Nod questions

Discussion in 'NOD32 version 2 Forum' started by ronjor, Feb 22, 2004.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
    I have noticed on this forum that the effectiveness of Nod has been questioned many times.
    I am curious to know if any longtime Nod users have ever lost data or been infected with a virus while using the program.
    The reason I ask this is because I see a lot of "this program does this or that, why doesn't Nod".
    Moderator, if this type query doesn't belong here, feel free to delete. :)
     
  2. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    I have been using NOD for over two years, started Aug. 2001.

    I am fairly active on the internet with my actual e-mail address on several web sites. Also, some of my e-mail addresses date back to 1996. Because of that I get a fare amount of stuff send my way.

    I work out of my home on the Internet providing contracted support for ATT and now Charter Pipeline. In addition I have a kid that is big gamer. So we are on most of the time.

    Over the two and a half year period I have never lost data or been infected with a virus while using NOD.

    I also run some of the Online scanners from time to time just to double check. They have never picked up on anything that NOD missed.

    A sample of my log over the last few days.

    Time   Module   Object   Name   Virus   Action   User   Info
    2/22/2004 12:50:58 PM   IMON   email message   from: 32058052@mxsf08.cluster1.charter.net to: gunn1@charter.net with subject fake dated Sun, 22 Feb 2004 13:47:32 -0500    Win32/Netsky.B worm   contained infected files   STAN\Administrator   
    2/22/2004 10:06:32 AM   IMON   email message   from: j8jdekgysdg9@guohao.com to: gunn1@charter.net with subject hello dated Sun, 22 Feb 2004 11:01:49 -0500    Win32/Netsky.B worm   contained infected files   STAN\Administrator   
    2/22/2004 8:31:25 AM   IMON   email message   from: oss@vpm.com to: gunn1@charter.net with subject hi dated Sun, 22 Feb 2004 07:50:17 -0500    Win32/Netsky.B worm   contained infected files   STAN\Administrator   
    2/21/2004 8:43:29 AM   IMON   email message   from: jovsurd@bigfoot.com to: gunn1@charter.net with subject read it immediately dated Sat, 21 Feb 2004 06:55:36 -0500    Win32/Netsky.B worm   contained infected files   STAN\Administrator   
    2/20/2004 6:46:50 AM   IMON   email message   from: atches@foryou.match.com to: gunn1@charter.net with subject hi dated Fri, 20 Feb 2004 06:57:56 -0500    Win32/Netsky.B worm   contained infected files   STAN\Administrator   
    2/18/2004 22:23:37 PM   AMON   file   D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\LG0ZDX89\remark,9385277~mode=flat[1].htm   probably unknown SCRIPT virus   deleted (after the next restart)    STAN\Administrator   
    2/17/2004 23:20:31 PM   AMON   file   D:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\XVZJL1GU\all_launch_reg[1].htm   JS/NoClose.L trojan   deleted   STAN\Administrator   
     
  3. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    NOD had without doubt the best heuristic in the market today. Heuristic's role is important because it detect many new worms/viruses/trojans proactively, ej: Netsky, Bagle, Mimail and many P2P worms.
     
  4. Bender

    Bender Guest

    I have been using KAV-AVP since 1997, with only 1 virus (Badtrans) escaping past it. I have learned just yesterday, NOD32 is quite famous for heuristics detection of Badtrans with no update, and also I learned, NOD32 detected CIH with heuristics even before AVP. This is quite an impression on me. I am not very familiar with NOD32, but I will be looking closer. Some say NOD32 is badly in Trojans detection, behind KAV, but I rely on TDS3 for this, so it is not paramount importance.
     
  5. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    I'm agree with bender, but Eset is adding more and more trojans every day.
     
  6. mrtwolman

    mrtwolman Eset Staff Account

    Joined:
    Dec 5, 2002
    Posts:
    613
    My biased personal opinion: NOD32 never ever let virus to my computer. Using it since 1996.......
     
  7. Bender

    Bender Guest

    I am looking closer at NOD32 since only yesterday. Forgetting about KAV's high trojans detection, it is too soon for me to say NOD32 is better for MY purpose, i.e. "detect viruses only", than KAV, but it is certainly not worse, and its resident sections are much lighter on resources. I await the next heuristic detection of a new virus, for further comparison.
     
  8. Yellow

    Yellow Registered Member

    Joined:
    Feb 24, 2004
    Posts:
    2
    Bender, I agree with you: NOD is an Anti-Virus programm. For Trojans, rely on special Trojan-Scanner and/or setup your firewall properly.
    I'm using NOD for over 1 year now and it missed only one Malware (not really a Virus, but a Browser-Hijacker). Many Anti-Virus programms didn't detect this thing (Densmail) and Sophos even post on their website: "Following customer feedback Sophos has disabled detection of this application, which is not a virus. Detection will be disabled from the March 2004 (3.79) version of Sophos Anti-Virus."
    More important for me was the rise of the NetSky.B-Virus, which arrived to my E-Mail adress about 12 hours after it's discovery. Since I configured NOD to get an update every time I access the Internet, it directly discovered the virus by it's signature! :D
    Another time, I had to get into the Web without a Firewall (after a Format C: :D) and IMON (Internet-Monitor of NOD) directly caught several viruses sent to my IP-Adress using the DCOM-Vulnerability.
    As I can say, NOD is doing fine, nothing more, nothing less. And the use of resources is excellent. I've set it to scan all files with the resident scanner and I'm not seeing any difference. Just simply an "Install and forget about it"-solution. :cool:
     
  9. manxaura

    manxaura Registered Member

    Joined:
    Oct 27, 2002
    Posts:
    21
    Location:
    Australia
    I will also add my pennys worth, I have been using NOD32 for many years from way back in version ones days. I'm a high risk user. often spening time in hacker heaven. NOD32 has given me 100% protection. I have never been infected with NOD32 running. The low resource uses has been fantastic as I dont have a powerful computer. I told my brotyher to try it once he was protected by "NIS", when he ran NOD32 he discovered 12 viruses living on his computer that was happy to cohabitate with NAV. If protection is what you want NOD32 supplies it

    Michael
    :)
     
  10. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    This is a perfectly common, typical excuse for NOD32's relatively poor trojan detection. Has anyone ever said this of KAV? No, because they don't have to.

    But before you get mad at me, consider the fact that Eset seems to disagree with you where NOD32's role is concerned. Consider this quote from the NOD32 site:

    And from this page:

    And again, from this page:

    What can you possibly say to that? "That's just marketing hype"? "They don't really mean it"? "You shouldn't take that too literally"?
     
  11. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    nameless:
    NOD is a relative new AV, KAV not. NOD is improving its trojan detection every day as its heuristic, because AH is able to detect many new backdoors. KAV is the best at trojan detection, however they have a heuristic able to detect many new unknown yet backdoors?, I think NOT.
     
  12. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    Hi nameless,

    I don't have a problem with those statements.

    There is no question KAV has the better Trojan database, especially the older ones. However, it looks like NOD covers a fair number of the current ones which are the current threats. See:
    http://www.nod32.com/scriptless/support/info.htm

    In addition it seems like a lot of KAV users also use a layered defense by running an additional AT program even with KAV's highly touted Trojan coverage.

    During the time I have used NOD it hasn't let me down.
    http://www.wilderssecurity.com/showthread.php?t=22587;start=msg134637#msg134637

    I am not sure I would like to see NOD include all the things that KAV does due to a performance issue.

    Just my 2 cents.

    BTW, I would like to see this thread go back to the original topic:

    "if any longtime Nod users have ever lost data or been infected with a virus while using the program."
     
  13. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    That is totally, completely, absolutely, and 100% beside the point.
     
  14. Mele20

    Mele20 Former Poster

    Joined:
    Apr 29, 2002
    Posts:
    2,495
    Location:
    Hilo, Hawaii
    >"if any longtime Nod users have ever lost data or been infected with a virus while using the program."

    Yep. NOD32 version 2 beta ate my entire sent messages folder in OE (several thousand emails). It ate the trash folder too. (But that one was ok). But I doubt that is the sort of "lost data" situation you were thinking of. I haven't lost data due to a virus that NOD32 failed to detect if that is what you meant.
     
  15. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    You said that NOD's role is detect trojans, viruses and worms because it appear on eset web page. It's true, NOD detect many trojans and is improving its database every day. KAV is the best detecting trojans however KAV hasn't a heuristic for detect new backdoors as NOD. NOD is able to detect all ITW trojans without problems, it isn't a marketing hype, it's true. Is obvious that KAV detect more trojans, they've many years in the market than nod not.
     
  16. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    Carew, my point--which I make here for the last time--was in response to the people who defend NOD32 by saying "It isn't supposed to be good at detecting trojans; it is an anti-VIRUS utility only". That's obviously a weak argument, when Eset touts NOD32 for trojan detection. I'm not saying it is good or bad; I'm just saying it should be good, because it is advertised that way.
     
  17. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    I understood.
    I'm agree with you, NOD is a AV, however is also designed to detect trojans.
     
  18. Bender

    Bender Guest

    Just an aside note about trojans detection: I am a long time KAV user. KAV has a reputation for high detection of trojans, but I rely on TDS3 for my trojan protection. Why? Because KAV is just not good enough in that area! So, for me, it does not matter if KAV does not detect a single trojan. I will not rely on KAV to protect me from trojans, just as I will not rely on TDS3 to protect me from viruses.
     
  19. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    Bender:- kav will detect trojans at least as well as tds3 to me its seems pointless in running any anti-trojan alongside kav or most(depending on the frequency of updates!)kav based AVs. apart from the fact two programs need to be disabled to leave you vunderable
    Depending on the method that the AV uses to check for infestation it is as easy(in some cases easier)to protect against trojans,depending how/where a virus attaches itself to an infected file, some viruses can be the hardest of all malware to spot so in my opinion claiming a product is an AV not an AT is just used as a "get out jail free" interpretation used by AV vendors used
    1)to save work/time with def updates
    2)good excuse in case of infection
    I dont think the public should be left to distinguish between the different types of threats, the security vendors(AV, AT) should all start to manufacture and market total Anti-malware utils
    I know this will go against all the advocates of "layered defence" but if the boffins can come up with products to protect against "all threats" the PCs of the uneducated user can be as safe as those of the of the educated and who knows if there aren't many vulnerable machines to infect the maware writers might "give up"(eternal optomist!!)
     
  20. donno

    donno Guest

    I've been testing, still researching and have yet to find an AV solution that uses less resources than NOD32. It was due to a review that stated such and rated NOD32 within the top 3 reviewed. Since then I have uninstalled and installed several other AV's prior to wiping the drive on my test pc. I did this to ensure NOD32 was indeed doing what I assumed it was doing -keeping me virus free.

    I find this AV solution so quick and light on resources that at times I still have to question that it's doing what it's supposed. I very much appreciate that I came across the review, because I still don't see much public opinion about thier solution, which I think is a shame.

    To date this is still the best I've seen and better, it's yet to let me down. I'm not going to debate this and everyone's computing situation is unique. I regularly recommend this AV solution and have yet to recommend another for sometime now. regards... jp
     
  21. Bender

    Bender Guest

    Steve1955, some tests "prove" KAV is a better trojans detector than TDS3, but I do not believe those tests, they are easily manipulated, or incompetent, or both. Running KAV and TDS side by side in a highly exposed environment for some years, I can assure you, TDS3 is the superior in detecting trojans. The "perfect" AV+AT program does not yet exist. Until it does, I will rely on the best of each to perform its own job. At the moment, my choice is KAV+TDS3, but KAV did not detect new Bagle and Newsky with heuristics, but NOD32 did so. Does this make NOD32 "better" than KAV for my purpose? I do not yet know. Because I am a NOD32 "newbie", I will not jump to this conclusion lightly, but NOD32 is very much impressing me. I am making a much closer examination in the coming weeks.
     
  22. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Bender, you also need a anti-worms program if you're saying that each program made its own job.
    I think that NOD is the most light av in the market today.
     
  23. Bender

    Bender Guest

    sir_carew, worms are a sub-set of viruses, and they are (most times) covered by KAV. A good personal firewall should protect against new "MSBlast" type of worms, without update. I use also SpyBotSD, Ad-Aware, and some of Javacool's very good programs, for "other" nasty things. It is quite astonishing what lengths are taken by spam advertisers and hijackers to hide from detection. As an aside: it seems many people here have the war cry, "NOD2 is poor with trojans!". Is it appropriate for this forum, if I start a new war cry, "NOD32 is poor with spyware and hijackers and pop-ups and spam!"? (Not seriously. I am being sarcastic.) :)
     
  24. Kym

    Kym Registered Member

    Joined:
    Jun 15, 2003
    Posts:
    38
    Location:
    Cessnock
    I have used Nod on this pc for about 2 1/2 years with no lost data and also on our second pc for 2 years, also no lost data. Works for me. Nor have I been infected with a trojan on either pc, despite no AT running on them, maybe lucky, who knows.
     
Thread Status:
Not open for further replies.