Date: June 18th, 2003
I reviewed ESET’s NOD32 back in December 2001 and found it to be a first-rate antivirus program that offers several levels of superior protection and was easy to use. It had a few minor quirks and needs for improvement such as a small performance hit, a tricky to set up email scanner, no outgoing email scanning capabilities, and no scheduled scanning. So when I saw that ESET just officially released version 2 of NOD32, I was curious to see what was new in this version and whether those quirks and improvements were addressed.
NOD32 is available for Windows 9x, ME, NT4, 2000, and XP. I installed NOD32 2.0 on my Dell Inspiron 8500 laptop with a 2.2 GHz Pentium 4 Mobile CPU, 512MB RAM, a 5400RPM hard drive, and running Windows XP. The installer had more than doubled in size to 6 MB from the 2.5 MB of the original version. The manual is still a separate download in PDF format, but the online help is very good. Installation was clean and simple, including a wizard to configure various program operating parameters (depending on the type of setup mode you choose).
After installation, my first stop was the control center by double-clicking the NOD32 system tray icon. I was pleasantly surprised by probably the cleanest and most easy-to-use program interface I have seen in a long time.
So simple, so elegant, so efficient. A more graphical view that adds a barf-green teal skin is optional but does not provide any additional functionality or value. Clicking an option in this menu opens a corresponding panel with the appropriate options. For additional security, program settings can be password protected.
Just like its predecessor, NOD32 version 2 consists of three main modules. AMON (Antivirus Monitor) is the resident on-access scanner that checks all accessed files in the background.
IMON (Internet Monitor) is the email scanner part. Unfortunately, it still monitors only incoming email, not outgoing. However, this module has shown some drastic improvement as it is now seamlessly integrated and requires no configuration by the user to make it work.
The third component is the on-demand scanner that is just a right-click away. The scanning engine is impressively fast. For example, it scanned the laptop hard drive containing 12 Gigs of over 40,000 files including a fair number of Cab and Zip files in 5 minutes and 18 seconds.
The on-demand scanner can also be accessed from the command line using a number of command line switches that are properly documented in the online help.
NOD32 includes an automatic update feature that checks at scheduled intervals for both virus database and program updates as frequently as every hour and can automatically download and install them. Both updates are free during the annually renewable license period. Should you decide to switch to a different operating system during your license period, you can even download the version of NOD32 for that OS instead at no additional cost.
It also contains a scheduler to automatically run tasks such as update downloads and log file cleanup at regular intervals. This includes now the ability to scan the system at configurable intervals.
Does it work?
As I explained in my first NOD32 review, the main purpose of antivirus software is to identify and block viruses and trojans that are circulating in the wild. It doesn’t matter which virus software can recognize “the most” viruses, or whether it detects all viruses in a test collection consisting mostly of non-functional viruses, viruses that haven’t been in circulation for years, or artificial viruses that were created solely for testing purposes. Neither does it matter how many copies the software has sold or how many companies are relying on its protection. Antivirus software only works if it can deal with real-life viruses that make their way into your inbox, your browser, or your network right now.
Virus Bulletin magazine is a technical journal on developments in the field of computer viruses and antivirus products. For years now, VB has been testing numerous antivirus software on a monthly basis. VB gives its VB100% award to products that that detect all “In the Wild” viruses during both on-demand and on-access scanning in their test. More details on what this award is all about can be found at http://www.virusbtn.com/100/whatis.html.
The WildList – http://www.virusbtn.com/WildLists/ – that is used to test the antivirus programs is a cumulative list of viruses that are active and in circulation as reported by 64 virus information professionals, therefore representing a real-world environment of virus threats that any antivirus program should be able to deal with effortlessly.
What’s really interesting are the comparative results of the VB 100 tests as you can see at http://www.virusbtn.com/100/vb100sum.html. This statistic shows how many times an antivirus program was submitted for testing, how many times it succeeded to detect all “In the Wild” viruses during both on-demand and on-access scanning, and how many times it failed.
It’s interesting to see that not a single program was able to take care of all viruses any time it was tested. But the scary part is to see the success ratios of the programs tested. NOD32 stands out with an impressive result of 22 VB100% awards out of 25 times it has been tested. That makes it by far the most reliable antivirus software in this round-up. Other known software like PC-Cillin, AVG, Panda, McAfee, etc. look pretty pathetic in comparison. Of course this is only one possible test scenario of many, and it is not the ultimate test, but it is a very good and realistic representation and gives a good indication of antivirus software capabilities.
After running on my laptop for a few weeks, NOD32 has been rock solid and flawless. It runs inconspicously in the background without any noticeable impact, no crashes, conflicts, or any other failures.
Reading through the online help I found a section about what a user can do when he finds a virus or a suspicious file. ESET has a special email address where such files can be sent for analysis. The manual states: “After the submitted file has been completely analyzed, it can be returned to you clean, or deleted.” My question: How do you return a deleted file???
NOD32 has profiled itself over the last few years as the best virus scanner out there. Its virus detection capabilities are unmatched for both known viruses as well as unknown viruses thanks to the strong heuristic capabilities, backed up by the quality work of its virus lab and their fast releases of virus definition updates for new viruses.
What greatly impressed me with this new release was the fact that they took a great program and made it even better. Almost all areas of improvement I mentioned in my last review were covered, demonstrating the tireless work of ESET and their dedication to the product.
The result: NOD32 is the best virus scanner, easy to use, and performs reliable and flawlessly. That makes it the virus software of my choice – period.
Submitted by: Alex “crazygerman” Byron