NOD32 Antivirus 10.0 HIPS Test (Catastrophic failure)
Ғылым және технология
NOD32 was hugely requested and to my surprise, it was absolute and total letdown. Not only it failed after FIRST executed sample, the HIPS component did exactly NOTHING through the entire test. It hasn't done anything for ransomware samples either. Granted, I don't know NOD32 in depth as much as I do avast! (and many others), but in this case, either HIPS component heavily relies on Real-Time part or it was really this bad. In which case, it is annoying to have a toggle for separate functions which later don't work at all without any disclaimer or notification about potentially limited protection. I mean, during tests, I sometimes disable real-time components of my AV, but I want to be sure on-execution, HIPS or behavior blocker components still protect me in case I by mistake somehow execute test samples on my host system. In case of NOD32, things would end up pretty badly, where in case of AVG, Kaspersky and Bitdefender, that wouldn't be the case as their proactive components work fully independently and also highly efficiently. I know ESET is pretty strong on file heuristics, but they really have to send their HIPS component back to the drawing board...
Version used in this test was: NOD32 Antivirus 10.0.369.0 (fully updated before the test)
Пікірлер: 7
First of all, real-time protection is fundamental for HIPS to receive information about operations that are performed at the file system level. Otherwise HIPS will not react to file-based operations that are performed either by legitimate applications or threats. Other HIPS-based modules, such as Advanced memory scanner (heuristic detection of malware running in memory), Exploit Blocker and Ransomware protection will not work either or will be substantially limited in terms of functionality and effectiveness.
Not everyone can perform HIPS test. Especially only HIPS components of an Sophisticated antivirus like NOD32. I have tested it on my real machine & used this antivirus for quite a while. Believe me the HIPS module is quite good, in fact one of the best in the wild. First, you should train the HIPS module of NOD32 in training mode. If you have trained it, this wouldn't have happened. Second, after training it with normal usage of windows (clean, not infected), then put it in interactive or policy-based & enjoy the prompts & rest of the test without making the machine unusable. Third, smart & auto modes ARE made to work along side with real-time protection. The real HIPS is interactive & policy based which should be tested after training it a while. Can't take this seriously. Not a real HIPS test.
@TheHobbitmann
7 жыл бұрын
kaspersky is better
@XX-121
5 жыл бұрын
@@TheHobbitmann how so? and to repeat what @Marcos said, he is testing with REAL TIME PROTECTION OFF!!!! what a joke. ESET rulez.
@TheHobbitmann
5 жыл бұрын
@@XX-121 Behavior bloquer is on. TEST FAILED you are idiot
@TheHobbitmann
5 жыл бұрын
@@XX-121 Eset suck
is you're not using real-time protection then this video is a complete waste of everyones time!!! shame on you.