# Forum in English  > Computer security: software  > AntiViruses, Anti-Adware / Spyware / Hijackers  >  Nod32 Version 3.0.566.0 & above

## Ultima Weapon

Im testing out nod32 version 3.0.566.0

What do you think?

Your opinion on this?

----------


## XP user

> Im testing out nod32 version 3.0.566.0
> 
> What do you think?
> 
> Your opinion on this?


Nice, light, good detection. All parameters of a good product are present, except for strong self-defense.

P.S.: Please do NOT post logotypes, photos, statistics, and other stuff that is used by the vendors to advertise their products. Thank you.

Paul

----------


## ScratchyClaws

> Nice, light, good detection. All parameters of a good product are present, except for strong self-defense.
> 
> P.S.: Please do NOT post logotypes, photos, statistics, and other stuff that is used by the vendors to advertise their products. Thank you.
> 
> Paul


I agree with Paul,
but you can post short description from the official site and your own expiriennce. If you tried different tests - you can post the result or mention how this product passed certain test (if the test was posted somewhere in our forum)

----------


## MAPKOBKA^^

I think NOD was right to ditch the very confusing AMON IMON EMON Etc because that was quite confusing. I think their self defense needs some bolstering, though, as Paul has said.

----------


## Ultima Weapon

According to AV Comparatives Nov 2007 Proactive test (A test against the unknown threats)
http://www.av-comparatives.org/
It top the proactive test at 71% 

I did some research on NOD32 heuretics & this is what I found out. 

Heuretics
*
It uses both  
1) Static Heuretics-Heuristics in Antiviruses also scans the code for generic code structures that might indicate malicious behavior to detect totally unknown forms of malware.

2)Passive Heuretics- This involves the use of emulation to trick the malware into running in a virtual system or emulates part of the code so it can defeat polymorphic or encrypted/packed malware but to a very low degree compared to other methods* 

It may have best heuretics after all. But its signature detection is just mediocre.

----------


## Sjoeii

That will always be a big flaw with ESET. Sig detection medior but heuristics will always be very good. Curious to see what this new engine can do

----------


## Ultima Weapon

> That will always be a big flaw with ESET. Sig detection medior but heuristics will always be very good. Curious to see what this new engine can do


Here is my answer why nod32 missed on new threats & now does not do well on other tests.!!!
*Why Heuretics is not enough against the next generation of mallware!!! * 

1)Signature Detection would always be the best & the most reliable detection. Kaspersky & Bitdefender updates their signature every hour & every two hours. Nod32 only updates it every 1 or 2 days. Eset lab workers also rest on weekdays. While kaspersky & Bitdefender work overtime even on weekdays.

2)Next generation of mallware like Metamorphic & Polymorphic & Retro or also known as Antivirus or Firewall killer Virus, Stealth Trojan horses, rootkits, new spywares, & keyloggers. can mask, alter their code partially or completely and use some sort of cloaking to avoid & bypass heuretics. This can be handled by suspicious behaviour detection used by most antispywares , antimallwares & very few antivirus. It can also be handled by signature detection & to a lesser degree packer/cryptor detection.

3)Packed & Crypted mallware uses packing or crypting. Packing is kinda like windows installer, not compression actually but mallwares is packed with lot of innocent files to avoid detection. Crypting is packing with encryption, a higher form of packing. These can be countered the most with packer/cryptror detection then signature detection & to a lesser degree suspcious behavior detection & to a very low degree dynamic heuretics.


*Heuretics is getting outdated now & sadly less effective against new mallware .Let just say some mallwares are one step ahead of heuretics*

----------


## Sjoeii

I don't see why these bloathed pictures contribute anything, but if you are happy.....

----------


## Ultima Weapon

> I don't see why these bloathed pictures contribute anything, but if you are happy.....


I think they do pls check the packing methods picture, you will get what packing techniques used by mallwares today.

----------


## vdk008

Hi,

Kindly tell me about Quick Heal Total Security 2008 software....

----------

