ESET sharing with Sunbelt ?

I see all this Detections of ESET in page of Sunbelt updates.


a variant of MSIL.TrojanDropper.Agent.T
a variant of MSIL.TrojanDropper.Binder.AB
a variant of Win32.Agent.QQA
a variant of Win32.Agent.QQA
a variant of Win32.Delf.ONS
a variant of Win32.Injector.ABX
a variant of Win32.Kryptik.AKJ
a variant of Win32.Kryptik.BXX
a variant of Win32.Kryptik.BXX
a variant of Win32.Kryptik.BXX
a variant of Win32.Kryptik.BXX
a variant of Win32.Kryptik.CGU
a variant of Win32.Kryptik.CNY
a variant of Win32.Kryptik.CUY
a variant of Win32.Kryptik.CUY
a variant of Win32.Packed.FlyStudio
a variant of Win32.Packed.Themida
a variant of Win32.Peerfrag.GH
a variant of Win32.Peerfrag.GH
a variant of Win32.Peerfrag.GJ
a variant of Win32.Peerfrag.GJ
a variant of Win32.Peerfrag.GJ
a variant of Win32.Peerfrag.GJ
a variant of Win32.TrojanDownloader.Agent.PRS
a variant of Win32.TrojanDownloader.Small.OUH

>> http://www.sunbeltsecurity.com/DefD...&did=5761&cs=D1DCB0EC878AE6EF8464798814E90891


?

 

And some Kaspersky also.
Sunbelt/Vipre is one of the antiviruses scanning files with other antiviruses and adding what others are detecting rather than actually analyzing it and checking it for itself

Here is an article which may be of interest - http://blogs.pcmag.com/securitywatch/2010/02/sw_tests_show_problems_with_av.php

 

I see today in Sunbelt update >>> probably a variant of Win32.Injector.AZM <<< pure heuristic of ESET.


I see this article from pcmag and is very interesting thanks dawgg.

 

Vipre is an interesting product all round... I am completely unconvinced of it's ability to zero-day ANYTHING.

That said, we had a reseller that sold thousands of licenses of ESET - they are moving all their clients to Vipre as their renewal comes up - because the ESET OEM products have become part of history... oh well - at least a few of their direct clients are moving back (they're local to us geographically).

 

We do plenty of our own work... remember, we license our CWSandbox to a large part of the antimalware industry... it's simply that our automated systems, in an effort to use more descriptive names than just "Trojan.Generic", will try and find a name from another vendor for a sample.

This is a very common practice in the industry. When you're processing over 100,000 threats a day, you can't have researchers carefully naming each sample like the "old" days. Invariably, since virtually everyone is using generic detections these days, you get generic names like this. I'll work with the team on doing something a bit more elegant.

@webyourbusiness, there are plenty of in-the-wild detections in VIPRE, and you'll see these typically with the name "COBRA" or "BEHAVES.LIKE". These are non-signature detections.



Alex Eckelberry
CEO, Sunbelt Software

 

Hi Alex,

I've actually been looking at your software for a while now...

Do you have any realworld, unbiased comparisons on detection rates to ESET?