Comments on: and I say we are detecting between 400,000 and 10,000,000 malware!

By: Hake Binder

Hake Binder — Thu, 26 Jun 2008 12:50:25 +0000

We use McAfee in the Enterprise and our average detection rate this year has been 60% McAfee versus 40% detected using IDS signatures. In the last month that’s down to 35% detection rate for McAfee. To be fair that’s pretty typical of what we’ve seen from all of the vendors but it doesn’t bode well for anyone who deploys antivirus as the solution for malware.

By: Seyed H. Mohtasebi

Seyed H. Mohtasebi — Sun, 22 Jun 2008 10:38:40 +0000

Itâ€™s up to McAfee to decide assign a new name for a new virus or categorize in old virus. All experienced experts know these huge numbers that new anti-virus products declare what means!

But the unacceptable thing is McAfee delay with new threats.

Some days ago I found an unknown virus that copies itself in each folder with the same name as the folder and makes all folders hidden. I submitted it to WebImmune. I expected that WebImmune would respond me after doing some tests. I waited for almost three days but no solution was provided by McAfee. Finally I decided to send an email to McAfee and asked them to provide me a solution or better still an EXTRA.DAT. Their answer that was full of questions that McAfee is supposed to answer me (like why do you suspect this file?) disappointed me. After replying the email and answering all questions, they asked me some log files. I have provided all of them but unfortunately nothing was provided by McAfee. Meanwhile, our network was going done under this new virus. I have traced all other anti-virus reactions for this threat in VirusTotal (www.virustotal.com). For first day there was no anti-virus that can detect this threat. But this number was going up. After almost 10 days finally I could find an EXTRA in WebImmune.

Although, the description of viruses are too old and for many new viruses there isnâ€™t any description on NAI.com.

Many people around the world are proud that they use McAfee products. They believe McAfee is an experienced company in dealing with viruses.

You, your colleagues and also we as customers can improve it.

By: Andres

Andres — Sun, 22 Jun 2008 03:19:22 +0000

I dont think so… just this year, we find a lot of kind o viruses that McAfee didnt detect, and others like karspersky did.

By: Huey Chang

Huey Chang — Sat, 21 Jun 2008 00:26:01 +0000

Lots of Chinaâ€™s Trojans cannot be detected.

Add more detections about them.

Analysis and analysis malwares….

By: Craig Hughes

Craig Hughes — Fri, 20 Jun 2008 17:29:13 +0000

Wouldn’t it be better to write a security system which prevented the threats which have not yet occurred, rather than those which you already know about? If there are 760k new samples in a month, how many of those were detected a-priori, that is before the detector was modified to include them?