I sent a suspicious file to ESET at 4/1/2006 1:10AM (local time), but NOD32 still can't detect it now. I sent serveral files to ESET in different time, but always wait VERY LONG time. I don't know what's happen?
It is hard to say what's going on.. But I can upload here lots of screenshots where only NOD32 detected malware and other people, too. You can't judge NOD32 only for these samples that weren't detected.
This could just as easily be an inactive or damaged sample that NOD32 correctly identifies as no virus found - just because it is detected by name by some, many or all other AV software does not make it a virus necessarily just because of this. Cheers
anyways, as fosius said, you cant judge an antivirus for just a couple of missed samples, no antivirus has a 100% of detection rate, and as you posted pics of malware that wasnt picked up by nod32, we can surely post some others regarding nod32 being the only one able to detect a type of malware, its just silly to post things like this, just send the sample to the eset labs and if it is proven to be a real nasty wait for the proper definitions to be released, jesus.... (apologies for my bad english) -good vibes to happy bytes on his new upcoming journey.....-
Yes. I understand no anyone anti-virus software can detect 100% malware. So I can accept that NOD32 can't detect some malware. But I don't understand when I sumbit suspicious files to ESET every time, I always wait many hours or many days. Why does the response time so LONG? (Sorry, my English is too bad.)
They are added along these lines: on a worst come first serve basis, those spreading or doing the most harm get added asap, while others not so pressing go to the back burner until there is a free moment in time. Cheers
No. I enable all ThreatSense Scanning Engine options in NOD32. Include: Virus signatures Heuristics Advanced heuristics Adware/Spyware/Riskware Potentially dangerous applications But I usually find some files can't be detected by NOD32. It's okay if get response time quickly. Every time, after I submit these files to ESET, then I get very LONG time to wait a new update. Usually more than 20 hours or 2 ~ 3 days even more. Maybe ESET can refer to the article "Ranking Response Times for Anti-Virus Programs" http://blogs.washingtonpost.com/securityfix/2005/12/antivirus_resea.html Most of anti-virus softwares can respone less than 10 hours.
Hi stnien, Thanks for posting that link - I'm sure that it is a review of a review that I have already read elsewhere. I'm going looking for the link to the whole original story and will post it here when I find it. If my memory serves then the data used in The Washington Post article is only related to those AV packages that did not already detect the threats at zero-hour ie. NOD32 scores in the 0 hours and before group (with maybe three others -but that's why I'm going to look for the original article and data) **Found the raw data - different to what I remember reading originally which was a report, but it still basically confirms my memory. It's on the AV-Test.org home page -->HERE<-- NOD32 detected all the mentioned threats before 0 hour, or 'proactively' with only one exception. I guess thats the advantage of looking at the raw data because I'm sure the other report I'd read didn't mention it Cheers
I have access to some very new viruses that are "in the wild" from a few sources and I can tell you that NOD32 does an excellent job of heuristically detecting these. I also submit them to VirusTotal and no single anti-virus vendor has the detection rate that NOD32 does. There are a few occasions where it can take some time for NOD32 to detect (by signature or heuristics) a new virus but these tend to be the type that do not spread themselves or do any actual damage to a computer.
How can they be "in the wild" if they are 1. new and 2. not seen somewhere else meaning other AV vendors spotted them? There is a big difference between really "in the wild" and something what someone found on the grandmas machine. Because it was found "somewhere" were theoretically everyone can get it (downloading it) doesn't mean it is "in the wild". If you find a few mushrooms in the forest then this is "in the wild" but this doesn't apply for viruses.