Yes, I clicked on it, but when will this virus be detected: Backdoor.Win32.Agent.nwe

Hi guys,

I already mailed this one to ESET and submitted it through NOD32 (actually, how can you see whether this was successful?) I already submitted samples in the past but they were never added (they were added to Outpost Firewall pro though, and really, this is quite shameful as I believe ESET owns that company).

The bug hasn't asked for any outbound connections so I wonder what is is doing on my pc.

Kind regards,

Jeroen

 

Please PM me your email address, the date when you submitted it as well as the subject of the email. I've searched all emails for "Agent.nwe" to no avail.

 

I've PM'ed you with the details. I'm quite sure though that Eset already has a copy of it as I sent it multiple times through the application itself. I only found out later nothing is sent if Eset already has a copy. Eventually I also sent a copy this way (= using the submit function of NOD32) by putting it in a password protected Winrar archive.

I had also sent an email before attempting the above (details should be in your inbox by now).

Thanks,

Jeroen

 

It seems to me that ESET should improve their sample review procedures. They take too long to add a new malware, and that's very dangerous nowadays. They should also improve the submission feature of NOD32.

 

Re: Yes, I clicked on it, but when will this virus be detected: Backdoor.Win32.Agent.

i m 100% I Gree with you .. eset Sucks adding new samples to the detection bases .. i m tired to bee sending alot of samples every day .. at same time i send it to kaspersky and avira and they respond 30 minutes after confirming of malicious code detection .. bot Eset just NEVER

 

I do like NOD32 a lot. For normal or somewhat security aware users it will do just fine. About 3-4 years ago NOD32 was the best AV out there. It seems Antivir and Kaspersky have caught up. Antivir being the primary contender for me(Kasperksy is a little keen on resources).

Anway, this is not such a discussion thread and I wouldn't want to anger the moderators This case is closed with a big thanks to Marcos!

 

Re: Yes, I clicked on it, but when will this virus be detected: Backdoor.Win32.Agent.

The problem here is not the lack of response, it's the lack of supporting new threats as they arrive to their labs.

 

I've never known if every submission of mine arrived at ESET labs. ESET said there might be some delays in handling some submission because they focus on the spreading threats. But I found that it's too ridiculous that my submission has not been handled yet. It has been more than 1 week. I think ESET should re-study its submission feature of NOD32 and sample review procedures.

it's the lack of supporting NEW THREATS as they arrive to their labs? I don't think so. What I submitted to them are old threats and detected by other AV programs with OUTDATED virus signature. I wonder what attitude they have towards our submission.

 

Hi guys. I'm no expert, just an ESET and Avira customer, but I have to ask. Did NOD catch the new "threat" for you to be able to submit it? If it did, then this "threat" is likely already in their database and they would not have to update anything. Also, I notice that Avira seems to catch a lot more false positives than NOD.

Final thought, Agnitum is not owned by ESET as far as I know. When I had some issues with performance on one of my machines, I talked to an ESET representative about possible fixes. One of his suggestions was to get a "better" firewall. I think Outpost is probably the best software firewall on the market, but it does not play "nice" with most other security app's. If ESET truly did own Agnitum, I don't think the ESET rep would have made the suggestion (bad sales tactic).

Current security setup on machine 1: NOD32 v3, COMODO Firewall Pro v3, A-Squared Anti-Malware, Windows Defender (in Vista). This machine triple boots XP Pro SP3, Vista Ultimate, Ubuntu Hardy 8.04.
Machine 2: Avira AntiVir Premium, COMODO Firewall Pro v3, A-Squared Mamutu. This machine dual boots XP Home SP3, Ubuntu Hardy 8.04.