NOD32 in the real world

...and we have not heard back from radicalb21 on his findings yet.

 

Maybe he is applying to be a spy and missed all five questions...it is not the 28th of October yet..but as you know..if you snooze you loose...

 

Sorry it took me awhile to get back to you as I worked all day today and part of this evening. Detection was added as of today 1.535 version definitions. The pictures I posted today were sent to eset via samples email address and to two eset techs. As soon as I have more i will post it in this forum specifically this thread.

 

It doesn't matter if they are rated low or not, they are ITW and Nod missed them.

 

ITW apparently to you means simply existng and available, even if one has to go to a VX site to find them or get them from a collector, like a 13 yr old MS DOS virus, because one won't encounter them any other way. But that's not the industry's definition.

ITW to AV researchers and professionals (including Eugene Kaspersky no doubt since he's a Wild List reporter) means that a virus is actually spreading ITW.

From The Wild List site:

"As far as where is 'out there', we like the definition given by Paul Ducklin of Sophos, PLC in his paper 'Counting Viruses':

For a virus to be considered In the Wild, it must be spreading as a result of normal day-to-day operations on and between the computers of unsuspecting users.
This means viruses which merely exist but are not spreading are not considered 'In the Wild'."

Kaspersky may have these critters in his database and KAV detects 8tunes, but would Kaspersky himself argue that it's ITW?

 

I wonder what Eset thinks of this thread? I'm just curious why they haven't defended their product? c

 

Maybe they're hoping the "NOD Bashers" will go away quietly...LOL...

They oughta know better...

Seriously, though, how can you defend a product that missed samples that 4 Other AV's detected (not counting TrojanHunter!)...

 

Quit easy. Lemme take a look on the samples. Some of them may be broken, unable to replicate and thus no viruses. cos viruses do replicate. It is a conditio sine qua non for any virus.
for testing images of boot viruses they should have some defined extension as images etc ...
and more over, how can you get infected by files stored in archive as long as the resident will intercept them ?

 

This is unverified by un-biased third-party testing.

 

Hello jjj
This information is being verified. To date we have had no one respond in the affirmative as to an infection whilst using NOD32 v2 with the latest updates and having done a thorough system scan.

Best wishes

 

I know from experience, using NOD for several years, that it has never missed a virus on my machines.

Plus IMON kept one of my grown kids from getting Swen when it first came out. Had he been using one of the other AVs like KAV he would have been infected.

I haven't seen were anyone was infected with one of those samples you have??

So from a real world perspective I feel very comfortable using NOD.

 

It was a Joe Job. Join the dots on DSLR and you can see the whole plan come together. The Joe Jobbers made sure the other anti-virus companys had sigs for all the viruses and trojans but they hid them from ESET until after they made their move on NOD32.