You know there`s a thing called getsusp and you know its function, right?
The list above show the analysis report of the samples that have been missed on my PC.
So you mean MIS lack some method of detection, and that`s why the difference in detection exists?
With all due respect, after using the Software for over (15) years and being a Moderator. Of course I do. I think Simon clearly explained the Difference between Detection Capabilities.
All the very Best,
CD/Catdaddy
I`ve searched some information about "RDN" detections, the readme files of DAT files says that
RDN/ Denoting the malware signature
was authored by McAfee Automation system.
So what`s the point of mentioning behavioral detection? There`s no behavioral detection in consumer products, that`s already known.
Is he referring to difference between detection capabilities of mcafee in getsusp and on my PC?
The primary thing to take into consideration is, Are you experiencing any abnormal behavior, anything untoward in regards to your Software? If the answer is (No)...then there should be no reason for concern in my sincere honest opinion.
there are samples that were missed on my PC, but when I uploaded them onto getsusp, it says that mcafee can kill some of them already.
that`s all I wanna express, and that`s abnormal enough, from my point of view.
What makes you think consumer products don't do behavioural protection? Of course they do!
getsup just looks at hashes of files and compares them with our dataset - it doesn't answer the question "would this file be allowed to run".
RDN refers to our datacenter machine learning system. It's often misunderstood that we hand-analyse all the malware we find, but when you're seeing upwards of 200k a day that's not scalable - most malware gets categorized automatically. Only the truly unique stuff needs human eyes.
One odd one I noticed in your dump was 7b84e05bf2045a64fba566dfb929d140 - If you look at VT most AV's consider it benign, which is usually a good sign that the few that don't are falsing.
It could be malware though - opinions change but given it's been in the system for two weeks it almost seems as if it's just some test code. Where are you getting samples from, and what are you trying to achieve by downloading them and submitting them?
oh, and if you are actually trying to answer the question "is this detected" - Stinger is a better tool for that.
In regards to 'Stinger' Stinger | McAfee Free Tools Read how to use.
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: