ESET NOD32 ANTIVIRUS 10 Pros
- Independent labs along with other similar malware tests have shown that ESET NOD32 ANTIVIRUS 10 is a good performer on malware tests
- Its Host Intrusion Prevention System is very effective in blocking exploits during tests
- Scan speed is great
- Has a device control feature
- Lots of effective extra features
ESET NOD32 ANTIVIRUS 10 Cons
- Doesn’t score well on anti phishing tests
- The Device control feature isn’t a simple feature. Beginner users will have a hard time in grasping it.
ESET NOD32 ANTIVIRUS 10 Bottom Line
ESET NOD32 ANTIVIRUS 10 manages to score good marks in most of the independent lab tests.
It also scored good marks in malware tests.
ESET NOD32 ANTIVIRUS 10 has a fast scan system that can rival its competitors when it comes to speed.
ESET NOD32 ANTIVIRUS 10 Full Review
Not all antivirus products are created the same.
Some have more brand recognition than others.
One of the reasons for that is some of the popular antivirus products come pre-installed on many branded computers.
And there is little doubt about the quality of McAfee and Norton antivirus products.
But that doesn’t mean there aren’t any other great antivirus products.
Many antivirus products, though great, don’t get to have that much recognition from the industry.
In other words, they aren’t as well known as Norton and McAfee even though they are as good as both of these antivirus products.
ESET, as a company, claims to have more than 100 million users.
Despite that, ESET NOD32 ANTIVIRUS 10 isn’t a name you come across too often when searching for antivirus products.
And that’s unfortunate.
ESET NOD32 ANTIVIRUS 10 is more than just a dandy product.
It performs full system scans faster than many other top antivirus products.
Moreover, it scores pretty well on most independent lab tests.
It manages to score impressive marks on many other malware tests as well.
To use ESET NOD32 ANTIVIRUS 10 on a single PC, you will need to pay around $39.99 per year.
This is as close to the industry average as one can get.
There are dozens of other good antivirus products that offer their services for the same price.
The only notable exceptions are G Data and F-Secure Anti-Virus both of which allow users to have three licenses for the same price of $39.99.
If you want to sign up for three licenses with ESET NOD32 ANTIVIRUS 10 then you’ll have to shell out $59.99.
Pay that price for McAfee and you can install McAfee Antivirus Plus on all your devices.
First, the ESET NOD32 ANTIVIRUS 10 checks your computer system for any conflicts.
It then moves ahead to download the latest version of ESET NOD32 ANTIVIRUS 10.
While the installation process goes on, the user has to select is ESET should also a feature which detects applications that the user may find potentially unwanted.
In order to fully review a product, one has to enable these kinds of features.
The first thing that a user must always do after installing an antivirus product is to launch a full system scan.
That can give a pretty good indication on how good the antivirus product is.
The main antivirus window has a lot of whitespace when compared to other antivirus products.
There is a rather huge ESET image there as well.
The image takes the form of cyborg mascot that has blue eyes.
If the user wants to perform an update or launch a system scan then the user can use the menu on the left-hand side.
There is also a pair of large panels which are blue in color and exist right at the bottom of the main window.
If ESET NOD32 ANTIVIRUS 10 detects that there is a problem with the user’s configuration, then it changes the color of the security banner from green to red.
If ESET NOD32 ANTIVIRUS 10 calculates that something requires user attention then it will show a number right next to the relevant item on the menu.
Usually, the antivirus product will use this feature to show you the results of a completed system scan.
ESET NOD32 ANTIVIRUS 10 Quick Scan
As mentioned before, ESET NOD32 ANTIVIRUS 10 is quick when it comes to system scans.
ESET NOD32 ANTIVIRUS 10 comes with a full system scan and a custom scan.
Users can configure ESET NOD32 ANTIVIRUS 10 to perform a customized scan as well.
The customization options allow the user to scan which network or local drives the user wants to scan.
The user can also select whether the antivirus product should scan operating memory and boot sector.
Users should expect the full system scan to take around twenty minutes or slightly more depending on the user’s system.
This effectively puts ESET NOD32 ANTIVIRUS 10 among the fastest antivirus products when it comes to scans.
The average scan time for most antivirus products in the industry is around forty-five minutes.
If the user wants to perform further scans, then ESET NOD32 ANTIVIRUS 10 saves time by not scanning programs that the antivirus product has already marked as safe.
As mentioned before, this can reduce scan time even further.
Expect your repeat scan to take just a shy over thirty seconds.
Most of the reputed independent labs include ESET NOD32 ANTIVIRUS 10 in their antivirus evaluations.
As mentioned before, ESET NOD32 ANTIVIRUS 10 earns a solid score from almost all of them.
AV-Test Institute is a pretty well-known independent lab and in its latest report it has awarded ESET NOD32 ANTIVIRUS 10,
- Five points in the Protection category
- Five points in the Performance category
- And another five and a half points in the Usability category
That takes ESET NOD32 ANTIVIRUS 10’s total to fifteen and a half points.
This score is without a doubt decent.
But it doesn’t earn ESET NOD32 ANTIVIRUS 10 the top spot when it comes to top antivirus products.
Because competitors like,
all score a perfect eighteen for the same testing samples.
The real world though, is tough.
And that’s where we look at another testing lab.
Simon Edwards labs awards antivirus products certifications at five different levels.
They are as follows,
ESET NOD32 ANTIVIRUS 10 earned a solid AAA on Simon Edwards lab tests.
Other antivirus products that earned the same include,
Virus Bulletin carries out its Reactive and Proactive, RAP, tests regularly.
It gave ESET NOD32 ANTIVIRUS 10 a score of eighty-five percent.
This score beats the current antivirus product average.
More Lab Results
AV-Comparatives carries out many antivirus tests.
Among all of them, about five are worth following.
AV-Comparatives assigns each antivirus product that passes its tests a Standard certification.
Antivirus products that score more than the minimum required earn an Advanced + or Advanced certification.
ESET NOD32 ANTIVIRUS 10 managed to score two Advanced+ ratings and three Advanced ratings.
This makes ESET NOD32 ANTIVIRUS 10 a great performer at AV-Comparatives.
Its competitors such as Bitdefender and Kaspersky managed to score Advanced + rating in all five of the lab’s tests that we follow.
MRG-Effitas researchers also carry out a lot of antivirus tests.
They are a bit different from all other independent lab tests.
In other words, it has a pass/fail grading criteria.
On the lab’s banking malware test, most of the antivirus products fail.
The lab also has a comprehensive malware test.
Most of the antivirus products fail that too.
And ESET NOD32 ANTIVIRUS 10 failed both.
The lab does not distinguish between an antivirus product that absolutely fails its tests and another antivirus product that marginally fails the passing grade.
Hence, we can’t give MRG-Effitas too much weight on the aggregate score.
The only good antivirus products that passed both MRG-Effitas tests are,
- Norton Antivirus
- Kaspersky Anti-Virus
We think ESET NOD32 ANTIVIRUS 10 deserves an aggregate score of 8.8 out of a possible 10.
This score is good.
But we do have four more products that score higher than this.
Very few antivirus products can pass hands-on malware protection tests.
That is why it is very important to see each antivirus product in some real world action.
To do that, one has to use a malware sample collection folder.
Our research for this ESET NOD32 ANTIVIRUS 10 review shows us that when ESET NOD32 ANTIVIRUS 10 comes up against a malware folder, it quickly begins to eliminate the malware samples it recognizes.
It does that via its real-time scanner.
NOD32 doesn’t annoy users with multiple pop up notifications for each detection.
Instead, it stacks all the notifications and shows them in a single pop up notification.
It also gives the user an option to get rid of or dismiss a single item and/or all shown items on the list.
Our research for this ESET NOD32 ANTIVIRUS 10 review shows that NOD32 can wipe out up to sixty-eight percent of all malware samples in the collection folder, on sight.
Avira has a similar percentage.
The only problem with Avira is that it can take a long time to wipe out malware samples that are static and never-launched.
On the other hand, Trend Micro Antivirus+ Security can climate about ninety-four percent of all malware samples even at this early stage.
This percentage is obviously pretty impressive.
Slightly Tougher Test
One has to test antivirus products not only against standard malware samples but also modified versions of the same malware samples.
To do that, one can do lots of things like,
- Changing file names
- Appending null values in order to change their file sizes
- Tweaking the standard values with a few non-executable bytes.
If the antivirus product under testing misses the majority of these malware samples, then that indicates that the antivirus product under testing doesn’t have a dynamic signature system.
ESET NOD32 ANTIVIRUS 10 surprised us in this round of testing.
It wiped out five modified malware samples of the originals that it did not catch the first time around.
This only points to the fact that NOD32 uses some kind of heuristic detection methodology to wipe out malware samples.
NOD32 eliminated the five modified samples even before they could come around and execute themselves.
NOD32 also almost caught all surviving malware samples after launch.
Overall, NOD32 registered a detection rate of ninety-seven percent.
This matches Trend Micro and Norton.
Hence, NOD32 gets a score of 9.5 out of a possible 10.
The best antivirus product in this category is Webroot SecureAnywhere AntiVirus which has the top spot tightly secured with a perfect score of ten points.
What’s the best time for an antivirus product to stop any malware attack?
The answer is obvious.
It is before the malware attack reaches the user’s computer.
And hence we think all antivirus products should pass this test.
To do that, one has to take malware-hosting URLs and then launch them in a web browser.
Moreover, to make the test more concrete, one has to perform a hundred of these.
Then, one has to take note if each URL extracts a response from the antivirus product.
Good antivirus products prevent all access via the browser.
Some can eliminate the malware payload while the user is downloading it.
Others do it after the user has downloaded the malware payload.
Bad antivirus products completely miss the malware payload or malware attack.
NOD32 protected the user by steering the web browser away from these malicious URLs a good forty-six percent of the times.
Moreover, NOD32 identified most of these malicious URLs with a warning message.
This message, with red borders, warned the user about some dangerous content.
But in some cases, NOD32 used a warning message with yellow borders.
This indicated that the URL had an uncertain reputation and could have potentially undesired content.
NOD32 also caught another forty-three percent URLs at other points while the download process had not finished.
In some cases, NOD32 cut off the download before it could even start.
It whacked other URLs the moment they finished their download.
NOD32 also flagged these downloads as threats.
DUring some cases though NOD32 only popped up a notification window saying that NOD32 had detected a potential malware threat.
And then asked the user for permission in order to delete it.
That makes NOD32 combined detection percentage around eighty-nine percent.
This percentage is really good.
But, there are multiple antivirus products which have scored higher percentages.
Of course, we are talking about,
- Norton with ninety-eight percent detection
- Avira Antivirus Pro with ninety-five percent detection and protection.
What is phishing anyway?
Here is a scenario:
A user clicks an email link in order to check a problem with his/her PayPal account.
And he/she doesn’t give proper attention to the address bar of the web browser.
The web browser’s address bar shows which URL the visitor is actually visiting.
However, our user, in this case, doesn’t verify if the browser is using the real PayPal URL.
Hence, the user ends up giving up his/her PayPal password and other credentials to hackers via that fake website.
The fake website is what the community calls a phishing website.
Fraudsters around the internet troll online users and turn them into victims by uploading and operating fake sites.
Usually, they make fake copies of well-known websites of industries such as,
- Email services
- Online gaming
And once these fraudsters have earned a bunch of money from their victims, they absquatulate.
And they make sure they do that before their fake site shows up in online anti phishing blacklists.
How to Test For Phishing?
The only way to really test an antivirus product is via phishing URLs.
A good antivirus product has to detect these.
To perform the test, one has to use the freshest possible set of URLs.
They are usually available online at various resources.
Why not just use the sites that are present on the various blacklists?
Because, by then, it is too late.
Fraudsters might have already made off their money and shut down the website.
Hence, one has to test the antivirus products with fraudulent websites that are reported as such but no one has analyzed them yet.
Then, one has to compare the test antivirus product’s detection rate.
With four other anti phishing online systems.
And one has to do that simultaneously.
Other Four Setups
- One of those setups has a Norton Antivirus Basic protecting a web browser from phishing attacks.
The reason for using Norton?
Norton has the highest detection rate of any antivirus product when it comes to phishing URLs.
- The other three setups should rely only on the web browser’s built-in anti phishing features.
The browsers we recommend are Internet Explorer, Firefox, and Chrome.
There aren’t many security products that can match Norton’s phishing URL detection rate.
And even fewer products can manage to score higher than Norton.
The only other antivirus products that have beaten Norton at detecting phishing URLs are,
- BitDefender Antivirus Plus
In other words, if an antivirus product comes close to Norton’s detection rate, then it is probably very good.
The previous version of NOD32 managed to lag behind Norton by eight percentage points.
Here is the problem with phishing URLs:
They change on every test.
And we have no doubt that the latest round of these phishing URLs proved themselves as even more difficult to test.
Why do we say that?
Because our research for this ESET NOD32 ANTIVIRUS 10 review shows that all three web browsers along with NOD32 missed a good number of phishing pages.
And these phishing pages quite visibly looked fraudulent.
This time around, NOD32 managed to score way lower than Norton.
In other words, it came out 32 percentage points behind NOD32.
But it did do better than all the web browsers we tested.
Host Intrusion Prevention System
ESET also has some security suites as products.
Those come with network protection and firewall features.
The interesting thing is that ESET also offers the same features with its stand-alone antivirus programs.
One of those features is the Host Intrusion Prevention System.
This is a new feature that ESET has included in the latest version of ESET NOD32 ANTIVIRUS 10.
It protects users against script-based cyber attacks.
How To Understand This Component?
To test for this feature, one has to put ESET NOD32 under CORE Impact generated exploits.
Core Impact has a penetration tool that can test antivirus products with exploits.
NOD32 did not block any of the generated exploits at the network level.
But the Host Intrusion Prevention System did detect and then block many of drops, in the form of malware payloads, that came from these exploits.
We are happy to report that not a single exploit cracked NOD32’s security.
Because NOD32 protected a fully patched test system.
NOD32 also managed to detect the majority of these malware attacks.
It also managed to identify the majority of these exploits by their specific number.
A score more than fifty percent may not sound good but consider the fact that NOD32 beat Kaspersky’s score.
Kaspersky Internet Security only blocked half of these exploits.
Other antivirus products like Bitdefender did not even block fifty-percent of these exploit attacks.
Again, Norton is the king here.
It can fight exploits to the death.
In other words, it managed to prevent a mammoth sixty-six percent of the exploit attacks.
And it did that at the network level.
With Norton on board, exploits could not even sneak their malware into the test computer system.
Device Control isn’t a feature that you would see in too many security products that are aimed at home users.
It is basically a feature for businesses.
And it has two main purposes.
One is to block any exfiltration of the company’s sensitive data to external drives which are unauthorized.
The Device Control feature also foils any USB-based malware cyber attacks.
It simply prevents any use of external devices which are not authorized.
Quick Heal has its Data Theft Protection feature which allows users to block all external device use.
It can also force the machine to only open external drives in read-only mode.
Moreover, users can set the Data Theft Protection feature to authorized USB drives only.
It doesn’t whitelist any authorized devices though.
In other words, the user has to input the administrator password every time he/she wants to insert an external drive.
Avira too has this Device Protection feature.
In that, users can actually blacklist and whitelist specific external device.
Moreover, users can use password-protect settings.
This way, no unauthorized user can change the lists.
However, the problem with this setup is that even with the password protection turned to on, any given user can whitelist any new or old unknown external drive.
TrustPort Total Protection and G Data Total Security provide users with more advanced device control features.
And they can block unknown external drives in the proper manner.
What About NOD32 Device Control System?
It is elaborate.
Let’s start with that.
It allows users to create a variety of rules for a variety of devices.
It supports devices such as,
- Bluetooth devices
- Imaging devices
- Card readers
- Traditional external devices
NOD32 Device Control system can come up with rule sets and corresponding actions for each device type.
It can also do the same for a group of devices or individual devices.
What are those actions?
Well, NOD32 Device Control actions include,
- Block device usage
- Open the device in read-only mode
- Allow a device full write and read privileges.
Users can also set the Device Control feature to warn other users with a message.
This message would tell the user who tries to mount a device onto the system that the system will create a new entry for each insertion in the log.
Then, it can provide that same user with an opportunity to fully cancel the USB insertion attempt.
Users can set the Device Control feature with a rule that bans all devices which are actually external disk storages.
Then, the user can also set a rule or rules, which permit access to authorized and/or specific devices.
Users can also allow a device access to the system with a specific brand name, vendor name, serial number and/or model.
There is also a button that users can press to bring up a full list of attached external devices.
This gives the user all the necessary information he/she may need.
NOD32 Device Control feature also allows for different rules for different system users.
But this option has an awkward process.
Users have to click Select Users or Groups option which comes as a dialog from WIndows.
A more user-friendly method for selection is required.
We have already mentioned the fact that NOD32 is basically a consumer product.
But ESET does have a different product line for all those businesses as well.
Some tech-happy users will also appreciate the fact that they can set up Device Control on their systems.
WIth Device Control, parents can ban children from connecting malicious external devices to their computer machines.
Most of the users though, will want to leave the Device Control feature to DISABLED.
ESET NOD32 ANTIVIRUS 10 has a Tools page.
And you can use this page to examine what ESET NOD32 ANTIVIRUS 10 has done for you so far.
In other words, it shows you protection statistics with the help of charts.
You can know the number of files NOD32 has examined.
And how many of those files it found as infected ones.
It can also show you how many it cleaned with success.
Users can also view malware detection logs.
The Tools page can also show you Host Intrusion Prevention System events.
And much more.
If you like to dig deeper into the quarantine zone then you can in order to see more viruses or even malware types that NOD32 caught for you.
The Tools page also has options that average users should stay away from.
If the user wants to, then he/she can call in a tech support agent.
That agent can engage with the user’s machine via a remote-controlled troubleshooting session.
For that agent, NOD32 provides a means of listing all running processes.
It can also list the processes’ prevalence.
ESET uses its LiveGrid system, to list the prevalence of processes, which is cloud-based.
The Tools page can also show a live graph of all file system activity.
This can help the agent to solve a user’s problem.
This is one ESET NOD32 feature that we think all users should try out.
SysInspector is a separate program though.
It logs details about a user’s computer machine.
Details such as,
- Critical Registry entries
- Important system files
- Active services
It can also compare two previously generated logs.
Then it can report to the user of the changes between the two.
Users should first run it when they want to establish the ideal baseline i.e when the user’s computer is working in perfect condition.
Then when the user encounters a problem, then he/she can save a lot of time by concentrating on only those entries that changed from the earlier log.
This can cut down troubleshooting time by a lot.
Or, the user can simply call a tech support agent, and he/she can do the same but via a remote session.
Of course, the user must create the baseline first in order to assist the agent in solving his/her problem quickly.
As far as independent lab testing goes, ESET NOD32 ANTIVIRUS 10 is more than good.
It has earned high marks in most of the malware tests.
As indicated earlier, it has a fast system scan.
In fact, ESET NOD32 system scan is one of the fastest in the industry.
That alone makes ESET NOD32 ANTIVIRUS 10 worthy of your consideration.
If you like to get dirty configuring your security products, then perhaps ESET’s Device Control feature is for you.
But there are other better antivirus programs out there in the market.
There are lots of other options but the top five options are as follows,
- BitDefender Antivirus Plus
- Kaspersky Anti-Virus for its better independent lab scores
- McAfee AntiVirus Plus because users only have to pay once and install it on an unlimited number of devices
- Webroot SecureAnywhere Antivirus because it is the best performer at malware tests and is the lightest antivirus in the market.
- Symantec Norton AntiVirus Basic which has a powerful Intrusion Prevention feature and a password manager.
It also has a top notch antivirus protection system.