ESET sharing with Sunbelt ?

Discussion in 'ESET NOD32 Antivirus' started by ESS474, Mar 5, 2010.

Thread Status:
Not open for further replies.
  1. ESS474

    ESS474 Registered Member

    Joined:
    Jan 13, 2010
    Posts:
    201
    Location:
    S?o Paulo (Brazil)
    I see all this Detections of ESET in page of Sunbelt updates.


    a variant of MSIL.TrojanDropper.Agent.T
    a variant of MSIL.TrojanDropper.Binder.AB
    a variant of Win32.Agent.QQA
    a variant of Win32.Agent.QQA
    a variant of Win32.Delf.ONS
    a variant of Win32.Injector.ABX
    a variant of Win32.Kryptik.AKJ
    a variant of Win32.Kryptik.BXX
    a variant of Win32.Kryptik.BXX
    a variant of Win32.Kryptik.BXX
    a variant of Win32.Kryptik.BXX
    a variant of Win32.Kryptik.CGU
    a variant of Win32.Kryptik.CNY
    a variant of Win32.Kryptik.CUY
    a variant of Win32.Kryptik.CUY
    a variant of Win32.Packed.FlyStudio
    a variant of Win32.Packed.Themida
    a variant of Win32.Peerfrag.GH
    a variant of Win32.Peerfrag.GH
    a variant of Win32.Peerfrag.GJ
    a variant of Win32.Peerfrag.GJ
    a variant of Win32.Peerfrag.GJ
    a variant of Win32.Peerfrag.GJ
    a variant of Win32.TrojanDownloader.Agent.PRS
    a variant of Win32.TrojanDownloader.Small.OUH

    >> http://www.sunbeltsecurity.com/DefD...&did=5761&cs=D1DCB0EC878AE6EF8464798814E90891


    o_Oo_Oo_Oo_Oo_Oo_Oo_Oo_Oo_Oo_O?
     
    Last edited: Mar 5, 2010
  2. dawgg

    dawgg Registered Member

    Joined:
    Jun 18, 2006
    Posts:
    817
  3. ESS474

    ESS474 Registered Member

    Joined:
    Jan 13, 2010
    Posts:
    201
    Location:
    S?o Paulo (Brazil)
    I see today in Sunbelt update >>> probably a variant of Win32.Injector.AZM <<< pure heuristic of ESET.


    I see this article from pcmag and is very interesting thanks dawgg. :)
     
  4. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    Vipre is an interesting product all round... I am completely unconvinced of it's ability to zero-day ANYTHING.

    That said, we had a reseller that sold thousands of licenses of ESET - they are moving all their clients to Vipre as their renewal comes up - because the ESET OEM products have become part of history... oh well - at least a few of their direct clients are moving back (they're local to us geographically).
     
  5. alexeck

    alexeck Registered Member

    Joined:
    Dec 1, 2004
    Posts:
    33
    We do plenty of our own work... remember, we license our CWSandbox to a large part of the antimalware industry... it's simply that our automated systems, in an effort to use more descriptive names than just "Trojan.Generic", will try and find a name from another vendor for a sample.

    This is a very common practice in the industry. When you're processing over 100,000 threats a day, you can't have researchers carefully naming each sample like the "old" days. Invariably, since virtually everyone is using generic detections these days, you get generic names like this. I'll work with the team on doing something a bit more elegant.

    @webyourbusiness, there are plenty of in-the-wild detections in VIPRE, and you'll see these typically with the name "COBRA" or "BEHAVES.LIKE". These are non-signature detections.



    Alex Eckelberry
    CEO, Sunbelt Software
     
  6. tanstaafl

    tanstaafl Registered Member

    Joined:
    Apr 8, 2005
    Posts:
    207
    Hi Alex,

    I've actually been looking at your software for a while now...

    Do you have any realworld, unbiased comparisons on detection rates to ESET?
     
Thread Status:
Not open for further replies.