NOD32 AV - disappointment

Discussion in 'ESET NOD32 Antivirus' started by exxocet, Dec 31, 2008.

Thread Status:
Not open for further replies.
  1. exxocet

    exxocet Registered Member

    Joined:
    Dec 31, 2008
    Posts:
    6
    Hi everybody.
    I'm Luke, from Romania, a 3 years customer of ESET Nod 32. I never attended to express my opinion here, I thought my attitude to buy or reject the product it's enough, but now I know it's time to speak loud and clear.

    I've had a great experience with NOD 32 antivirus (I always used only AV, I still run Sygate as firewall), vers. 2.x. The best antivirus solution I ever came across. And I have tested dozens. Powerful, but yet light on resources and system friendly, a winner solution.
    One year ago I've upgraded to vers. 3.0... Beautiful interface, disspointing performance. As vers. 2.7 was the apex, "the best of", I was prepaired for a small downturn, I mean, it's hard "to do the excellent better", I was prepaired for a pretty bloated software, but not for security holes. NOD 32 vers 3.0 was not capable to detect or clean/remove Beagle. The virus installs beautifully, stops NOD32 just like closing WinAmp in task manager, and then do its job killing Windows. No detection. It happened twice. Even funnier, Beagle was removed by Malwarebytes, which is not even AV, but anti-malware/spyware. Even BitDefender (which I never liked it, even if it's build in my country) detected the virus, Panda, McAfee, Norton, but not NOD32...
    Time goes by and I still runned NOD 32 3.0, even wit its security problems. And then it comes vers. 4 beta! I thought, here it is, they fix it for sure! Neh! It still enjoys Beagle virus on the same ol' way...
    Now I'm back on vers 2.7... It's an over 2 years old version, inadmissible to go on with it for long term. I won't renew my subscribtion with ESET as I'm not sure if its AV is still an antivirus solution or just something to run in the background.
    Thanks for the time spend reading this post. Happy New Year everybody.
     
  2. exxocet

    exxocet Registered Member

    Joined:
    Dec 31, 2008
    Posts:
    6
    I've double posted because this award-winning bla-bla vBulletin forum software asked me to login after I've write the post, even if I've logged in before...
    Please remove the locked post, it's identical with this one. Thank you.
     
  3. CivilTaz

    CivilTaz Registered Member

    Joined:
    Nov 19, 2008
    Posts:
    146
    Are you saying that V2.7 detects Beagle but V3 don't ?
     
  4. Jaki

    Jaki Guest

    I share your pain since I was several times burned by NOD32 myself. The only lessons you should learn is that you must love your country' products. ~Comment removed. - Ron~


    Peace and love your country's products.
     
    Last edited by a moderator: Dec 31, 2008
  5. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,056
    Location:
    Las Vegas
    No AV is 100% foolproof. Invest in a good imaging program like Acronis, and in the event malware trashes your system, you can restore as it was before the incident.

    I would rather use an AV like NOD32 that in my opinion will protect you with signatures and heuristics as well as any on the market.
     
  6. DarkButterfly

    DarkButterfly Registered Member

    Joined:
    Jul 18, 2008
    Posts:
    82
    In this case, it is not a matter if it detects or not everything, but rather a situation that a previous version was able to detect and eliminate and now a newer version won't even detect.
     
  7. bradtech

    bradtech Guest

    I have been burned by everything, but less by NOD32. There is no 100% program out there but I have been burned less by NOD32.. I have Kaspersky for my mail server, and NOD32 on my servers.
     
  8. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Quite the contrary, v3 and v4 detects more than v2. New variants of Bagle emerge on a daily basis, most of them are detected proactively as unwanted applications and blocked. Signature detection is added as soon as new variants are discovered.
     
  9. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,056
    Location:
    Las Vegas
    That's simply your assertion- and I think your assertion is wrong.
     
  10. DarkButterfly

    DarkButterfly Registered Member

    Joined:
    Jul 18, 2008
    Posts:
    82
    Don't take me wrong. I didn't say that NOD32 v3 and v4 don't detect such malware.

    All I said is that if v2 detected something that v3 and v4 couldn't, then something has to be wrong. I mean, it has to be wrong. The only way I would see for that to happen was for the search engine from v.2 to v3 and v4 decrease it's capacity to find threats, regardless it's signatures.

    I do hope and want to believe that NOD32 v4 is able to detect and eliminate such. Still, I wonder, why in the situation of exxocet, NOD32 v2 is able to detect and eliminate and versions 3 and 4 are not.

    Rather than "arguing" with me about something I didn't say it was accurate or not (I truly don't know as I don't make any testing to AVs), why not asking exxocet for more details (if any) and perhaps ask for a sample.

    The user clearly says "The virus installs beautifully, stops NOD32 just like closing WinAmp in task manager, and then do its job killing Windows. No detection. It happened twice. Even funnier, Beagle was removed by Malwarebytes, which is not even AV, but anti-malware/spyware. Even BitDefender (which I never liked it, even if it's build in my country) detected the virus, Panda, McAfee, Norton, but not NOD32..."

    Truth or not, if NOD32 v3 and v4 are able to detect and eliminate, then why didn't they?
     
  11. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Speaking about Bagle, the only explanation is that the user had potentially unwanted applications enabled in v2, but disabled in v3/v4. In such case, new Bagle variants would have been detected by v2, but not by v3/v4. Otherwise v3/v4 have improved detection and v4 also has the cleaning significantly improved.
     
  12. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,056
    Location:
    Las Vegas
    The user is always the most likely variable when something is wrong. I agree with your logic.
     
  13. DarkButterfly

    DarkButterfly Registered Member

    Joined:
    Jul 18, 2008
    Posts:
    82
    It could explain why v.3 and 4 didn't detect, in this user's case.

    Perhaps the user could clarify us on that and provide real proof (if possible to provide, that is) that, in fact, NOD32 v.3 and v.4 both can't detect it.

    Best regards
     
  14. exxocet

    exxocet Registered Member

    Joined:
    Dec 31, 2008
    Posts:
    6
    Potentially Unwanted Applications were active in ALL versions. Beagle virus was downloaded form eDonkey network, so I have my doubts it was a daily updated version. Now, let's presume I was unlucky wnough to get a brand new version of Beagle (three times) in these hours that usually pass till the definition is indexed and AV is updated, then why BITdefender and McAfee were able to remove it ?
    I didn't test it version 2.7 against Beagle, but I never get infected whit this version running. And I'm talking about years...
    I'm not a dumbhead, I know how to set a firewall and two of three times I was aware the file it's a virus because it has a different size than the normal application, but I thought it will be detected. I sent the file to ESET via ThreatSense.
    I like NOD32, having running with Sygate gave me a feel of security and stability, but it might be only a feeling...
    By the way, one feature that missed (or I never was able to find it) me on vers.3 (now I'm running 2.7) was the capability to display the current scanned AMON/IMON file.
    Thank you, wish you a prosper 2009.
     
  15. ASpace

    ASpace Guest

    v4 brings back this feauture
     

    Attached Files:

    • v4e.png
      v4e.png
      File size:
      68.6 KB
      Views:
      299
Thread Status:
Not open for further replies.