Friday, November 9, 2018

ESET NOD32 Antivirus

Bratislava-based ESET was founded by a group of friends some 25 years ago to market their NOD antivirus software. These days it has a broad portfolio of products covering all the major platforms, and is used by 100 million customers all around the world.

ESET NOD32 Antivirus is the company's baseline product. It's far more focused on the core antivirus task than some of the competition – there's no file shredder, password manager or other bonus extras – but that doesn't mean the package is short on features. If anything, it has more than most.

There's real-time malware protection, of course. A cloud-based file reputation service helps you quickly detect the latest malware, while an antiphishing module detects and blocks scam websites.

ESET NOD32 has extra layers to block exploits, protect you from ransomware, and detect attacks using PowerShell and malicious JavaScripts.

A Device Control module limits the risk of infection from other devices by controlling access to USB sticks, external hard drives, optical storage media, even devices connecting by Bluetooth and FireWire.

New features include an UEFI scanner to check for malware in your PC's firmware. There are new tools to manage your ESET licenses, and a referral program gives you an extension in your trial license for everyone they can get to install and run the software.

If all this power somehow isn't enough, you're able to adjust how the package works with the help of more than 150 profile settings.

ESET NOD32 is priced at $39 (£30) for a one PC, one-year license. That's fairly typical for a premium package - Bitdefender's Antivirus Plus costs the same - but there are marginally better deals around. Kaspersky Antivirus is currently $29.25 (£22.50) for the first year, for instance, and $32.50 (£25) on renewal.

Product Range

If you've several systems to protect, steep discounting makes ESET look much better value. A four computer, three-year license costs only $130 (£100), for instance, or $10.83 (£8.33) per device year.

If you're looking for that kind of multi-system license, though, also consider ESET Internet Security. It adds many security suite features – a firewall, antispam, parental controls, webcam protection, more – but is only fractionally more expensive, with its four computer, three-year license costing $144 (£115), or $12.45 (£9.58) per device year.

Setup

Setup

ESET NOD32 is available in a 30-day free trial. We had to provide our email address to activate it, but otherwise the installation ran smoothly, downloading and installing the main ESET NOD32 package, automatically updating itself and running an initial scan.

Checking the installed files revealed no great surprises. They were well-organized and digitally signed, grabbed a reasonable 650MB of hard drive space, and the core of the package added only a couple of processes to our test system, using barely 100MB of RAM in total when idle.

If you're the type who likes to fine-tune your security, you might like to spend some time browsing ESET NOD32's settings, which give you a huge number of tweaks and options.

Another antivirus might allow you to turn email scanning on or off, for instance. ESET allows you to choose which email clients to integrate, which emails to scan (received, sent), which protocols to monitor, what to do when a threat is detected (ignore it, delete it, move it to your choice of folder), and more.

Even if that sounds like the kind of low-level geekiness you'll never use, don't ignore it entirely. If an odd bug or conflict is causing a major ESET NOD32 issue on your system, having the ability to apply system tweaks like this could be key in troubleshooting or even fixing the problem.

Features 1

Features

ESET NOD32's interface looks a little cluttered, at least initially, with all its status information, buttons, sidebars, links and more. It takes a while to learn the basics, for example that clicking Computer Scan takes you to the Scan page and waits for you to decide what to do, while clicking Scan Your Computer launches a scan immediately.

Once you figure out the rules, though, the program works much the same as any other antivirus. You can launch a general scan with a click, or run quick or removable drive scans. There's also a powerful option to build custom scan types which examine your chosen locations, and use the scanning rules you prefer.

Scan types

This flexibility continues almost everywhere you look. Right-click a file in Explorer and ESET NOD32, like everyone else, gives you the option to scan it in the usual way. But you can also check the file reputation to find out more about it; scan the file without cleaning it, just to get an immediate verdict; or manually quarantine a file even if it's not been flagged as malware, a very useful way to safely archive a file you're concerned about.

Whatever scan method we chose, scanning times were fast, particularly after the first run when ESET's Smart Scan ensures that only changed or new files are checked. Detection rates were good, too, with the program picking up all our sample threats, and not raising any false alarms.

URL filtering detected only an average number of malicious URLs, as we've seen in previous reviews. There was a major improvement in false alarms, though, with the package again not warning us about a single legitimate site.

A Device Control feature enables defining what happens when users connect a host of device types to the system: external storage, a USB printer, Bluetooth device, scanner, smart card reader, modems and more. Options include making devices read-only, displaying a warning to users or blocking them entirely. Rules can apply to all or specific devices (‘block all USB storage apart from x, y, z’), some or all user accounts, and the system logs all device connections for review later.

This is a very powerful system, but it's not easy to set up. There's no simple library of prebuilt rules, and no user-friendly visual rule creator. Instead you're mostly choosing technical options from lists and hoping you understand them correctly (check the Help page on the feature). It's very much an experts-only feature.

Running processes

There's better news with the Tools menu. Here, you can view logs, see what the program has blocked, watch running processes, download ESET's bootable SysRescue cleaning tool, and more.

ESET SysInspector is a highlight, an excellent tool which takes a snapshot of your system and highlights interesting items: running processes, network connections, critical files (HOSTS), important Registry entries and more. It's not for beginners, but if you've used tools like Sysinternals' Process Explorer you'll soon feel at home.

Overall, ESET NOD32 has more features than you might expect for a pure antivirus app. Beginners can ignore the more advanced options and allow the program to do its work, but the real value here is for experts, who'll appreciate the Device Control module and ESET's extreme configurability.

Protection

Protection

ESET proved accurate in our quick malware detection tests, but to get a full picture of its effectiveness we also checked ESET's ratings with the major testing labs.

AV Comparatives' monthly real-world protection tests generally place ESET in the lower mid-range of its test set: not great, but not bad, just somewhere in between. The September 2018 report ranked ESET as 12th place out of 18, for instance, with a protection rate of 98.5%. The February-June summary of five tests also places ESET 12th, with an average protection rate of 99.1%.

AV-Test has reported similarly low or mid-range results in the past, but the company hasn't tested ESET products since 2017.

SE Labs' July-September 2018 home anti-malware report delivers the best results for ESET, with the company ranking third out of 13, just behind Kaspersky and Norton, but outperforming Avira, Trend Micro, Avast, McAfee and more.

The testing labs clearly have a range of views on ESET - which is no surprise as each lab has its own scoring methods and procedures – but the general picture is that it doesn't offer the best protection, or the worst, but sits somewhere in the middle of the pack.

We suspect that this view may undervalue ESET NOD32's abilities, especially for expert users. The labs largely test antivirus packages with the default settings, but if you're able and willing to set up ESET's more advanced features – like the powerful Device Control – then you should improve your security even further.

It's also important that an antivirus won't slow you down, and in this case, we've good news. PassMark's Security Products Performance Benchmarks 2019 report assesses the performance impact of 14 security suites by using 23 key metrics. ESET trampled over most of the competition to reach second place, just behind Norton Security, with even the supposedly lightweight Windows Defender trailing way back in 6th place. The exact results you'll see will depend on your hardware and how you use it, but in general we think ESET NOD32 Antivirus should have minimal performance impact on most systems.

Final verdict

ESET NOD32 could be used by beginners, but its main value is to experienced users who'll appreciate its advanced features and low-level configurability.

Disqus Comments