RSSEset Antivirus Beats Leading Vendors to the Punch
By David Worthington | Published August 12, 2004, 6:05 PM
Although Windows XP Service Pack 2 has been released to manufacturing, some of the world's leading antivirus vendors including Symantec and McAfee are still in the process of assuring compatibility. As these ISVs continue to perfect their code, a little known vendor called Eset has already beaten them to the punch.
In fact, Microsoft itself is a four year customer of Eset and the software giant has just signed on for an additional two years of service. Microsoft places so much confidence in Eset's Nod32 antivirus product that it uses the software in its release labs.
How could such an unknown score such a high profile account? The answer lies in Nod32's rich detection capabilities, small footprint and feature set. For starters, Nod32 detects 100 percent of in-the-wild viruses according to Virus Bulletin. Nod32 also makes a negligible system performance because of two parameters: it is coded in assembly and its founders claim that their 16 years of experience in programming antivirus engines factors into the engine's overall design.
Eset's negligible impact on system performance has led to its growing popularity among gamers.
Eset's Nod32 is comprised of four core modules: IMON, AMON, DMON, and NOD32. IMON was enhanced to monitor HTTP and HTTPS taffic in a beta version of the software that was released July 22nd. Prior to the update IMON monitored POP3 traffic only. IMON monitors all HTTP traffic for malware, is browser agnostic, has support for hyperthreading in multiprocessor machines and includes a large file download progress window in its e-mail client plug-in.
Unlike other antivirus products, Nod32 will not send out notifications to infected users. An Eset spokesperson told BetaNews that the majority of virus notification e-mails are misleading and are often sent from spoofed email addresses by worms such as Mydoom.
Symantec has recently retooled its products to discontinue the practice.
"Our honeypots collect false notifications from other antivirus products that are never true," said the Eset spokesperson.
The 2.011 beta release of Nod32's resident antivirus scanner AMON has advanced new heuristics to detect unknown trojans and has improved trojan cleaning procedures. Nod32 does not require users to reboot into safemode as its default procedure to remove Trojans; rather, the software will stop the service, delete the trojan and restore Windows to its previous state.
In addition, a previously undocumented feature in AMON's on-demand scanner has been announced which adds command-line support to Windows.
Nod32's newest module, DMON (Document MONitor) adds MS Office System antivirus support to monitor Office documents and macros, bringing the product's feature set up to speed with market leaders Symantec and McAfee.
Another pillar of Nod32's feature set is transparency. Nod32 is capable of running into a silent mode were users receive no notifications and are not prompted to interact with the scanner even when a virus is detected. "Users don't care about viruses or configuration; they care about security," said Eset's spokesperson.
In a June interview with BetaNews, a McAfee spokesperson told BetaNews that transparency is one of McAfee's goals for future product releases. Microsoft's upcoming antivirus product is expected to operate in a similar fashion.
The software also receives hourly updates and does not need to be uninstalled when an upgrade is released. Eset claims that installation of Nod32 takes under 2 minutes on most systems and that virus definition updates to its enterprise product come in increments of less then 24 kilobytes.
A final release of Eset's 2.x product series is expected to ship by mid September. Localized versions for Eastern Europe will be among the first to be released with an English language version following suit. Since Eset operates under a subscription pricing model, existing customers will receive the update free of charge.
Nod32 is available in non-English languages including: Italian, Polish, Portuguese, Spanish, German, Czech, Croatian and Hungarian for both the Windows and Linux operating environments.
Nod32 may be downloaded from FileForum.
Nod32 is the best antivirus, light, not memory hungry and effective.
They have version for all OS starting from DOS to Windows XP including xBSD, Linux all distro, Novell Netware and also a module for MS Exchange (5.5 to 2003) and Lotus domino.
The only bad point, if I have to find one, they didnt have an advanced centralized management software like Trend Micro or other recognized flagship antivirus.
Score: 0
|You are wrong, It IS called remote administrator and am using one almost one year.
http://www.nod32.com/products/ra.htm
Score: 0
|How about turning off Security Center service. Save some RAM from there. :-)
Score: 0
|kaspersky is much better for detection
Score: 0
|don't talk bs, nod32 has proved itself time and time again to be the best (and the fastest / lowest in memory usage). perhaps you need to look here http://www.virusbtn.com/...ducts.xml?kaspersky.xml and here http://www.virusbtn.com/...s/products.xml?eset.xml before spouting off.
Score: 0
|It is true delight to use this product. Just goes to show if Eset can keep up-to-date with windows service packs, why can't the others.
Score: 0
|I manually updated my NAV (which came with SW2004) on 8/10.
Since that time it has notified SP2's Security Center that it is functioning.
The weird thing, to me, was that after the update NAV recommended NOT enabling it's ability to notify other programs (Security Center) that it was enabled/installed - I ignored it's recommendation.
Score: 0
|We all know PC Magazine has a sure 20-year contract or something signed with Norton Antivirus, so they can guarantee all Norton Antivirus users won't be hurt by the fact their antivirus system is in the dark ages of detection.
Score: 0
|I'm not quite sure what "compatibility" with SP 2 implies in this article. Do they mean integration and cooperation with Security Center, or do they mean that the product continues to function as normal?
I have the free version of AVG on one of my computers and Norton on one of my others. Surprisingly--to me anyway--AVG cooperated nicely with Security Center, telling it that it is installed and up to date. However--equally surprising--Norton reports that it's installed, but it says its status is unknown. I wondered if it was because I hadn't performed a full system scan lately (I'm on dial-up, I'm careful, and I really don't think it's necesssary or worth the time to do one every week), but I did one anyway. Still said status unknown.
So, the big guy isn't quite cooperating, but the lesser known one works great. :-) At least that's my experience. In the mean time, I've told Security Center on my new computer that I'll monitor my antivirus product on my own for now so that it stops bothering me.
By the way, what's to stop some virus-like software from hijacking Security Center and, on people who don't have antivirus software/etc., from registering itself as an antivirus program and saying it's up to date? I haven't looked at what makes Security Center work yet, but I'm assuming antivirus programs register themselves somewhere and report their status, so what's to stop malware from doing the same? Off-topic, I know. I should ask this somewhere else. :-) But it's just a curiousity I have.
Score: 0
|Are other AV programs not supposed to work? My Avast is working just fine...
Score: 0
|Security Center is a key part of the Service Pack.
Score: 0
|Throughout the SP2 beta process, Windows did not recognize that Symantec was running. However, due to changes in the final build of SP2 or the Live Updates that occured after the SP2 installation... the Security Center recognizes the virus software.
Score: 0
|symantec has an update available to fix the issue
Score: 0
|Not exactly...
I disabled mine and XP runs better.
NOD 32 kicks ass. I'm sold.
Scrmr
Score: 0
|The best way to fix Symantec issues is to uninstall it.
Scrmr
------------
Symantec-free zone
Score: 0
|The next version of NOD32 comes very close to Kaspersky's detection rate if it is configured properly(advanced heuristics activation), but no antivirus in the world is better than Kaspersky; the current one closest to Kaspersky is F-Secure which uses the Kaspersky engine among others. Kaspersky uses an advanced heuristics engine which is able to detect 90% of the unknow mallware and was the only antivirus in the world to detect loveletter(Symantec struggled for hours) without any signature update. It didn't score 100% for all Vbulletin tests because if an antivirus has any false positives, it automatically fails the test; rest assured, Kaspersky never detected less than NOD32, on the contrary. The records reported by Kaspersky are not equal to the number of known viruses; a record represents a signature needed to detect a virus all the other viruses with similar code up to a level where a new virus code requires a new record due to its major difference from the initial signature and so on.
I subscribe, Symantec is something like a Microsoft of security; many people use their products because the think that Symantec's products are the best, but in fact they no nothing about quality security products.
NOD32 is my favorite antivirus and it has became an integrated part of windows; I never had to unload it from memory and I recommend it to everyone. NOD32 got 28 vbulletin 100% awards, but that means very little to me.
Score: 0
|er, an av product doesn't gain any 'brownie points' for false positives. guessing more things are viral doesn't make it better. quality over quantity etc.
oh, and please substantiate your kaspersky and f-secure 'detection rate' claims.
Score: 0
|I said that NOD32 is curretly almost as good as Kaspersky(in terms of detection), but in the future(final version of the current beta) it will be better than Kaspersky because advanced heuristics will be available for all modules and because of the low system resources required to run, when Kaspersky takes up to much resources which could be used when running demanding applications and games(we'll se how much has Kaspersky optimized KAV Personal Pro 5 which will be out in september). My bet is that KAV will not be able to keep up in terms of performance despite its good detection rate.
Don't try F-Secure because it's not as good as Kaspersky despite its use of the KAV engine and it eats a lot of system resouces.
Score: 0
|The "code analyzer" option in KAV means it will detect at least 90% of all unknown viruses; KAV scanner can be started in the command line(modify shortcut) with the parameter -redundant (the swiss version has this option in the interface) which will enable an in depth analyzis mode in which KAV can detect almost all unknown malware, but the scan process will slow down considerably; in the new SP2 compatible version, NOD32 includes an "advanced heuristics" option(currently available only for "internet monitor" module) and an in depth analyzis mode which is equivalent to KAV's redundant mode, but a lot faster. NOD32 was not always as good as it is now; I hope Kaspersky Labs will do something to optimize KAV because there has to be an alternative to NOD32 and no product except KAV can be a competitor. If somebody has Norton, please set bloodhound to high and see if you have any false positives :) By comparition, NOD32 with deep heuristics(no adv heuristics - this is only available in the new version) and KAV with code analyzer(no redundant mode) will only give false positives for processes which are directly accessing/modifying the system resources in a potentialy dangerous way where Norton gives false positives for many normal windows processes. I belive false positives is acceptable instead of no detection of unknow malware, but Symantec is exaggerating with this.
Score: 0
|i appreciate the lengthy reply but you haven't given any objective evidence, it is still only your subjective opinion that one is better than the other.
Score: 0
|