Eset ignores virus submissions?

I agree with you steve1955, but the best thing will be to add those samples in time to protect users not to perform well in a particular test.

 

I totally agree. All these super smart fancy tests means nothing if the company behind the AV already knows when the test will be conducted. V-Bulletin actually tells which ITW threats are out there before doing their test, so the AV vendors can add them before they test them.

It's the same as you were eating at some disgusting restaurant and you got served with rotten food. Then the next day, the health inspectors would call the restaurant saying they would come & inspect 2 weeks from this very day.. So what would the restaurant do? Clean up & serve fresh food of course.

AV-comparatives & vbullet both conducts tests, but I still want to see a test that doesn't warn the vendors or telling them when the test will be done. The results would be a lot more trustworthy than they currently are.

You may come to your own conclusion about the tests and your current AV, but NOD32 has been an awesome threat killer since I installed it 2 years ago. Nothing to whine about here

 

….Or they could secretly add it without telling you people.



tD

 

this is just between you and me... don't tell anyone

 

A friend of mine, submitted a suspect file, to Eset & Kaspersky, at the same time. Within 4 hours, Kaspersky responded to his email, and had the defs updated to detect it... a Trojan Downloader.
A day later, no response, or detection by NOD.

I love NOD, but this is troubling to me. I realize that some payloads are worse than others, but if one AV deems the threat, sufficient to warrant an immediate response, I'd like to know that *my* AV, took the threat as seriously. After all, it's supposed to protect my computer, not allow only minor infections.

 

Hi,

KAV have loads of Virus analysist and remember there heuristics are very poor so they need (and do) make up for this with fast additions to defs.

I am not currently using NOD32 at the moment but have done so in the past I remember that with downloaders they often detect what is being downloaded rather than the downloader itself as its lower priority. I do take your point though I am sure that eset will be looking to improve the virus submission process.

Its still a very excellent product and most new malware I find that I submit to virustotal and then foward on to vendors (New Zlobs etc) most often Eset detects or detects ' as a varient off' which many other vendors miss.

I think you are well protected.

Cheers

Jlo

 

Right .

Burf , read this thread and focus on the last post

https://www.wilderssecurity.com/showthread.php?t=158535

https://www.wilderssecurity.com/showpost.php?p=917092&postcount=83

 

I agree with burf. I love my NOD32, but the speed of the virus lab does worry me. I have seen too much anecdotal evidence on this board for me to think these posters are all trolls. For me this remains one of NOD32's weak points.

I realize that this thread will probably be closed soon. But for once I would like ESET to admit that they could do much better in this area and commit to ensuring their next few hires will be dedicated to speeding up their signature additions (especially in cases where people have taken the trouble to alert them).

 

In my case (see earlier posts) I was unaware I was infected with a trojan-downloader until I did an online scan, I then sent it to eset (several times) in September. It was added into the virus definitions earlier this week.

I would recommend anyone who is actually infected and does not have the knowledge to remove it themselves emails support @ eset.com rather than just emailing the sample, as they will likley provide very quick help to remove the infection and probably add the sample faster. If you are infected and you email the sample to samples @eset.com without telling them you are infected, you may have a long wait if it is not widely spreading...

Regards,
Londonbeat

 

I don't now how Kaspersky reacts on viruses but I know Avira have great heuristic but they all day add to signatures thousend viruses.... because of it Avira have better detection than Eset

 

It's not just about detection rates in a test (though I respect AV-Comparatives greatly).

The issue is the speed of adding signatures, especially when it impacts actual NOD32 users. Users should not have to email Marcos directly or go through a special customer support email contact. The regular samples @ eset.com channel needs to be more responsive.

NOD32's great heuristics help to some degree, but they are not a complete safety net.

 

Yesterday on a computer running NOD32 I found a suspicious virus file. At the time the virus wasn't recognized by neither NOD32 nor Kaspersky.

I sent samples to both ESET and Kaspersky at the same time.
4 hours later I got mail from Kaspersky that the file is indeed a virus and Kaspersky started recognizing it as Trojan-Downloader.Win32.Small.dxg.
NOD32 still doesn't recognize it.
And this is not the first time that it takes ESET too long to react.

NOD32 is a great antivirus but it's main weakness is that it takes too long for them to react to new treats.

I don't care how good it's heuristics are if it allows my computer to be infected and to remain infected for a long period.

The file can be found here:
~removed malware download link as Wilders does not condone such as per our TOS....Bubba~

 

I think it's BIG problem..

I 'am interesting how many unknow viruses receive ESET usually per day and why they can' t add all of them to signatures in the same day? Why other AV companys can do it but ESEt not?

WHAT IS THE REASON ? ? ?

 

As this is the Nod32 Forum....We ask that you or any others that wish to discuss malware programs other than Nod32 do so in a more appropriate forum. Our other anti-virus software forum would be the appropriate place.

Any other off topic discussion will be removed without further notice.

Thanks,
Bubba

 

Oh ok Bubba...but.. can you reply to my last post?

 

Taking into account your posts in this thread and numerous other threads contained in the Nod Forum....I doubt if I would ever be able to respond adequately to any questions you have posed as it relates to virus submissions. Our thoughts as it regards this matter are totally opposite of each other but I'll answer your questions that relate to Nod\Eset only.

I have no clue and quite honestly have more important areas of concern that worrying how many samples Eset or any other malware company receives in a given day.

Quite frankly it would be ludricous for me to expect Eset to receive, analyze and apply protection in the same day. I personally feel this response by Anton is all I expect from Eset when it comes to virus submissions.

Bubba

 

Thanks for the link, HiTech.
For me, although I'm kind of a middle-ground computer user, my knowledge of Viruses, malware, etc, is very limited.
I've only been infected once... my curiousity got me in a bit of hot water, but I was able to stop the damage, before it got too great
So, my comment above, comes from a place of ignorance.
I know people have mentioned, that as long as NOD prevents the actual Trojan from being injected into my system, a Trojan downloader really doesn't compromise my system, thus, it gets a lower priority.
If that's really the case... well, then, I feel a bit better