Discussion in 'NOD32 version 2 Forum' started by Pain of Salvation, Dec 3, 2005.
Sample sent to Happy Bytes
It's not the end of the world,
So what if NOD32 miss something sometimes...
Happy Bytes will likely add that today.
Are you going to make a new thread each time NOD misses one of your samples?
It's getting old already..
No, there will not be a new thread each and every time. A single thread will be suffice.
Posting such stuff doesn't make sense at all. We all could deluge the forum with screenshots where someone misses something where even other big AV players do. Just submit the file to samples[at]eset.com and it should be added shortly (unless it's corrupted and non-functional), no need to post here a thing.
That our Anti Virus software misses or fails to do its intended purpouse is a unhappy fact of life most people are not so aware of. Its quite logicall that this is so - and to constantly bitch about it is both good and bad. People need to be aware of that they are not safe just cuz they have a AV installed.
What I am wondering though, is if there are any studies done on this. How the actors in the AV buissness communicate ( or dont ) with eachother. How it has evolved over the years - etc etc..
For somebody who have only heard how greatest and best Antivirus X is, it could be a good hint to take more care of what he is downloading, even with "greatest" AV installed.
Wouldn't that equally aply to all big AV players?
What Marcos is referring to to; is it does not make sense to post screenshots of any Anti-virus missing a single piece of Malware. You could in fact post hundreds of such screenshots for any given Anti-virus, which in itself is pointless.
I also don't think the real big ones have forums like this to deluge with such threads.
So it is unknown to NOD32, submit sample. There is no need to start a thread about it. It is not really that big of a deal.
My intention is to show to Eset that they are missing not one sample, but some samples of trojan Banker, that we reicive a lot here in Brazil. My intention is not to bash nod32, but help Eset to make a better protection against trojans banker. My NOD32 has aways picked up all malware, but against trojans banker, NOD32 is not doing so good.
Ok, I wont start a thread again when NOD32 miss another trojan banker
But what's the point? Should I post here 1000 screenshots of the threats detected by NOD32 and missed by KAV? I for one do not see any sense in that.
No, the only point is that Eset should improve protection againt trojans banker, like make a strong generic signature for them (I don´t understand much about this, so maybe i´m wrong). I have a lot of screenshots that nod32 detects the malware and kav misses too... I just want to see nod32 getting better and better. And I think the weakness of nod32 now is against trojan bankers, which is really a dangerous threat.
well, pain of salvation....every AV has its own weak points and NOD32 is improving day by day. Trojan Bankers are not the only problems..... script viruses, backdoors ..these are some weak points...but they're improving and hope to see a big update these days with some old viruses not detected .
(if one ESET mod could confirm my wish I'll be grateful )
My bad, sorry Salvation
But I´ve sent the sample... see the first post.
POS - the point is really that many of us submit samples when we have them - it's not necessary to start a thread each time we submit something to Eset... just bask in the internal glow you get from doing the submisssion! You are doing your part already!
Re: Attention: German Users
Does this not apply here too?
Probably, one could post the forum full with any given Anti-virus proactively detecting a single piece of Malware?
Or, the problem is screenshot?
gue_st, I have split you post from here, to this thread, as this is where you are quoting from. Which is where I gather you meant to post...
This is true. I'm saying this just so no one comes here and things this should reflect badly on NOD32: I've found two or three trojans that KAV 5.0 missed. I didn't post here at all--what's the point? I submitted them and was done with it.
I´ve said before what is the point.. The point is not to bash nod32, the point is to show Eset guys that NOD32 is weak against trojans Bankers, and they must add more signatures for them. I use NOD32 and for me NOD32 is the best AV, so why would I bash NOD?
POS, I know you say you're not bashing the product, but there is a procedure for adding unknown threats, it's called submission - that's it... nowhere in the program itself does it say to "go to Wilders and let us know there too..." - does it?
It doesn't matter whether it's one of the ever evolving number of trojan bankers, or a new variant of Sober or Mytob - the procedure is the same - submit the sample and get on the other things in your life...
Still not clear, why posting about detecting something is a good thing, but about missing is so bad, while information about missed samples is generally more useful.
because Pain of Salvation has posted these 'trojan banker' threads for many times already
it is not necessary to open a new thread every time you find a trojan an AV is missing or detecting
just submit the sample and it's fine