Nod32 Is Not Detect viruses on these web site
{ removed }
{ removed }

i am uploading some serious trojan not detect by nod32
{ removed }
zip password is v

This is now really the last time that i warn you!
Next time you publish malware in our public support forum you get serious trouble.

*pissed*

ok i will keep in my mind

{QUOTE-> i am uploading some serious trojan not detect by nod32 <-QUOTE}
And why are you uploading trojans then complaining that NOD doesnt detect it?

NOD is an antivirus program, not an antispyware program. The fact that it can deal with the majority of spyware is an added bonus.

Well said HB ;D

{QUOTE->
NOD is an antivirus program, not an antispyware program. The fact that it can deal with the majority of spyware is an added bonus.
<-QUOTE}

I wouldn't see this as a problem. The question is whether the guy actually tested them for functionality, whether he submitted them to Eset and whether they actually pose a real threat to a larger number of people or whether they are just some lab samples.

Any chance the malware that was posted was a JavaScript that forced the browser to open many mailto: and news: links?

Did you click on it? :o

{QUOTE-> Did you click on it? :o <-QUOTE}
Click on what? The JavaScript I am talking about isn't a link; it is one that loads as soon as the web page itself loads.

I submitted it to Eset few days ago, but so far ... nothing. (KAV 5.0 detects the script, but it doesn't do much good, because by the time KAV puts up an alert, the script is already running and doing damage! This is a good case for proving the necessity of IMON's "High efficiency mode".)

KAV detect all these
but nod32 can not why

As I mentioned, KAV can detect the JavaScript I encountered, but it doesn't do much good, because the harm has been done by that point.

In addition to the script, I also submitted to Eset the name of the site that it runs on. I'd expect them to add *.sitename.org to their Website access blocking list, at the very least, since the site in question serves no purpose other than a malicious one.

{QUOTE-> Nod32 Is Not Detect viruses on these web site
{ removed }
{ removed } <-QUOTE}

Forgive my ignorance, but how did you know these were viruses when they were not detected by NOD32

{QUOTE-> Forgive my ignorance, but how did you know these were viruses when they were not detected by NOD32 <-QUOTE}
Perhaps some other product (Panda???) detected it..........

Anyway, I agree with Marcos' comments on this matter.

{QUOTE-> I wouldn't see this as a problem. The question is whether the guy actually tested them for functionality, whether he submitted them to Eset and whether they actually pose a real threat to a larger number of people or whether they are just some lab samples. <-QUOTE}

Marcos, I agree with you and I wouldn't have posted here if this subject wasn't started... Anyway, what do you mean by "they actually pose a real threat to a larger number of people" ? If a file is infected and is a malware do you expect more ppl to get infected and when finish counting the number of infections you add it?

I"ve submitted these weeks about 18 samples and no answer... still not detected. I assume some may be non functional samples, but all 18? If I run one of it by mistake and get infected what happens? Will ESET recover my damages and the files I've lost ?

Sorry, no ofence here, and I know you guys try to improve NOD as much as you can, but 9 days is not enough to analyse some samples ?

{QUOTE-> Sorry, no ofence here, and I know you guys try to improve NOD as much as you can, but 9 days is not enough to analyse some samples ? <-QUOTE}

It can take up to 21 days to get added to the database, if I remember correctly......No idea why, but as long as it DOES get added, I guess its OK. :)

{QUOTE-> It can take up to 21 days to get added to the database, if I remember correctly......No idea why, but as long as it DOES get added, I guess its OK. :) <-QUOTE}

Firecat it may be OK but what about these 21 days ?? If you came across the virus and you get infected? And it's more than 21 days.... for me some took longer.

And why the majority of AVs add a sample in 2-3 days ?

{QUOTE-> Firecat it may be OK but what about these 21 days ?? If you came across the virus and you get infected? And it's more than 21 days.... for me some took longer.

And why the majority of AVs add a sample in 2-3 days ? <-QUOTE}
I can see what you are trying to say here. :)

But I'd rather first hear what Eset has to say about this issue before commenting on it. Everyone has their reasons y'know, and I don't feel right making statements without knowing the facts first :-\

{QUOTE-> I can see what you are trying to say here. :)

But I'd rather first hear what Eset has to say about this issue before commenting on it. Everyone has their reasons y'know, and I don't feel right making statements without knowing the facts first :-\ <-QUOTE}

Finally someone understands me. ;D :-* 8) Hope Eset will do the same. :)

{QUOTE-> But I'd rather first hear what Eset has to say about this issue before commenting on it. Everyone has their reasons y'know, and I don't feel right making statements without knowing the facts first :-\ <-QUOTE}
I'll carve out my own spleen if the answer has to do with something other than personnel resources.

{QUOTE-> I'll carve out my own spleen if the answer has to do with something other than personnel resources. <-QUOTE}

It's mrtwolman's fault.


Now, give me your spleen. :D

Well no matter what anyone says, Eset has admitted (I can't remember whether it was here or in private) that they don't have anywhere near the resources of Kaspersky. Which is understandable... I'm not making a judgment, so don't anyone jump on me.

What bothers me is that I can encounter a malicious JavaScript, but hear that "It doesn't matter, since it doesn't affect enough people". Well when it happens to you, it's quite "enough".

But yeah, I'm not stupid. I understand that they have to work within their personnel resources, and if they get 1,000 samples, they have to give priority to the worst of them. But just say so--don't say you don't want the database to get too big, so the malware I encountered needs to be ignored.

If I was trained properly, I would test samples for free. Unfortunately, I am not :P

{QUOTE->
What bothers me is that I can encounter a malicious JavaScript, but hear that "It doesn't matter, since it doesn't affect enough people". Well when it happens to you, it's quite "enough".
<-QUOTE}

If it's apparent that a sample comes from labs and not from a real world, it shouldn't have higher priority than worms, trojans, backdoors and other threats endangering large number of people.

{QUOTE-> I understand that they have to work within their personnel resources, and if they get 1,000 samples, they have to give priority to the worst of them. But just say so--don't say you don't want the database to get too big, so the malware I encountered needs to be ignored. <-QUOTE}

Eset receives much more samples every day than you mentioned.

Well, Marcos, you didn't cleared out some questions I've posted here, but at least I hope you'll analyse the samples and add the functional ones.

{QUOTE-> Firecat it may be OK but what about these 21 days ?? If you came across the virus and you get infected? And it's more than 21 days.... for me some took longer.

And why the majority of AVs add a sample in 2-3 days ? <-QUOTE}

What you should remember is that NO antivirus is 100% perfect. All products miss items that others pick up and ultimately the onus is (and always should be) on the user (and not the AV/Spyware companies) to be fully aware of what they are doing.

If you visit a dodgy site then expect to be hit with something. If you open an email with a suspicious attachment then expect to be hit. If you visit google or microsoft or some other reputable site then expect not to.

Infections nearly always boil down to HIV infections... (human idiocy virus)

You never hear people ranting about how Lavasoft, Spybot or MS antispyware miss something items and not others. How many people on these forums rely on just 1 antispyware program?

However, once the suspicious file has been submitted then the AV/Spyware companies should do their best to check them out and include them were possible as soon as possible.

And I for one am more than happy with NOD. I and my 70+ customers have never EVER been infected with anything since NOD has gone on to their machines. They are happy which makes me happy which means I will always order more NOD licences and will happily recommend them to anyone.

{QUOTE-> ultimately the onus is (and always should be) on the user (and not the AV/Spyware companies) to be fully aware of what they are doing. <-QUOTE}There is a grain of truth to that, but it's impossible to always be "fully aware" of what you are doing. When several big-name, reputable sites were hacked a couple years ago (I can't remember the name of the incident, but it was an IIS server exploit, I think), the people who regularly visited those sites had every expectation that no harm would come to their systems when they visited that day. It would have been impossible for them to be "fully aware" that the site would suddenly have malware.

{QUOTE-> If you visit a dodgy site then expect to be hit with something. <-QUOTE}
It's quite easy to visit a site without knowing that it's "dodgy".

{QUOTE-> However, once the suspicious file has been submitted then the AV/Spyware companies should do their best to check them out and include them were possible as soon as possible. <-QUOTE}
It's just kind of frustrating to witness the difference in the level of responsiveness from one company to the next. The difference is absolutely dramatic. I'll shutup now so Eset doesn't start wishing me dead.

{QUOTE-> You never hear people ranting about how Lavasoft, Spybot or MS antispyware miss something items and not others. How many people on these forums rely on just 1 antispyware program? <-QUOTE}
I rely on 0, unless you count NOD32. Besides, here we're talking about real-time AV protection, and as we all know, you really can't run more than one of those at a time.

{QUOTE-> If it's apparent that a sample comes from labs and not from a real world, it shouldn't have higher priority than worms, trojans, backdoors and other threats endangering large number of people. <-QUOTE}
I'm at a loss to understand what this means. I'm not a lab, I'm just a user who encountered an undetected malicious script, and submitted it. I agree that it shouldn't have higher priority than more-widespread malware, of course, but... Never mind, there is no point in complaining, since it won't do any good. You do what you can with the resources you have, I understand. The execs at the top are the ones who have to decide whether to hire more personnel, or buy another 60-foot yacht.

I thought it was only a 58 footer!!!

{QUOTE-> Nod32 Is Not Detect viruses on these web site
{ removed }
{ removed } <-QUOTE}


Hi shanijee; do you really think it is right for you to take up time with NOD tech support when using and spreading cracked versions?I think the support people's time is better spent on paying customers, but that's just my opinion.

{QUOTE-> Hi shanijee; do you really think it is right for you to take up time with NOD tech support when using and spreading cracked versions?I think the support people's time is better spent on paying customers, but that's just my opinion. <-QUOTE}
cracked version?
witch cracked version
spreading cracked versions?
i am not spreading cracked versions
man you shake your mind*puppy*
you have no oponion to talk like that
i am a register user

I have links to posts with you uploading cracks for others to use. "shanijee make things easy" sound familiar? I'd rather not post the links here because they don't allow warez/crack links at Wilders.

OMG dont u c hes just another nod 32 hater and he just made all of u respond to this and go any further locking dwn the thread would have been a smart choice but i respect the moderators thta didnt because this shows thta this forum is 100% public and more helpful than others now just ignore ~snip~ and stop giving him what he wants.

Yeah looking at the links through Google I'd say he is using a cracked version. Pretty ballsy to come on Eset's forum talking smack while using a crack. Or really stupid.

{QUOTE-> What you should remember is that NO antivirus is 100% perfect. All products miss items that others pick up and ultimately the onus is (and always should be) on the user (and not the AV/Spyware companies) to be fully aware of what they are doing. <-QUOTE}

Fully agree with that.

{QUOTE-> However, once the suspicious file has been submitted then the AV/Spyware companies should do their best to check them out and include them were possible as soon as possible. <-QUOTE}

Well, this was my point...they SHOULD do their best. ;)
I understand ESET needs more employees or something but no matter how many samples they receive and no matter how many employees they have 7 days it's enough I think to analyse some samples.

It's better to concentrate on this issue rather than releasing a new version. For me 2.5 with more concern on adding samples it would be perfect, and I guess for 90% of all the users.
But anyway, I heared nobody complaining he/she got infected using NOD, so it's very good, but needs some improvements.

I'm saying this because Marcos once stated: "You will some improvements to adding samples soon." That was a while ago and I'm still waiting.... ;D

NOD's a great product, and their history shows this. Yet, pcsupport brought up a valid point that I think most of us acknowledge - there is no miracle program that stops everything.

Layers, and various other specialized programs that deal specifically with spyware, trojans and their ilk are needed to supplement and strengthen our security.

NOD is great IMHO, but it shouldn't be the only thing running on our pcs to keep them clean and secure.