NOD32 falling behind in definitions?

On recent tests NOD32 has dropped in detection rates. Is this caused by the development of ESET smart security?

It dropped on AV-Comparatives and ...
http://www.sunbelt-software.com/ihs/alex/marx/detections_2007q2.htm

http://news.softpedia.com/newsImage/Kaspersky-NOD32-Symantec-Going-Down-2.png

http://bp1.blogger.com/_JNaO8YWc9rQ.../s1600-h/antivirus_comparison_en_20070628.png

 

I think fit you will be the best,I don't like to read any test reports.

 

Thanks for this information, I find it somewhat useful as I am debating whether I should upgrade from the trial copy to an actual licensed copy. If Eset is indeed falling behind here, it does make me wonder. Sure, I know about the advanced heuristics (or at least have heard about them), nevertheless the things about taking a while to add updates once some threats are known about and now this does make me wonder.

Sorry to ramble. Anyway, thanks.

psych1610

 

personally, i dont find it very useful at all.

the first two links are for the results of the same test, 'AV-Test' and the third is for the much ridiculed 'Malware-test'.

See the 'Other Anti-virus software' forum for threads on both tests.

you can believe all or some of the results from all or some of the tests, it's entirely up to you. i myself prefer av-comparatives, but even those i take with a pinch or so of salt.

i find nod32 fairs better in the real world that it does in tests, which i believe is down to the way eset keep the signature database lean and mean and dont add every corrupt and non-functioning sample that comes their way, which many other AVs do.

as a final response to the links posted: http://www.infoworld.com/article/07/06/26/accuracy-of-AV-tests_1.html

 

Very good article I think Moderators should consider putting it Sticky in the "Other AVs forums"

 

it had some discussion here recently: https://www.wilderssecurity.com/showthread.php?t=178545

 

I think they are starting to slow down with updates.

My corporate network was hit by some W32/Spybot.Worm virus that NOD32 couldn't pick up. I had everything enabled, including "advanced" heuristics.

The worm spread across several clients, and many of our data servers. I was up to 1:00 AM in the morning in our NOC cleaning the infection off with Symantec.

 

It's a matter of fact that no AV is perfect. We are still improving the heuristics so that it's able to catch much more threats without update. When comparing two products, bear in mind that what one misses may be easily detected by the other and vice-versa. So resorting to changing the AV just because it has missed a threat is not wise, I could give you tons of examples where NOD32 detects a threat whilst the other big AV players miss it. Please always submit any undetected threat to samples[at]eset.com or email support[at]eset.com in urgent cases.

 

I understand what Marcos is saying, but most tests have indicated a slight decline in overall detection from NOD32 lately. I just think most posters want Eset to stay on the ball. They aren't saying that it's impossible to be infected with a different AV.

And if someone's network was infected, I'd say sorry that happened.

 

I think the development of new products by ESET is causing them to reduce support on definitions. This is the same reason why I stay away from most Symantec products when I can. They are juggling so many products, they are no longer specialists.

It's best not to turn into a jack of all trades, master of nothing.

 

Eset keeps adding signatures and, according to the statistics from Virus Total, more and more samples are detected when those non-functional are removed from the statistics.

 

The virus we are currently fighting is hardly "benign."

It's a new variant of the W32.SpyBot.Worm virus. It spreads fast, and tries to communicate back to a server in the Czech repulic.

All technician's just spent 9+ hours in overtime mode trying to stop this thing. We have only slowed it.

I keep sending samples to ESET, but they seem to think it's a non-threat. I haven't heard anything back, and this is why I can't convince the executives to switch to such a product from say something more mainstream.

This incident doesn't help ESET's product any.

 

Hello !
There is a sticky thread here explaining how Eset deals with samples . In short here . I already wrote you something in a newly started by you thread here

 

In urgent cases you can drop an email to support[at]eset.com. We receive thousands of samples on a daily basis (most of them via ThreatSense which means they are detected heuristically) so we must set some priorities for analyzing samples and adding detection. In urgent cases your samples would be prioritized, but you must notify us at the aforementioned email address. If you do, also enclose the suspicious file (zipped in an archive protected with the password "infected") and as much information about the threat as possible (e.g. its location and file name, results from Virus Total, etc.)

 

Yet here it is July 11th and I just counted the number of updates to the signature database since the 1st; 28 to be exact as of the time of this message.

So, if they're reducing support, it's certainly not evident by the update frequency.

 

You can add all the definitions you want; as many have said, including mods, the number of definitions does not correlate to a products ability to perform.

 

That's right, you can repack a particular sample with tons of packers and calculate/add a crc signature for each of the files automatically. Taking into account the number of current threats, you would easily end up with several million signatures in the database.

 

I think I might have attributed the wrong quote earlier. You previously stated that you thought they are 'starting to slow down with updates'. My point was that, based upon the number and frequency I've been getting, that does not, at all, appear to be the case.

 

I get updates at least once a day. If there is a really bad bug running around ESET seems to respond in plenty of time. Long post, a little longer. I see no problem with their updateing program at all.

 

I'll second that. I get regular updates starting with bootup.

 

Has anything come of this yet?

 

i think this is the same subject: https://www.wilderssecurity.com/showthread.php?t=179713

 

Update frequency does not say anything about additional number of threats found. So I don't think this is too relevant.

 

The sheer fact that Eset has to "prioritize" shows that there are some ressource problems. How come that you can send almost anything to e.g. Kaspersky Labs and it will be added within 2 hours while sending to Eset sometimes shows no addition even after weeks (this is based on what I read in forums like Wilders)?

Evidently, Kaspersky puts more effort in the administration of their signature database. I wonder if a small company like Eset will be able to keep up with the big players. Kaspersky licenses its technology to so many other vendors, surely they have more ressources at hand. On the other hand, what about Avira, which shows constantly highest detection rates and yet is also only a fairly small company.

Anyway, I wish Eset would keep up with the rest as Nod is by far the most "easy-going" anti-virus program. But all you read from Eset fanbase and officials is that there is nothing wrong at all with the way it is currently. Don't know if this is the right approach. You should always strive to improve, unless you're detecting 100%.

 

Again? From the FAQ: https://www.wilderssecurity.com/showpost.php?p=198429&postcount=18 and https://www.wilderssecurity.com/showpost.php?p=1028952