occurrence among users?

    2, As for Ardamax, I've seen tons of Ardamax dropper variants that were detected by ESET perfectly. Generally, when speaking about droppers it is much more important to detect dropped malicious files than the droppers themselves that can be created using various methods to evade detection. In the end, it is the dropped malicious files themselves that pose a risk and should be blocked. There was no mention of whether ESET detected and blocked all actually dangerous payload. Again, we don't know if they executed the dropper and whether it actually worked and dropped certain files.

    3, Krap.G
    I've searched for this detection of all other vendors and found a few which are really crap as the name says. It's a sort of packer detection which, in principle, can be triggered on legit or non-functional corrupted files. Again, we have no clue if they were actually able to execute the sample and if it actually did something malicious.

    Here I would emphasize that ESET uses code analysis carried out by advanced heuristics. That said, there's a tiny chance it would detect corrupted or otherwise non-functional files. I've run into a lot of cases when alleged malware was detected by > 35-40 AV vendors at VirusTotal but in the end the sample turned out to be non-functional and because of this it was not detected by ESET.
     
    Last edited: May 21, 2011
  5. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    No it's not relevant at all :thumbd:
     
  6. dannyboy

    dannyboy Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    113
    Location:
    UK
    Why post a review from more than 2 years ago? o_O
     
Thread Status:
Not open for further replies.