New Beta caught it's first Virus

Discussion in 'ESET NOD32 v3 Beta Forum' started by garyrh, Jul 24, 2004.

Thread Status:
Not open for further replies.
  1. garyrh

    garyrh Registered Member

    Joined:
    Jun 18, 2004
    Posts:
    21
    I installed the new beta and so far it is very stable. There is a virus circulating around the newsgroups and the subject is Osama Found Hanged with a link to download a zip file and I thought I would test the new beta out and as soon as I clicked on the link NOD32 caught the virus even before downloading it. This is great. I am glad it scans zip flies now to.
     
  2. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    It doesn't catch a virus on my 98SE box. It is a RAR zipped virus - netsky worm. I don't use IMON. I downloaded it and then right clicked and scanned and NOD32 doesn't detect it.

    On my XP box, I have a trial of KAV 4.5 which got it immediately on right click scan. So, I'm not very impressed with this new beta. I am extremely impressed with KAV 4.5 though.

    I can't use IMON as that HTTP scanner really slows this fast XP box down (plus I don 't want two real time scanners). KAV 4.5 though uses little RAM (set to scan everything) and doesn't slow my box.
     
  3. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    It doesn't slow mine machine down at all, not a brass razoo :rolleyes:

    What program is it conflicting with?

    Have you brought it up with Eset?

    Cheers :D
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,739
    Location:
    Texas
    No slowdown on my machine. XP Sp1 At times, it seems faster.
     
  5. MCT

    MCT Registered Member

    Joined:
    Mar 10, 2004
    Posts:
    300
    i dont experience any slowness either with it
     
  6. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    I now have the NOD beta on two machines. A P4 2.8GHz, 1 GB RAM and an older P3 500, 256 RAM. I am not seeing any slowdown on both machines.

    When you say it is slowing your box down is this with surfing, speed tests, opening programs or just overall? Can you provide some more detail.

    I still prefer NOD over KAV and NOD's AH continues to catch infections prior to definitions being released with some other AVs. For examble see:
    https://www.wilderssecurity.com/showthread.php?t=42010
     
  7. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Does it matter? It didn't catch this virus on right click and I ran a full scan and it doesn't catch it. KAV has the best scanning engine.

    I have not enabled IMON on the beta that is on the W98SE box. I have had too many problems over the years on W98 with Winsock and various applications. I'm not going to invite more trouble. I was referring to the beta I had on the XP box and I did enable the HTTP scanner and it slowed my box noticeably. Plus, it stuck that dang download box in my face. I hated that! UGH!

    snipped all non-NOD32 remarks - paul

    I don't see any way to run only AMON. I don't even see a way to not install IMON. I should be able to run AMON only and have IMON not even installed. The control center should not run in the systray. It should load only if I want it. Only thing that needs to be running is AMON. Or should be the only thing. The trouble is that Eset is putting almost all its eggs in the IMON basket. So, for those who want a traditional AV NOD32 no longer applies. At least NOD32 doesn't come with a firewall! I really hate that. If I want a firewall I will get one. I don't want one with an AV!
     
  8. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    Well, NOD with AH did catch that new Bagle variant using AH before a lot of AVs got their definitions out including KAV. Had I been using KAV at the time it wouldn't have detected it as quick as NOD did. So I'll stick with NOD.

    Looks like you tested the WinXP with an older beta? I don't think that is a good test.

    I have no slow down problem using the HTTP scanner and consider it a great addition.

    Also, a number of other folks posting here are not seeing any slowdown with the beta.

    With AH now available in AMON and the HTTP scanner, and no slow down on my machines, I think they have done a super job with this beta.
     
    Last edited: Jul 24, 2004
  9. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    Well no one has explained to me why I should want to use TWO real time scanners. That is nutty and is overkill. NOD32 uses about FIVE TIMES the RAM that other resident monitor uses. I could tell an immediate slow down on surfing. Plus, you know when you see that awful, irritating scanner box that your surfing is being delayed. Also, I don't want the immense problems that IMON is going have. My 98SE box warns me about poor compatiblity with browsers and all this stuff about best compatibility versus being safer...blah, blah. What do I need such a headache for? No one seems able to explain any of this so that it makes sense.

    Yes, this was not the release beta but I doubt it would make that much of a difference and I simply do not want to use IMON. NOD32 has gone down a path that I have no interest in. I want a traditional scanner based on signatures. I don't want any more of the false positives I was getting with adv. heuristics and that didn't get fixed (may be fixed).

    I am aware that no scanner catches everything. But I see no reason to be a guinea pig for Eset with this HTTP scanner stuff. You mess with Winsock and you have one huge problem. Again, it comes back to why do I need two resident scanners? Explain please. Eset seems to be saying that all other AV are no good because they don't have two resident scanners.

    Also why do I need IMON when my ISP filters all email using Symantec Corporate? They tell us it is a good idea to still have an AV but not really necessary. They also offer one free for as long as you have them as an ISP. It's not a great AV but coupled with Symantec scanning all email both inbound and outbound, it is probably quite sufficient especially if you practice safe hex.

    all non-NOD32 remarks snipped - paul
     
  10. VikingStorm

    VikingStorm Registered Member

    Joined:
    Jun 7, 2003
    Posts:
    387
    Though keep in mind memory usage is probably one of the most deceiving ways to measure performance, since how memory is allotted, especially in XP, generally doesn't really explain anything. (of course, unless you disabled virtual memory, it's more accurate) Memory-wise, KAV looks all fine and dandy, yet it takes me an extra 2-5 minutes before KAV RTM is finished scanning on start-up. Nothing to do with memory at all.

    Btw, did you check to see if "Archives" was checked? It seems for me, both the regular default context scan, and the /ah scan don't have archives checked by default.

    The Control Center takes up nearly nothing, so I don't see the use complaining about that. It's not like it's the McAfee Security Center, which is more bloated and intrusive.

    I am also able to run NOD32 without IMON at all, unless you mean the option on installation. (don't know about that, never looked)

    Btw, what type of internet connection are you on?
     
    Last edited: Jul 24, 2004
  11. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    Well, again I am not seeing any slowdown so I have no problem with the two scanners. Also other folks are posting no slowdown problems.

    I am not seeing any FP so far with the beta using AH.

    Also, you are still refering to an older beta test? I don't think that is the best way to make a judgement.

    And again, using AH, NOD is able to detect some of the new varients prior to some of the other AVs.

    I still consider this beta to be very good and a nice improvment.
     
  12. tosbsas

    tosbsas Registered Member

    Joined:
    Feb 9, 2002
    Posts:
    789
    Location:
    Lima, Peru
    Dear Mele

    could you please leave the nod threats - you are wasting our time promoting KAV in a NOD Forum. I know you are an expert in AV, but it's getting really tireing.

    Ruben
     
  13. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Why not use the program as it was designed, millions of people around the world can't be wrong...

    All facets of the program work, and work well...

    Cheers :D
     
  14. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    With some people there appears to be a love hate of Nod32, they don't seem to able to make up their minds in regards to it. But, yes, it does become tiresome :rolleyes:

    Cheers :D
     
  15. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    I was going to respond to the questions some of you have but I can see that thanks to Paul my posts now make no sense. I can't discuss NOD32 without discussing the AV I am currently testing or other avs I have used/tested.

    I have said it to Paul and I now say it here publically: The NOD32 official support forum needs to be moved in house and open only to registered users and have strict rules. You post for help and you get help from NOD32 support. NO posting allowed by other users. Read only except for the user asking for help can interact with tech support. Then this forum could be one where NOD32 is actually discussed. As it is now, we cannot discuss it because discussing it usually involves referring to other AV and what NOD32 does as opposed to what some other AV does or doesn't do.

    Currently, to properly discuss NOD32, one has come to my home site and discuss it in the Security forum there. No change actually in the almost two years I've had NOD32. It was in the Security forum at dslr where I discussed NOD32 because Becky's was hopeless. Rod came along and was horrified and the rest is history. We have this forum and it is a big improvement over Becky's but we can't discuss NOD32 if we so much as mention another AV and it is impossible to have a good, thorough discussion when that is forbidden. Thus, the official support form should be moved in house and closed to all but registered users and this forum should remain for discussion.
     
  16. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    The nod forum here at wilders works well because all users of nod can discuss their problems on the correct way to configure it to work the best. It is definatly possible to discuse nod without bringing up another av. I have done it and I am sure others can also. A lot of the little problems that come up can be solved or assisted by non registered persons. It works like that in the others forums here and it works well in the nod forum also.


    bigc
     
    Last edited: Jul 24, 2004
  17. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Mele, why don't you start a thread in "Other Anti-virus software" to discuss Nod32 and Other AV software to your hearts content.

    The Nod32 forum is for help with and discussion of Nod32, not to spruke Kav or any other AV.

    Cheers :D
     
    Last edited by a moderator: Jul 24, 2004
  18. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,739
    Location:
    Texas
    I still haven't figured out why NOD attracts people that want to demean the program.
    I've never seen a program that attracts such hate unless it's Windows of course! :D

    I wouldn't dream of running over to the XXX forum and start running down their program. It is a well respected antivirus program. And I had a license for it at one time. No complaints.
     
    Last edited: Jul 24, 2004
  19. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Hi Mele20,
    I don't understand you. You said that ESET need to move his forum in house because many people post things of others AVs and sorry for my rude, but you're all the time naming others AVs. KAV, NAV Corporate Edition, etc. so you're making contradictory posts. Due to the statement, you said ESET need move forum in house and you're a NOD user who call others AVs all the time?. In others words, if ESET move his forum in house, will you stop speaking about other AV?, if Yes, why don't stop now speaking about other AV here, in Wilders at least NOD users. I you want to call others Av please use Others AV forum place.
    And you critic NOD all the time. Well, all we can have some problems with ESET, humans we aren't perfect. But you're attacking ESET because NOD has a small database than others avs, because of use of memory¿?, due to the FPs and the heuristic. If you dislike NOD, why you change? I think if I were nonconcurring as you with ESET, I change mi AV.
    I'm not attacking you, but I think that and I'm person who said the truth.
    Paul, sorry for use NOD Beta forum to this thread but I needed to put my point of view. Thanks.


     
  20. DonKid

    DonKid Registered Member

    Joined:
    Jun 27, 2004
    Posts:
    566
    Location:
    S?o Paulo, Brazil
    Well I have to agree with the folks.This new beta doesn't slow my PC.And I love the new feature about HTTP scan since I tried to download a file that I knew it had a Worm and I just click the link and Nod prompt warning me it was a worm.I tested the eicar files in my brother's PC running Panda Internet security and it allowed me to download the eicar.zip and the eicar2.zip too..Too bad for Panda.What can I should say ? Nod32 rules........I hope Eset enables Nod to detect all kind of compressed files like Rar, Ace and so on...Keep the great job Eset.

    Best Regards,

    DonKid.
     
  21. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    For now, NOD32 supports the following types of archives: ZIP, RAR, ARJ, LZH, LHA, CAB, CHM, TAR and runtime packers Pklite, Lzexe, Diet, Exepack, CPAV, UPX, AsPack, FSG, Petite, Neolite
     
  22. DonKid

    DonKid Registered Member

    Joined:
    Jun 27, 2004
    Posts:
    566
    Location:
    S?o Paulo, Brazil
    Marcos,

    Good to know about it.Hope Eset enable Ace files since there's a lot of people using it.Can you tell me when a Brazilian version is coming out , or the non Beta version ?

    Best Regards,

    DonKid.
     
Thread Status:
Not open for further replies.