Nod questions

I have been using NOD for over two years, started Aug. 2001.

I am fairly active on the internet with my actual e-mail address on several web sites. Also, some of my e-mail addresses date back to 1996. Because of that I get a fare amount of stuff send my way.

I work out of my home on the Internet providing contracted support for ATT and now Charter Pipeline. In addition I have a kid that is big gamer. So we are on most of the time.

Over the two and a half year period I have never lost data or been infected with a virus while using NOD.

I also run some of the Online scanners from time to time just to double check. They have never picked up on anything that NOD missed.

A sample of my log over the last few days.

Time   Module   Object   Name   Virus   Action   User   Info
2/22/2004 12:50:58 PM   IMON   email message   from: 32058052@mxsf08.cluster1.charter.net to: gunn1@charter.net with subject fake dated Sun, 22 Feb 2004 13:47:32 -0500    Win32/Netsky.B worm   contained infected files   STAN\Administrator   
2/22/2004 10:06:32 AM   IMON   email message   from: j8jdekgysdg9@guohao.com to: gunn1@charter.net with subject hello dated Sun, 22 Feb 2004 11:01:49 -0500    Win32/Netsky.B worm   contained infected files   STAN\Administrator   
2/22/2004 8:31:25 AM   IMON   email message   from: oss@vpm.com to: gunn1@charter.net with subject hi dated Sun, 22 Feb 2004 07:50:17 -0500    Win32/Netsky.B worm   contained infected files   STAN\Administrator   
2/21/2004 8:43:29 AM   IMON   email message   from: jovsurd@bigfoot.com to: gunn1@charter.net with subject read it immediately dated Sat, 21 Feb 2004 06:55:36 -0500    Win32/Netsky.B worm   contained infected files   STAN\Administrator   
2/20/2004 6:46:50 AM   IMON   email message   from: atches@foryou.match.com to: gunn1@charter.net with subject hi dated Fri, 20 Feb 2004 06:57:56 -0500    Win32/Netsky.B worm   contained infected files   STAN\Administrator   
2/18/2004 22:23:37 PM   AMON   file   D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\LG0ZDX89\remark,9385277~mode=flat[1].htm   probably unknown SCRIPT virus   deleted (after the next restart)    STAN\Administrator   
2/17/2004 23:20:31 PM   AMON   file   D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XVZJL1GU\all_launch_reg[1].htm   JS/NoClose.L trojan   deleted   STAN\Administrator   

 

NOD had without doubt the best heuristic in the market today. Heuristic's role is important because it detect many new worms/viruses/trojans proactively, ej: Netsky, Bagle, Mimail and many P2P worms.

 

I have been using KAV-AVP since 1997, with only 1 virus (Badtrans) escaping past it. I have learned just yesterday, NOD32 is quite famous for heuristics detection of Badtrans with no update, and also I learned, NOD32 detected CIH with heuristics even before AVP. This is quite an impression on me. I am not very familiar with NOD32, but I will be looking closer. Some say NOD32 is badly in Trojans detection, behind KAV, but I rely on TDS3 for this, so it is not paramount importance.

 

I'm agree with bender, but Eset is adding more and more trojans every day.

 

My biased personal opinion: NOD32 never ever let virus to my computer. Using it since 1996.......

 

I am looking closer at NOD32 since only yesterday. Forgetting about KAV's high trojans detection, it is too soon for me to say NOD32 is better for MY purpose, i.e. "detect viruses only", than KAV, but it is certainly not worse, and its resident sections are much lighter on resources. I await the next heuristic detection of a new virus, for further comparison.

 

Bender, I agree with you: NOD is an Anti-Virus programm. For Trojans, rely on special Trojan-Scanner and/or setup your firewall properly.
I'm using NOD for over 1 year now and it missed only one Malware (not really a Virus, but a Browser-Hijacker). Many Anti-Virus programms didn't detect this thing (Densmail) and Sophos even post on their website: "Following customer feedback Sophos has disabled detection of this application, which is not a virus. Detection will be disabled from the March 2004 (3.79) version of Sophos Anti-Virus."
More important for me was the rise of the NetSky.B-Virus, which arrived to my E-Mail adress about 12 hours after it's discovery. Since I configured NOD to get an update every time I access the Internet, it directly discovered the virus by it's signature!
Another time, I had to get into the Web without a Firewall (after a Format C: ) and IMON (Internet-Monitor of NOD) directly caught several viruses sent to my IP-Adress using the DCOM-Vulnerability.
As I can say, NOD is doing fine, nothing more, nothing less. And the use of resources is excellent. I've set it to scan all files with the resident scanner and I'm not seeing any difference. Just simply an "Install and forget about it"-solution.

 

I will also add my pennys worth, I have been using NOD32 for many years from way back in version ones days. I'm a high risk user. often spening time in hacker heaven. NOD32 has given me 100% protection. I have never been infected with NOD32 running. The low resource uses has been fantastic as I dont have a powerful computer. I told my brotyher to try it once he was protected by "NIS", when he ran NOD32 he discovered 12 viruses living on his computer that was happy to cohabitate with NAV. If protection is what you want NOD32 supplies it

Michael

 

This is a perfectly common, typical excuse for NOD32's relatively poor trojan detection. Has anyone ever said this of KAV? No, because they don't have to.

But before you get mad at me, consider the fact that Eset seems to disagree with you where NOD32's role is concerned. Consider this quote from the NOD32 site:

And from this page:

And again, from this page:

What can you possibly say to that? "That's just marketing hype"? "They don't really mean it"? "You shouldn't take that too literally"?

 

nameless:
NOD is a relative new AV, KAV not. NOD is improving its trojan detection every day as its heuristic, because AH is able to detect many new backdoors. KAV is the best at trojan detection, however they have a heuristic able to detect many new unknown yet backdoors?, I think NOT.

 

Hi nameless,

I don't have a problem with those statements.

There is no question KAV has the better Trojan database, especially the older ones. However, it looks like NOD covers a fair number of the current ones which are the current threats. See:
http://www.nod32.com/scriptless/support/info.htm

In addition it seems like a lot of KAV users also use a layered defense by running an additional AT program even with KAV's highly touted Trojan coverage.

During the time I have used NOD it hasn't let me down.
http://www.wilderssecurity.com/showthread.php?t=22587;start=msg134637#msg134637

I am not sure I would like to see NOD include all the things that KAV does due to a performance issue.

Just my 2 cents.

BTW, I would like to see this thread go back to the original topic:

"if any longtime Nod users have ever lost data or been infected with a virus while using the program."

 

That is totally, completely, absolutely, and 100% beside the point.

 

>"if any longtime Nod users have ever lost data or been infected with a virus while using the program."

Yep. NOD32 version 2 beta ate my entire sent messages folder in OE (several thousand emails). It ate the trash folder too. (But that one was ok). But I doubt that is the sort of "lost data" situation you were thinking of. I haven't lost data due to a virus that NOD32 failed to detect if that is what you meant.

 

You said that NOD's role is detect trojans, viruses and worms because it appear on eset web page. It's true, NOD detect many trojans and is improving its database every day. KAV is the best detecting trojans however KAV hasn't a heuristic for detect new backdoors as NOD. NOD is able to detect all ITW trojans without problems, it isn't a marketing hype, it's true. Is obvious that KAV detect more trojans, they've many years in the market than nod not.

 

Carew, my point--which I make here for the last time--was in response to the people who defend NOD32 by saying "It isn't supposed to be good at detecting trojans; it is an anti-VIRUS utility only". That's obviously a weak argument, when Eset touts NOD32 for trojan detection. I'm not saying it is good or bad; I'm just saying it should be good, because it is advertised that way.

 

I understood.
I'm agree with you, NOD is a AV, however is also designed to detect trojans.

 

Just an aside note about trojans detection: I am a long time KAV user. KAV has a reputation for high detection of trojans, but I rely on TDS3 for my trojan protection. Why? Because KAV is just not good enough in that area! So, for me, it does not matter if KAV does not detect a single trojan. I will not rely on KAV to protect me from trojans, just as I will not rely on TDS3 to protect me from viruses.

 

Bender:- kav will detect trojans at least as well as tds3 to me its seems pointless in running any anti-trojan alongside kav or most(depending on the frequency of updates!)kav based AVs. apart from the fact two programs need to be disabled to leave you vunderable
Depending on the method that the AV uses to check for infestation it is as easy(in some cases easier)to protect against trojans,depending how/where a virus attaches itself to an infected file, some viruses can be the hardest of all malware to spot so in my opinion claiming a product is an AV not an AT is just used as a "get out jail free" interpretation used by AV vendors used
1)to save work/time with def updates
2)good excuse in case of infection
I dont think the public should be left to distinguish between the different types of threats, the security vendors(AV, AT) should all start to manufacture and market total Anti-malware utils
I know this will go against all the advocates of "layered defence" but if the boffins can come up with products to protect against "all threats" the PCs of the uneducated user can be as safe as those of the of the educated and who knows if there aren't many vulnerable machines to infect the maware writers might "give up"(eternal optomist!!)

 

I've been testing, still researching and have yet to find an AV solution that uses less resources than NOD32. It was due to a review that stated such and rated NOD32 within the top 3 reviewed. Since then I have uninstalled and installed several other AV's prior to wiping the drive on my test pc. I did this to ensure NOD32 was indeed doing what I assumed it was doing -keeping me virus free.

I find this AV solution so quick and light on resources that at times I still have to question that it's doing what it's supposed. I very much appreciate that I came across the review, because I still don't see much public opinion about thier solution, which I think is a shame.

To date this is still the best I've seen and better, it's yet to let me down. I'm not going to debate this and everyone's computing situation is unique. I regularly recommend this AV solution and have yet to recommend another for sometime now. regards... jp

 

Steve1955, some tests "prove" KAV is a better trojans detector than TDS3, but I do not believe those tests, they are easily manipulated, or incompetent, or both. Running KAV and TDS side by side in a highly exposed environment for some years, I can assure you, TDS3 is the superior in detecting trojans. The "perfect" AV+AT program does not yet exist. Until it does, I will rely on the best of each to perform its own job. At the moment, my choice is KAV+TDS3, but KAV did not detect new Bagle and Newsky with heuristics, but NOD32 did so. Does this make NOD32 "better" than KAV for my purpose? I do not yet know. Because I am a NOD32 "newbie", I will not jump to this conclusion lightly, but NOD32 is very much impressing me. I am making a much closer examination in the coming weeks.

 

Bender, you also need a anti-worms program if you're saying that each program made its own job.
I think that NOD is the most light av in the market today.

 

sir_carew, worms are a sub-set of viruses, and they are (most times) covered by KAV. A good personal firewall should protect against new "MSBlast" type of worms, without update. I use also SpyBotSD, Ad-Aware, and some of Javacool's very good programs, for "other" nasty things. It is quite astonishing what lengths are taken by spam advertisers and hijackers to hide from detection. As an aside: it seems many people here have the war cry, "NOD2 is poor with trojans!". Is it appropriate for this forum, if I start a new war cry, "NOD32 is poor with spyware and hijackers and pop-ups and spam!"? (Not seriously. I am being sarcastic.)

 

I have used Nod on this pc for about 2 1/2 years with no lost data and also on our second pc for 2 years, also no lost data. Works for me. Nor have I been infected with a trojan on either pc, despite no AT running on them, maybe lucky, who knows.