Hello people, I was fixing a friends PC today when I came across his mini virus collection, I decided to scan it with NOD32 using AH, and to my suprise it missed quite a few. His AV scanner picked them all up though. I'm sure these are fairly old/rare viruses and may not be ITW anymore, but still I think NOD staff may appreciate their product being able to detect them. Thing is there are 40 zip files containing all sorts, so how am I supposed to submit them all? NOD obviously did pick up alot, but sifting through them to pick out the exact ones it didnt is something I don't really have time for. So am I supposed to bung them all together in one zip file? and send it to samples@nod32.com (?) is that right?
Yeah I had few instances where NAV or KAV will pickup a few strains in full scan that Nod32 left behind (full fledged clients or .exe's not parts) and sometimes I had it the other way around. But it's those Nod32 silent moments that make me consider the validity of the Virus Bulletin 100% awards and hence VB testing procedure (especially when some of the viral code might be old).
I'm not agree with you, I've some viruses that only NOD caught and not KAV and NAV. NAV is a toy, NOD is much better detecting viruses via signatures/heuristic.
Hence I've stated that. But still a 100% detection rate times ~23 tests should signify that most of the malware should be detected. Especially when it's old (greater than 3 months).
NOD has earned 24 VB Awards. A old virus don't mean that it's in-the-wild or a AV have the obligation of detect that threat. Old viruses aren't the more important today. VirusBulleting test the AV with in-the-wild viruses and not VX viruses, or viruses that aren't spreading or that aren't in-the-wild. I'm 100 & segure that the viruses that NOD don't caught you, aren't in-the-wild and has been spreaded little. Also, NOD is able to detect the 80 % of in-the-wild viruses via heuristic, in other words, without use signatures and without require updates unlike others AV like KAV/NAV (NAV's heuristic is a "joke").
From my personal experiences, especially KAV has in database lot of intended viruses and worms which are corrupt and ends with some error. The question is - are they dangerous or aren't they? Just fork the samples to ESET for processing it. An antivirus program can be only as good as the collection on malware the producer has (unless heuristic analyses makes the proggy far better than rest of the pack ). I think any submission of malware other AV catches and NOD32 does not has sense. But you should always add some description of the situation - e.g. the name of the beast according your other AV (do not forget to state which AV do you use).... Regards
I also after uninstalled Nortun used to find some viruses with NOD. Also KAV found 2 viruses on 1 PC which NOD missed but than i sent them to NOD and they reply that it is not viruses.