test antivirus 2006

I wanted to ask what you think antivirus of it of this test.
thanks
http://www.megalab.it/articoli.php?id=869&pagina=17

 

Well, besides the fact that even using a google translation of the page I can hardly understand the point they are trying to make as some of the words probably don't come off as intended.

Nor can I find anything regarding the methodology of exactly how this test was performed, nor based off a quick scan does it seem like all the tests were performed precisely.

Check out: http://www.av-comparatives.org/ for a well defined a well regarded series of tests.

As far as the reviewer goes, tell him to uninstall NOD32, and then follow the steps found here: https://www.wilderssecurity.com/showthread.php?t=37509

-Cov

 

Hi duca:

I can tell that NOD32 is not setup properly to perform the automatic cleaning/deleting that appears to be desired... It is set to the default of prompt, which is not what most users would desire.

Maybe being pointed to the setup tutorial would help.

Quote translated "I found myself forced to confirm, virus after virus, the operation to complete."

 

I will admit that my knowledge of Italian is fairly limited (though I can understand much of the article from my knowledge of Spanish). However, it seems to me that the reviewer does not have a good understanding of how NOD32 works.

For example, he complains that "409 threats were found, but only 82 files were cleaned." The most common reason for this is when there are files inside .zip files, and the files do not get deleted from within the .zip file. Also, in a previous screenshot, he actually showed a file with multiplie infiltrations. If there is 1 file with 10 threats inside of it, how many files does he actually think will get deleted?

Something else he pointed out was how the memory and CPU utilization for "nod32kui.exe" remained almost constant during the entire virus scan, with the CPU at 0%. Well, duh. "nod32kui.exe" is the "NOD32 2.5 Control Center" user interface. Does he actually expect that to do anything while he is doing an on-demand virus scan? "nod32.exe" is what does all the work during an on-demand scan, as evidenced by the high memory usage and CPU usage.

It appears to me that he took a pre-infected computer, installed NOD32 on it, and then ran it with its default settings to see how it would do. After running it, he complained that Winsock was broken. However, was it really NOD32 that broke it, or was it one of the pre-installed viruses?

However critical I may be of the reviewer, it does show one thing: NOD32 is not foolproof. It is quite possible that an experienced user of NOD32 could have achieved much better results than he did, but most people are not experienced users. There is something to be said for that.

 

Thanks to all for the answers .

 

Version 3 of NOD32 will have an advanced & basic user mode, so that might help too

 

I think the guy who did the test doesn't have a clue how to test Nod. I understand Italian very well and his language was of the type ' ... it doesn't convince me', he doesn't give any info on how it is set up in the first place.

We all know how results can vary if the tester is biased or hasn't set up the parameters properly. My opinion anyway.

 

There is some info on how he set up the tests in general here:
http://www.megalab.it/articoli.php?id=869&pagina=1

 

Ok... so as far as I can tell from the google tranlation... Everything is based of the Kaspersky online results of an already infected machine? So there was no before baseline, and no after changed files list?

Not exactly a well rounded test I would say. But yes, I do agree, that the NOD32 default settings should reflect Blackspears settings. Let's face it, the n00b user, needs as much protection as possible, while the advanced user is going to do as he pleases. So lets cater to the LCD, and let the people who know what they are doing do their thing.

Me... PDA detection isn't a good thing. I have too many *.exe's installed that NOD32 would pick up if I had PDA enabled on my PC.

-Cov

 

What strikes me as kind of worrying is this screenshot...


http://www.megalab.it/immagini/articoli/il_test_degli_antivi/kasper8.jpg

 

I have had one other examples where virsutotal has shown no detection of an email borne threat for NOD32 but on my own PC it was detected and cleaned by EMON before it could even get to my inbox... It's possible that my NOD32 was updated before VirusTotal, but I don't think that this was the cause.
If NOD32 detects it then it does...

Cheers

 

Hm, a VBS "worm"? And results from 16th July, 2006?

 

Well, pc-support, NOD32 often detects threats like this only with the proper extension: ".vbs". Perhaps the file inside the archive was extnesionless...or perhaps NOD32 user is right. It happened to me also.

And another thing...I remmember posting here about another VBS worm not detected by NOD and detected by all other AVs. See it here: https://www.wilderssecurity.com/showthread.php?t=124510
It was just a garbage file.

 

Pykko and Marco's are correct.

My observation is that loveletter is a very old virus and should have been detected but as Pykko says, it may have been a corrupt file.

 

16th June 2006

 

Correct! The sixth month of the year is June.

 

Found same test but of 2005

http://www.megalab.it/articoli.php?id=717&pagina=14

 

Apparently they are not familiar with how NOD32 handles archives. For security reasons, the only option available is Leave, otherwise NOD32 would delete the whole archive. However, if the user is aware of that risk he/she can enable automatic deletion of archives on the Action tab.