Is there any diference about jotti´s nod32 detection and a real installed nod32 AV detection? I´m asking this because in jotti´s virusscan, Nod32 does not have a good detection rate... every time I look at jotti´s virusscan, NOD32 misses the malware, but arcavir, KAv and others catch...

Thats because Jotti uses Linux scanners. avast! detection on Jotti is also very poor because Linux version can't handle as many packers and archives as Windows version can. NOD32 has similar limitations under Linux...

Ufa... thanks...

{QUOTE-> Is there any diference about jotti´s nod32 detection and a real installed nod32 AV detection? I´m asking this because in jotti´s virusscan, Nod32 does not have a good detection rate... every time I look at jotti´s virusscan, NOD32 misses the malware, but arcavir, KAv and others catch... <-QUOTE}


KAV is too much better than nod32 in detection rate
the result is true

{QUOTE-> KAV is too much better than nod32 in detection rate
the result is true <-QUOTE}

really false answer, see www.av-comparatives.org

{QUOTE-> really false answer, see www.av-comparatives.org <-QUOTE}I agree. In jotti's the detection rate was about this according to IBK in post 39. in here,

http://www.wilderssecurity.com/showthread.php?p=545864#post545864

The usual results of Jotti's scanner:

~83% -- Kaspersky
~65% -- VBA32
~63% -- BitDefender
~63% -- Dr.Web
~56% -- NOD32
~54% -- AntiVir
~52% -- ArcaVir
~48% -- Fortinet
~40% -- ClamAV

where NOD32 missed about 2.6 times from that what Kaspersky did.

But in the last Av-Comparatives.org test, 08-2005, we can see that NOD32 missed about 22.4 times from that what Kaspersky did in Total without DOS & Other OS. So it's up to you, how do you want to read these stats. ;D

Best regards,
Firefighter!

I am not sure you can make that conclusion, firstly as Andreas said you really can't compare results from the two different tests, secondly NOD's license expired, for several weeks as I understand it, on Jotti's scanner which therefore doesn't give an accurate indication of what NOD would have detected of those it missed had it had current defs and components that were updated during that timeframe.

From my personal experience after analysing thousands of files from online scanners I can conclude that KAV and some other AVs flag even setup packages as infected, however, after they've been unpacked the files are in most cases picked up by NOD32 (e.g. the case of Ardamax keylogger when the sfx rar with changed rar signature extracts harmless xored binaries). Another thing is that almost every other file received from the scanners is not functional neither on WinNT nor Win9x systems. NOD32's detection is almost perfect as it only very rarely triggers false alarms on corrupted files, flagging them as infected. Just for the sake of interest - I have almost filled up my secondary 60 GB HDD with unique samples from online scanners detected heuristically by NOD32 :-)