ESET should work on adding more signatures...

Discussion in 'other anti-virus software' started by Mike415, Jun 24, 2005.

Thread Status:
Not open for further replies.
  1. sseLeman

    sseLeman Guest

    Seriously, you guys don't need to worry about which big, bad AV is best; you need to stop doing whatever it is you do to come across so much garbage. I am on the internet all the time, downloading stuff frequently, and yet NOD32, TDS-3, KAV Web Scanner, RootkitRevealer, F-Secure BlackLight, and everything else always return a "clean" result. Always. As in "every time". As in "without exception".

    I have no idea how one would find such malware honestly. Stop using Internet Explorer with wide-open settings. Stop downloading keygens. Stop ... whatever it is you're doing, because you aren't using your systems more than I am, yet you seem to get yourselves into all sorts of trouble.

    It is ironic how people run into what they perceive as a failure of a security system--"this AV doesn't detect this malware!". Yet they never point the finger at themselves. Isn't that just so odd?
     
  2. Mike415

    Mike415 Registered Member

    Joined:
    Mar 13, 2005
    Posts:
    42
    Marcos I dont wanna be mean, but you gotta set aside the heuristics for one sec. You always go back to them when someone says something about your defs. HEURISTICS DONT CATCH EVERYTHING!

    Its great that you guys have heuristics, but does that mean you cant add more definitions? Thats why there are also definitions? I would like an answer to that question.

    Im saying you guys gotta start working more on defs and not relying on Heuristics. I think a lot of people would agree also.
     
    Last edited: Jun 27, 2005
  3. lynchknot

    lynchknot Registered Member

    Joined:
    Jun 26, 2004
    Posts:
    904
    Location:
    SW WA
    How about someone compile KAV's x-definitions and convert to NOD32's format and test it? Is it possible or beyond reach? The best of both worlds sounds like a win-win application - even from a sales standpoint - what security app addicted geek wouldn't want that? KAV's legendary detection rates and NOD's legendary avanced heuristics. Hell, I'll take two! :D
     
  4. mrtwolman

    mrtwolman Eset Staff Account

    Joined:
    Dec 5, 2002
    Posts:
    613
    Impossible :)
     
  5. Mike415

    Mike415 Registered Member

    Joined:
    Mar 13, 2005
    Posts:
    42
    Hey good thing AH picked up this trojan... Oh it didnt... The thing that makes me mad isnt that NOD didnt pick up this trojan its that almost all the others did...

    Scanner Malware name
    AntiVir TR/Agent.BD
    ArcaVir X
    Avast X
    AVG Antivirus Agent.E
    BitDefender Trojan.Agent.BD
    ClamAV Trojan.Agent-19
    Dr.Web Trojan.DragonBot
    F-Prot Antivirus W32/Agent.JB
    Fortinet W32/Agent.JB-tr
    Kaspersky Anti-Virus Trojan.Win32.Agent.bd
    NOD32 X
    Norman Virus Control W32/Agent.AIK
    VBA32 Trojan.Win32.Agent.bd
     
  6. lynchknot

    lynchknot Registered Member

    Joined:
    Jun 26, 2004
    Posts:
    904
    Location:
    SW WA
    Well then how about covering everything KAV does and testing it. Impossible?
     
  7. Edwin024

    Edwin024 Registered Member

    Joined:
    Nov 14, 2004
    Posts:
    1,008
    Of course not, but that will take so much time that I guess eset won't do it. They rely on their AH's a lot. And Kaspersky has a lot of crippled things in their signature base too. The sheer amount the database gets from this makes a full scan take hours. I don't think we want that with NOD32, do we?
     
  8. Mike415

    Mike415 Registered Member

    Joined:
    Mar 13, 2005
    Posts:
    42
    I dont think we want viruses either. I think NOD should just try harder on the addition of signatures to the database. Maybe hire a few more people to add defintions...
     
  9. Happy Bytes

    Happy Bytes Guest

    Feel free to submit your CV :D
     
  10. jg88swe

    jg88swe Registered Member

    Joined:
    Jul 1, 2004
    Posts:
    181
    Probably my file, but hey i submitted it to ESET...
    Using the NOD32 program (Nice Feature too )
    Should i send it again? o_O :ninja:
     
  11. jg88swe

    jg88swe Registered Member

    Joined:
    Jul 1, 2004
    Posts:
    181
    I used to send Eset virus samples....
    but i stoped doing that becuse...

    I dont get any damn awnser... :mad:

    You should get some AutoResponder atleast...
     
  12. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Once I was submitting files also, but when I've seen NOD32 doesn't add them (I've sent 6 samples and no one has been added :( ) I've give up. :(
     
  13. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK


    I don't know how many MORE times we have to say this

    You cannot compare the results from Jottis with NOD in real life

    Jottis Linux scanner does not have the NOD riskware & spyware/adware databases/program detection part enabled
    or advanced heuristics so will not detect the threats it will in real lfe

    Many times I scan on jottis and KAV & NOD comes up as nothing detected BUT both AV's on my computers find them and I spend 12 hours a day looking for & fixing malwares so I DO know what I'm talking about
     
  14. mrtwolman

    mrtwolman Eset Staff Account

    Joined:
    Dec 5, 2002
    Posts:
    613
    KAV covers lot of <snip>.... e.g. harmless text files :p
     
    Last edited by a moderator: Jun 27, 2005
  15. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Well, exactly dvk....on my comp KAV detected Trojans NOD32 missed. ;)

    Wow!! KAv detects even more vir than I see on Jotti!! :(

    This is written on Jotti. So it seems it uses AH . I don't think for some AV it uses them and for others don't...or perhaps NOD32 for Linux doesnt' have the AH option.
     
  16. rothko

    rothko Registered Member

    Joined:
    Jan 12, 2005
    Posts:
    579
    Location:
    UK
    I dont think anyone is arguing that KAV will detect more trojans than NOD32 as KAV's signature database is very large and it will also find corrupt/useless files that NOD32 wont. Also, NOD32 is coming on very well in trojan detection, particularly since the release of 2.5.x, but of course it is going to take a little time to become as good in this department as others are who have been buidling on this for a lot longer. similarly, NOD32 has desirable features that the other AVs dont have ;)
    ...and by the same token, so will NOD32
    as dvk01 mentions in his post, "Jottis Linux scanner does not have the NOD riskware & spyware/adware databases/program detection part enabled or advanced heuristics so will not detect the threats it will in real lfe
     
  17. jg88swe

    jg88swe Registered Member

    Joined:
    Jul 1, 2004
    Posts:
    181
    May i ask if there is Any plans at all to add these two features in upcomming NOD32 versions?

    Antirootkit Technology
    Registry Monitor
     
  18. Sweetie(*)(*)

    Sweetie(*)(*) Registered Member

    Joined:
    Aug 10, 2004
    Posts:
    419
    Location:
    Venus
    Hi, if u could add an extra definiton scanner as a manual only function, such as in-depth analsys, only this scan would take alot of time, the normal runnng of Nod32 wouldn't slow down at all,still use the hueristics and standard definitions but say once a week or month you could run a scan with the extra definitions when u have spare time or overnight (if a slower PC).

    The added defnitions could cover threats that are not so common or viruses etc that are no longer a viable threat.

    Oviously it would involve a lot of extra work on the programers part, but i think it would offer great extra proection such as KAV etc with out the sacrifice.
     
  19. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    Add what

    there is nothing to add

    the bits are in the windows version of NOD but as the problems cannot affect or infect linux at this time then there is no point in having them in the linux version of the scanner

    When spyware starts to target/infect *nix then I'm sure NOD will add those parts to the *nix scanner
     
  20. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    It was about adding them to NOD32 Windows verision!!!
     
  21. Bluesman

    Bluesman Registered Member

    Joined:
    May 21, 2005
    Posts:
    18
    Location:
    Delsbo, Sweden
    You don't get any answers, only if Eset want some more info from you.

    And when you send a sample (Choose Submit for analysis), it stand there that you don't will get any answer back - "You will not get a response from Eset unless more information is required"

    So calm down...and continue to send in samples :D
     
  22. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,633
    and where exactly are those options in the windows version? thats why he asked if theyll be added in a future version.
     
  23. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,267
    This may be off topic but I just checked one PC that is used as a backup for storing data, not used for lots of other activities. This one still relies on a "famous" AV program. I checked the latest virus definitions and noticed that it was last updated 22/6 (more than 6 days ago!) - so I went to the site and manually updated and installed - wow, 8mb of transfer just for a definitions update.
    Give me Nod any day with it's easy daily or several times daily incremental updates in the background. Once it's renewal time for the AV, I know which program to prefer. :D
     
  24. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    Bah - i have moved this to "other AVs" as I honestly should have 1-2 days ago to be perfectly honest since the comparisons have become so ripe and thus this has defintely not remained ( if it ever really was) a NOD support thread.
     
  25. Triple Helix

    Triple Helix Specialist

    Joined:
    Nov 20, 2004
    Posts:
    12,960
    Location:
    Ontario, Canada
    It Detects it now in update 1.1156

    Thanks,
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.