With all due respect, after using the Software for over (15) years and being a Moderator. Of course I do. I think Simon clearly explained the Difference between Detection Capabilities.
All the very Best,
The primary thing to take into consideration is, Are you experiencing any abnormal behavior, anything untoward in regards to your Software? If the answer is (No)...then there should be no reason for concern in my sincere honest opinion.
there are samples that were missed on my PC, but when I uploaded them onto getsusp, it says that mcafee can kill some of them already.
that`s all I wanna express, and that`s abnormal enough, from my point of view.
What makes you think consumer products don't do behavioural protection? Of course they do!
getsup just looks at hashes of files and compares them with our dataset - it doesn't answer the question "would this file be allowed to run".
RDN refers to our datacenter machine learning system. It's often misunderstood that we hand-analyse all the malware we find, but when you're seeing upwards of 200k a day that's not scalable - most malware gets categorized automatically. Only the truly unique stuff needs human eyes.
One odd one I noticed in your dump was 7b84e05bf2045a64fba566dfb929d140 - If you look at VT most AV's consider it benign, which is usually a good sign that the few that don't are falsing.
It could be malware though - opinions change but given it's been in the system for two weeks it almost seems as if it's just some test code. Where are you getting samples from, and what are you trying to achieve by downloading them and submitting them?
my question is simple: Why my internet security can`t detect some samples while getsusp marked them as "detected",like this one:
| 34.ex_ | ec30c5cbca734b6c0311e5f332558606 | detected | rdn/ransom | assumed_dirty4 |
That`s the only thing I want to know.
It`s my fault if I`ve expressed something in bad manner, but can you explain that?
This sample gets detected by OAS and ODS for me as Artemis!EC30C5CBCA73
Am on VirusScan 8.8 - the enterprise product.
Do you see any Artemis! based detection names in MIS? Just want to make sure the cloud detection feature is enabled and working for you.