Graybird Trojan

Re: Nod's Weak Points

I must say that u don't really know its weakpoint.
Its worst weak point is its small virus def (or library).
I have used it for a month, then i threw it away. My PC became the home for trojans.NOD is fast, OH,yes, Just fast.While others are searching for more malwares that they do not contain, Nod only depends on its engine. That's dangerous.

 

Re: Nod's Weak Points

You talk about small amount of virus definitions, then you talk about your system becoming infected with Trojans (plural, as in more than one). What's the name of these "Trojans" that NOD32 missed?

Blackspear.

 

Re: Nod's Weak Points

graybird

 

Re: Nod's Weak Points

NOD32 detected it heuristically as a variant of Win32/Hupigon

Blackspear

 

Re: Nod's Weak Points

I don't think you really know the greybird. Since I was infected, I have learnt a lot about grey bird.
Do you know why Kaspersky and Rising have to add a lot of " a variant of win32/hupigon"s to their def? You may say they are not smart. But you don't know how different between every editon of greybird.Do the "a variant of win32/hupigon"s that NOd32 can detect really mean all? In China, many professional programmers change different greybirds in different ways only to avoid being detected, such as packing or re-coding. I never think NOd's ability of unpacking is good. And after recoding, how can NOD still report that it is a variant?
Nod32 is good only for its ability of heurisitic scanning. In addition, do you really know the weak points of heurisitic scanning? When one got the information for NOD32 that there was an virus on the MBR and that was only a wrong detection, what would he do? Believe NOD or not? To risk losing all the data or not?

 

Re: Nod's Weak Points

I know it enough to know that NOD32 continually detects Graybird as a “variant” heuristically.

Because their heuristic engine is not as good as Eset’s, and this has been confirmed by www.av-comparatives.org

No, however I can say “the greater majority” of this particular trojan are detected heuristically, according to Vgrep

I’m pretty certain Eset will disagree with you on this one.

That’s what “Heuristics” are all about

I'll agree with you on how good its heuristics are, and this is only one strength that NOD32 has.

Ask support or ask here in the “Official NOD32 Support Forum”.

Cheers

 

Re: Nod's Weak Points

What happened?

 

Re: Nod's Weak Points

Just to show that NOD32's detection of Hupigon is not that bad, quite the contrary (it's not the only sample, we've got dozens of such):

HEUR/Malware (AntiVir)
Win32:Hupigon-JM (Avast)
suspicious (Fortinet)
probably a variant of Win32/Hupigon (NOD32v2)
Suspicious file (Panda)
suspected of Backdoor.Hupigon.41 (VBA32)

Should the trolling go on, we'll resort to closing the thread.

 

Re: Nod's Weak Points

If detections 49/100 is the same as “the greater majority”, it's OK.

Best regards,
Firefighter!

 

Re: Nod's Weak Points

915 samples out of 1200 detected here. The rest is pending for more detailed analysis, most of them are non-functional samples.

 

Re: Nod's Weak Points

76.25 % But anyway, those non-functional samples can't be detected at all so perhaps it's about 96 % or more.

 

I think this matter has been dealt with enough, saying you are going to change your antivirus because it missed a single infection (and no proof of this has been presented), is like saying my car got a flat tyre so I'm never buying that brand of car again; you are going to go through every brand really fast, and back around to the first even faster .

This thread has run its course.

Closed ~ Blackspear.