Disappointed at NOD32 Failure to ID

Firecat is right, just ask someone who receives samples from VT, there are variants that are usually detected by one particular AV, but this AV still misses variants detected by others. Virtumonde cannot be dealt with using standard signatures, otherwise you'd end up with zillions of Virtumonde signatures added that still miss zillions of other threats. Don't worry about this, we're on the ball but as I have said, Virtumonde requires a completely different approach.

 

Of corse I don t guaranty 100% detection of virtumond, but if you will use AntiVir I can guaranty that iven you will infected with still undetected variant of virtumond, updates will so quickly realased that you will not noticed that, when I was using NOD32 I was waiting for weekends to realased signatures for virus I send to ESET

 

I can guarantee that you will find posts on the support forum for the product you mentioned, from users of the AV, regarding the malware that is the subject of this thread *and* that users did, indeed, 'notice that'. Sorry to say it doesn't appear to be the panacea you claim it to be.

 

http://forum.antivir.de/board.php?boardid=18

Well..can you find there such postes?
And why post on the forum about undetected viruses, when you can submit it to Avira and in maximum 24 hours they will answer you, is this sample virus or not and if it's, when they will add it to signatures?

 

Do a search on that board using "Vundo" as the search word and you'll find several posts, including one where a user eventually re-formatted.

 

If user reformatted because Vundo, it's his or her problem , Vundo can't damage system such way

 

I found Hijack This logs concerning virtumonde on the forum and that tells me all I need to know. I don't speak or read german but the sheer volume of posts tells me it's not all good news so take off the rose coloured glasses and don't go away mad. Just....

 

Trust me this product detects much more Vundo or VirtumondOand not only this virus) than NOD32. I say that not because I don'tlike NOD32, because I want ESET add more signatures to database!

 

tsilo,

Your AV can only really protect you from vundo if the realtime guard stops it before it gets the chance to infect your PC, as already stated in this thread none of the AV's detect all new versions of vundo. If you are already infected with vundo, you usually need a special procedure using dedicated tools like those described here, which support[at]eset.com would help you with, if you were infected.

Simply adding a signature will probably not help you much if you're already infected with vundo.

 

I am not ifected with Vundo
I like NOD32 and want that daily updates contains more signatures than usually.

 

Can I ask why? Although you stated that you like NOD32, it appears that you use another AV. How would more daily updates from ESET benefit you considering the fact that you don't use their product?

As an aside, from what I'm seeing in NOD32, there have been slightly more than 60 updates since the end of April.

 

Let's just start a pot and raise a few bucks to have these virus writers rubbed out.

 

More signatures in an update do not automatically mean better detection. Instead of adding, let's say 10 signatures for Virtumonde, you can improve the heuristics so that it catches zillions of other variants. Virtumonde is not a good example for signature detection. You add 10 signatures and 1000 of new undetected variants will be created in a while.

 

In fact according tests Avira have better detection, I think it's because they often adds 1500 or more signatures per day, comparing signatures added by ESET it's very large number. If more signatures doasen't mean better detection, so why Avira detects better? I know ESET heuristic is equal if not better than AVira's.

And Marcos please read these posts https://www.wilderssecurity.com/showthread.php?t=174136&page=4 post #94, I think there will be good your opinion (or someone from ESET) about what I sad about NOD32 great heuristic

 

No. One can add one signature that detects 10 variants, while another can add 10 different signatures to cover those ten variants. Also the signature detection counting method may differ from vendor to vendor. Number of signatures cannot be taken as representative of detection rates of an AV.

Avira detects better not because of adding more signatures but simply because they work hard and find/add more malware. There is nothing more to it. Going by this analogy, Rising adds around 2000 signatures a day, but does that mean its better than Avira?

 

When I say more signatures I mean signatures for more viruses
I know large number of signatures doasn't mean better detection.

 

Now, to be honest - you don't really make sense at this point. Regardless, let us please try to keep in mind that this forum section is indeed the NOD32 support section - comparisons etc can freely be discussed in the "Other AVs" section of Wilders.

 

adware/spyware/highjackware = gets you annoyed by spam etc and slower pc, and installs and make you internet explorer messy and spamy and slow!

virus = bad, it can completly delete files, infect files, make os unbootable etc

 

One post removed as per our policy noted HERE

Blackspear.