Yes, NOD32 missed another trojan banker

Discussion in 'NOD32 version 2 Forum' started by Pain of Salvation, Dec 3, 2005.

Thread Status:
Not open for further replies.
  1. Pain of Salvation

    Pain of Salvation Registered Member

    Joined:
    Apr 21, 2005
    Posts:
    398
  2. jg88swe

    jg88swe Registered Member

    Joined:
    Jul 1, 2004
    Posts:
    181
    buhu :'(

    It's not the end of the world,
    So what if NOD32 miss something sometimes...
     
  3. beetlejuice69

    beetlejuice69 Registered Member

    Joined:
    Mar 16, 2005
    Posts:
    780
  4. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    Are you going to make a new thread each time NOD misses one of your samples?
    It's getting old already..
     
  5. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    No, there will not be a new thread each and every time. A single thread will be suffice.

    Cheers

    Blackspear.
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Posting such stuff doesn't make sense at all. We all could deluge the forum with screenshots where someone misses something where even other big AV players do. Just submit the file to samples[at]eset.com and it should be added shortly (unless it's corrupted and non-functional), no need to post here a thing.
     
  7. SaM_J

    SaM_J Registered Member

    Joined:
    Oct 18, 2005
    Posts:
    13
    That our Anti Virus software misses or fails to do its intended purpouse is a unhappy fact of life most people are not so aware of. Its quite logicall that this is so - and to constantly bitch about it is both good and bad. People need to be aware of that they are not safe just cuz they have a AV installed.

    What I am wondering though, is if there are any studies done on this. How the actors in the AV buissness communicate ( or dont ) with eachother. How it has evolved over the years - etc etc..

    Sam
     
  8. gue_st

    gue_st Guest

    For somebody who have only heard how greatest and best Antivirus X is, it could be a good hint to take more care of what he is downloading, even with "greatest" AV installed.

    Wouldn't that equally aply to all big AV players?
     
  9. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    What Marcos is referring to to; is it does not make sense to post screenshots of any Anti-virus missing a single piece of Malware. You could in fact post hundreds of such screenshots for any given Anti-virus, which in itself is pointless.

    Cheers :D
     
    Last edited: Dec 3, 2005
  10. Detox

    Detox Retired Moderator

    Joined:
    Feb 9, 2002
    Posts:
    8,507
    Location:
    Texas, USA
    I also don't think the real big ones have forums like this to deluge with such threads.
     
  11. Carver

    Carver Guest

    So it is unknown to NOD32, submit sample. There is no need to start a thread about it. It is not really that big of a deal.
     
  12. Pain of Salvation

    Pain of Salvation Registered Member

    Joined:
    Apr 21, 2005
    Posts:
    398
    My intention is to show to Eset that they are missing not one sample, but some samples of trojan Banker, that we reicive a lot here in Brazil. My intention is not to bash nod32, but help Eset to make a better protection against trojans banker. My NOD32 has aways picked up all malware, but against trojans banker, NOD32 is not doing so good.

    Ok, I wont start a thread again when NOD32 miss another trojan banker
     
  13. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    But what's the point? Should I post here 1000 screenshots of the threats detected by NOD32 and missed by KAV? I for one do not see any sense in that.
     
  14. Pain of Salvation

    Pain of Salvation Registered Member

    Joined:
    Apr 21, 2005
    Posts:
    398
    No, the only point is that Eset should improve protection againt trojans banker, like make a strong generic signature for them (I don´t understand much about this, so maybe i´m wrong). I have a lot of screenshots that nod32 detects the malware and kav misses too... I just want to see nod32 getting better and better. And I think the weakness of nod32 now is against trojan bankers, which is really a dangerous threat.
     
    Last edited: Dec 3, 2005
  15. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    well, pain of salvation....every AV has its own weak points and NOD32 is improving day by day. Trojan Bankers are not the only problems..... script viruses, backdoors ..these are some weak points...but they're improving and hope to see a big update these days with some old viruses not detected . :D

    (if one ESET mod could confirm my wish I'll be grateful :p )
     
  16. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    My bad, sorry Salvation :(
     
    Last edited: Dec 5, 2005
  17. Pain of Salvation

    Pain of Salvation Registered Member

    Joined:
    Apr 21, 2005
    Posts:
    398
    But I´ve sent the sample... see the first post.
     
  18. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    POS - the point is really that many of us submit samples when we have them - it's not necessary to start a thread each time we submit something to Eset... just bask in the internal glow you get from doing the submisssion! You are doing your part already!
     
  19. gue_st

    gue_st Guest

    Re: Attention: German Users

    Does this not apply here too?
    Probably, one could post the forum full with any given Anti-virus proactively detecting a single piece of Malware?
    Or, the problem is screenshot?:D
     
  20. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    gue_st, I have split you post from here, to this thread, as this is where you are quoting from. Which is where I gather you meant to post...

    Cheers :D
     
  21. meargh

    meargh Guest

    This is true. I'm saying this just so no one comes here and things this should reflect badly on NOD32: I've found two or three trojans that KAV 5.0 missed. I didn't post here at all--what's the point? I submitted them and was done with it.
     
  22. POS

    POS Guest

    I´ve said before what is the point.. The point is not to bash nod32, the point is to show Eset guys that NOD32 is weak against trojans Bankers, and they must add more signatures for them. I use NOD32 and for me NOD32 is the best AV, so why would I bash NOD?
     
  23. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    POS, I know you say you're not bashing the product, but there is a procedure for adding unknown threats, it's called submission - that's it... nowhere in the program itself does it say to "go to Wilders and let us know there too..." - does it?

    It doesn't matter whether it's one of the ever evolving number of trojan bankers, or a new variant of Sober or Mytob - the procedure is the same - submit the sample and get on the other things in your life...
     
  24. gue_st

    gue_st Guest

    Still not clear, why posting about detecting something is a good thing, but about missing is so bad, while information about missed samples is generally more useful.
     
  25. ..........

    .......... Guest

    because Pain of Salvation has posted these 'trojan banker' threads for many times already
    it is not necessary to open a new thread every time you find a trojan an AV is missing or detecting
    just submit the sample and it's fine
     
Thread Status:
Not open for further replies.