NOD32 catches all the big viruses, what about the small ones?

I've been using Nod32 for the past 18 months, during the last few months I have used trial versions KIS 7, Avira Antivirus Premium & Avira suite (primarily becuase I don't like Nod32 version 3 & decided to see what else is available). What I've found is neither Avira nor Kaspersky have detected a nasty that Nod32 had missed

This tells me two things: (a) for me, Nod32 works as advertised & (b) I must be what is known as a "safe surfer" because I'm not sure what posters with a multitude of virus & malware are doing while online. Fortunately, I'm yet to have any such issues with nasties.

One other thing to remember, even though it is posted ad nauseam: no AV can detect 100% of threats. The PC user & their online habits are often the culprit for an infection & not the fault of said users chosen security solution(s).

Cheers.

 

Look, I will now stop here before I say something mean. I know you all guys are just doing your jobs & blue is really a great guy who is just doing his job & I appreciate it that he calmed me down, I know you all are not to blame. I will finally say something from your once previous fan & customer.
To ESET:
Nod32 needs to improve maybe someday I will believe in it again & that is all.
I will now leave in peace.

Good Day to you all.

 

He got a point in here, yeah!

anyway.... 'one for all, all for one' as the 3 Musketeers said! Hmm... or was it Alexander Dumas who said that

 

Very new sophos has only just got it
http://forums.cnet.com/5208-6132_102-0.html?forumID=32&threadID=272945&messageID=2636941

 

BTW, your "undetected trojans" were detected:
https://www.wilderssecurity.com/showpost.php?p=1124891&postcount=49

 

The Online Scanner of NOD32 now does see the virus although too late for me.
It detects it as "Win32/Bagle.KW worm", where others usually detect it as "Trojan-Downloader.Win32.Bagle.fx".

Hmm... thats probably the problem for NOD32 and Sophos: the virus variant is too new.

This is something untested in good tests like AV-comparatives. They probably do not test really recent (like < 7 days old) viruses.

Of Virus-total, 13 of the 33 scanners did found the virus. These scanners probably keep their databases very up-to-date, or have good heuristics.

 

My nephew just called me, he has a virus problem.
I did some research on his PC remotely, and found again a virus missed by the latest version of Nod32 (2758; 2007.12.31), but found by other scanners under differnent names.
Kaspersky identifies it as a Trojan-Downloader.Win32.Bagle.hi.

So again a Bagle variant missed by NOD32.

Eset should really do something about their latest virus signatures, they should be more up-to-date.

 

I can confirm that all, including new variants of Bagle, are detected proactively by the web protection / IMON; the attached screenshot was taken when trying to download the new variant. Since Bagle spreads by email, NOD32 is able to detect and remove it before it reaches your computer. Detection for the new variant will be added shortly, but you are already protected against new variants.

 

The above is not completely accurate. IMON cannot scan emails which are downloaded through "secure" TLS connections. As was discussed in an earlier thread, the security provided by a TLS connection is not designed to prevent email viruses from being transmitted. Thus, if you get your email through a TLS connection, as an increasing number of ISPs including mine are mandating, NOD32 will not detect and remove the threat "before it reaches your computer." I'm not saying that NOD32 won't effectively deal with the threat before it does any damage. I'm merely saying that the claim the threat will be neutralized before it "reaches your computer" isn't true in a significant number of instances.

 

Well I am suprised this thread Is still going. I though it was policy to not start A thread such as this one.

 

Yeah! me too.

I too will be unhappy if my highly rated ‘AV’ misses a virus/Trojan. I find no problem with anyone expressing their feelings or frustration in that regard.

My only issue is that some forum posters are behaving more like product testers: always testing, comparing and passing judgements on product performance.

Well it is a forum: I trust some are tying too hard to show that no product is perfect, or that they are not happy.

 

Bagle doesn't only spread by email. The new variants are usually trojan-downloaders.

When I put Trojan-Downloader.Win32.Bagle.hi (named by Kaspersky) at my local webserver, and download it with NOD32 "web access protection" enabled, it is undetected.
It also wouldn't make sense if it was detected by NOD32 Web Protection but undetected by NOD32 File Protection.

 

Same here.

FYI, i'm not a tester. I'm simply one of the users who has been infected by a large wildspread virus while NOD32 was running.

 

It seems this discussion has turned into bashing. I explained that Bagle is detected proactively when downloaded by email or from the web and that signature detection for the new variants will be added shortly. Having said that, I'd draw this thread to a close.