Farewell NOD . . .

Discussion in 'NOD32 version 2 Forum' started by lillmommas, Sep 6, 2004.

Thread Status:
Not open for further replies.
  1. lillmommas

    lillmommas Registered Member

    Joined:
    Aug 17, 2004
    Posts:
    6
    Hello - I just wanted to share some impressions of NOD while I have been trialling over the last month or so:

    * It's light on resources until you discover that it's not scanning inside zip archives.

    * Then you notice that RAR files (the most popular compression file on the net) is not in the list of extensions to scan.

    *Then you add the RAR extension to the list of file types to scan and realise that NOD only the scans the RAR file itself (not any file contained in the RAR archive).

    * When you finally have to resort to forcing NOD to scan all file types, it becomes the slowest and most resource hungry AV on the market just so it will scan the contents of the most popular compressed file format on the net.

    * When you select to exclude folders from scans - it doesn't exclude those folders (please don't point me to those ridiculous threads about type in directory locations in 8.3 format E.g. C:\My Doc~1 . . . I mean seriously).

    * The update server is frequently overloaded. And no it doesn't matter which update server you pick - it's like Russian roulette . . . this is simply dangerous.

    * It can't handle MAPI email

    * I got a sore finger clicking that stupid "The profile has changed message" every time I did a scan from the context menu. And no, switching off the 'Use MAPI inteface' option doesn't work.

    * Warning bells really started sounding when the (new) download scanning facility corrupts files. The official advice is to jiggle the sliders and keep re-downloading until the file doesn't get corrupted anymore. Are you people serious?

    In short it's back to NAV or McAfee - my journey into alternative AV programs was eye openning and very disturbing.

    :p
     
  2. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    This is why shareware is such a wonderful concept. :) - You can try and see if a program works well for you. NOD32 has worked very well for me.

    I wouldn´t say that a fullscan on 200GB (on 2 harddrives, 80GB free) with "scan all files" option enabled that takes 13 minutes is the slowest AV around. Using 27MB (while scanning with the gui open and 18MB otherwise) resources doesn´t bother me really, especially when it doesn´t slow the system down doing other things with the computer during a scan. But I rarely do a full scan on the computer while working anyway. The only thing that I had to exclude (AMON) was Totalcommander, since it took 4-5 seconds to start.
    Didn´t know this about NOD32 not scanning inside rar-files. (my NOD32 did find a virus inside a zip awhile ago tho) But it does find the virus when trying to unpack the rar-file, so for me that is a minor problem.

    You should use the AV that suite you, and if Mcafee does the job for you, then use it.
     
    Last edited: Sep 6, 2004
  3. mrtwolman

    mrtwolman Eset Staff Account

    Joined:
    Dec 5, 2002
    Posts:
    613
    IMHO NOD32 is no shareware....
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    The NOD32 on-demand scanner as well as IMON scans inside archives provided the appropriate option is selected. Here is an excerpt from Eset's website:

    Virus detection in compressed or protected executable files, such as UPX, AsPack, FSG, Petite, Neolite, ExeStealth, yoda's Crypter, PECompact, Pklite, Lzexe, Diet, Exepack, CPAV .

    Support of many archive formats, e.g. ZIP, RAR, ARJ, LZH, LHA, CAB, CHM, TAR, GZIP.
     
  5. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Really? NOD32 do have a 30 day trial version for download so anybody can try it to see if it works well on their system or not, or to see if it fits their needs. Or maybe it´s called trialware? Anyway, You have the option to try before you buy, that´s what I meant.

    http://www.nod32.com/download/trial.htm
     
    Last edited: Sep 6, 2004
  6. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    13 minutes with everything checked? Gee, I have a 120GB hard drive which is 85 % free and it takes the latest NOD32 35 minutes to scan. Very slow scanning compared to earlier versions of NOD32. KAV only takes a small longer than NOD32 now (about 50 minutes). NOD32 is no longer a fast scanner. It is not as slow as some but it cannot claim any longer to be fast. Plus, I exclude email from scanning so I can just imagine how long it would take if that was included.
     
  7. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    And why on earth would it NOT be ticked as a default setting?

    Who can tell me the logic behind this illogical choice not to have Nod32 set by default at its full strength, it's like wearing body armour on your legs, arms and head, and choosing not to wear it on your chest/main body, I have many words to describe this, and sensible is certainly not one of them...

    Cheers :D
     
  8. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    That means KAV takes 50% longer to do a scan compared to Nod32, doesn't it…

    Cheers :D
     
  9. BlueZannetti

    BlueZannetti Administrator

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    I don't know what to say lillmommas, except my own experience is different.

    I right click to scan a rar archive containing 4 files, and NOD32 confirms 4 files scanned.

    My nightly scan covers about 110,000 files in 51 minutes with all files and archives included. That's not slow. On speed ratio tests with another major AV, same basic scan, NOD32 is roughly 3 times faster. In my own tests, I've found AV's that are in the same speed group as NOD32, and many that are slower to varying degrees. I haven't identified any that are hands-down faster than the "quick" group. Also, membership in these various groups can depend on hardware.

    On exclude - agreed, there needs to be work done here. Users shouldn't be required to jump through these hoops.

    Although I've seen users post update server problems, I simply don't see it with my setup. Occassional failures - yes. Significant disruptions - no.

    All my e-mail is POP3 based, so I can't comment on EMON and MAPI mail.

    On download corruption - again, I've seen the reports but haven't experienced it myself. Yes, I download a fair amount of material and have IMON on. Default settings all around. Most apps running with higher compatibility selected.

    Visit any AV support forum and you'll see reports of compatibility and slowness. This is part of the function of the support forum - to address problems users are experiencing. That's why these issues appear here. This is also why trialing applications is important. I don't doubt your experiences, but they are a reflection of NOD32 combined your local installation. It could be related to marginally compatible processes running on your system, legacy issues with previous applications which may have been subsequently uninstalled, or something else altogether.

    There's absolutely nothing wrong with the other AV's you mention possibly heading back to. Both are fine products with good detection records.

    Blue
     
  10. RejZoR

    RejZoR Registered Member

    Joined:
    May 31, 2004
    Posts:
    6,426
    But KAV also has far better detection over NOD32 thats for sure (no i'm not bashing,just giving well known facts). So you cannot really compare scan times over detection...
     
  11. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    When seeing you scan time, makes me wonder if I got things right so I did a double check.
    I used standard heuristic, not the advanced one in the scan.
    I noticed that I didn´t have "archives" checked, that´s why, but I thought that "scan all files" meant scan all files including archives. Still have things to learn I see :)
    Anyway I did a new scan and it took a bit longer:
    I do have maybe ~40GB of zip, rar and ace-packed files tho (I realize I should do some cleaning :) )
     
  12. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Mele, when comparing scan time of more scanners, it's crucial to take into account the number of archive types supported as well as how many levels of compression can a particular scanner supports (e.g. a zip archive in another archive, etc.)
     
  13. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Hi Blackspear

    It's a long time since i went to school, so please bare over with me if i make myself look like an idiot, but isn't it closer to 17-18% slower. ;) :)
     
  14. sard

    sard Registered Member

    Joined:
    Apr 18, 2004
    Posts:
    175
    Location:
    UK
    ((50-35)/35)*100 = 43% ish, so 50% is about right when ishes are involved :D
     
  15. Don Pelotas

    Don Pelotas Registered Member

    Joined:
    Jun 29, 2004
    Posts:
    2,257
    Well, i guess it's official then, i am an idiot.;) :D
     
  16. leehigdon3

    leehigdon3 Registered Member

    Joined:
    Jun 26, 2004
    Posts:
    132
    Location:
    Plano, TX USA
    Before you decide on those alternatives, take a look at KAV. It may not be light on resources, but it will scan the files you're interested in scanning.
     
  17. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    i go with norton 2004 after reading this it has Michaels technology from gladiator anti virus the ability to unpack and scan everything.

    i notice when michale gladiator antiviruse became popular the other high end av's straight jacked his program on this and added to theres lol.


    it strange feeling like i was the only one that notice this


    any how the new norton has this i believe

    as for NOD in my opinion seems to be a toy for higher end user's almost experts

    with the proper config and stuff seems to be a hard core av for tweaks serious about security

    norton is more like and i hope you take no offense to this but dummy proof what blaze likes easy to use click done

    nod from the sounds of it is tweak this and that and that I'm hard core now type thing lol
     
  18. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Heh! NOD32 is not that much for the hardcore tweakie user. The one for that is KAV 4.5 personal which is exactly one reason why I was impressed with it and not with KAV 5.0 personal which is more like NAV. NOD32 is inbetween NAV and KAV 4.5. Which actually is nice because it can thus appeal to both camps. :D
     
  19. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Why all the concern about"on demand" scan times :-dont most people,or might just be me,run an on demand scan when PC is not needed for other things(or at least things a scan would interfere with),more important to me is the thoroughness of these scans
     
  20. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    I always run an on demand scan while using the computer. This is partly because I hate scheduled tasks especially NOD32 ones. One reason being because NOD32 will not leave a screen for when I get back telling me that it scanned and what it found. I am not going to remember what day I choose for scanning while gone or asleep so if NOD won't leave me a screen that I see the next time I get on the computer...then I won't do scheduled scans with NOD32. Secondly, I am worried that this activity will not end cleanly and thus may trigger my monitor to come out of suspend and then it may not go back into suspend. In the past, that has been the case with NOD32. I don't know about this new version as I haven't bothered to try a scheduled scan with it.

    The other reason I run a full scan while at the computer is because I am using it most of the time I am awake ....so when do I do a scan that I am not on it except when asleep and that doesn't work well.

    I don't run a full scan on a regular basis though so it doesn't matter all that much to me. I use command line scanning religiously so I don't feel that I need to run a full scan often. I have done so recently because I just installed this new final non-beta version recently and wanted to scan. I am avoiding more full scans until the false positives AMON has found are fixed as no need to see those again in the on demand scanner. (Yes, I could exclude but that is a pain plus how do you exclude a false positive from System Restore? I have no idea what file that is referring to).
     
  21. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    A scheduled scan as shown here:

    https://www.wilderssecurity.com/showthread.php?t=37509

    will leave the screen up...

    Hope this helps...

    Cheers :D
     
  22. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Are you sure? Because when you run a scan and you on the computer there is no notification when it is finished so I doubt there would be when you are not on the computer. Plus, I don't want a screen up there until I wake the monitor. If a screen goes up at the end of a scan when I am asleep that will wake the monitor. I want the screen to pop up the next time I get on the computer which is how the av I had before I got NOD32 did it and I did scheduled scans for when I was asleep with it. Then I couldn't with NOD32 and I don't think anything has changed with regard to this.
     
  23. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Try running a scheduled scan and see for yourself. The scan finishes and remains on screen with the results waiting for further action on your part, as in, to go back through and right click on any viruses detected, or to close the Nod32 window...

    Hope this helps...

    Cheers :D
     
  24. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    To get the on-demand scanner window appear during a scheduled scan, it's necessary to schedule a task that will trigger nod32.exe with desired parameters as an external application at a specified time.
     
  25. Shaman

    Shaman Guest

    Response to many posts

    Hi,

    1st, to all who says kav detects beter virus than nod, just compare this :
    http://www.virusbulletin.com/vb100/archives/products.xml?kaspersky.xml
    http://www.virusbulletin.com/vb100/archives/products.xml?eset.xml

    -> You are WRONG.

    2nd to blackspear :
    You say its a shame NOD do not scan by default all files... Why the hell would you like to scan bmp, log, ... files ? It only slows your scan and provides NO additionnal protections. I don't think it is possible to start an executable file that has not a executable extension am i wrong ?

    Honestly, I tried some AV, i will never say i tried them all, but i really find NOD very very good. I'm an internet player, and nod really doesn't interfer with my games, unlike McAfee or Norton.

    Also, for all the crap about latest version and iMon, i simply desabled HTTP scans and all is perfect. For me beeing notified a filed i just downloaded is infected is enough, i don't care about beeing notified before i goes on my disk. What is the diference in therme of security o_O

    just my 2 cents

    Best regards all
     
Thread Status:
Not open for further replies.