NOD32 Antivirus for Mac: Some Questions

These are a few questions relating to ESET's antivirus scanner for OS X, which is currently in beta, that I was asked in response to a post at Mac Virus. (If you want to take the beta out for a spin, you can still download it at http://beta.eset.com/macosx.)

As these questions are very ESET-specific, I thought it was more appropriate to answer them here rather than at Mac Virus.

1. You mentioned at the Eset blog in response to one of my comments that you where running EAV for Mac, on your Mac. So I am just wondering what the average Memory and CPU usage is for EAV on a Mac?

Yes, I'm running ESET's beta scanner on one of my Macs. I haven't looked at performance metrics, and I probably won't even if it starts to look anomalous. I don't have the time and resources to do accurate performance testing here at the moment, and I don't know that it would be useful anyway. The product is still liable to drastic change, as pre-release products tend to be.

2. Also wondering why Eset don’t show how many malware’s records that’s in your database? Not that it is very important that I know how many, but why not?

 Do you mean how many "signatures" do we have, or how many individual items of malware we detect? The two figures don't actually correlate in a way that would be useful: I don't know how many individual detections we have, but to give that number  would be misleading, since there isn't a single detection to every malicious binary.

Note that this is true of all mainstream AV vendors: because virus labs receive tens of thousands of unique binaries to analyse every day, the emphasis has to be on the most effective way of detecting as many of them as possible, not on precise classification, which is why malware information databases tend to be fairly generic nowadays.

ESET's detections are highly generic (meaning that a whole family or families, variants and subvariants might be picked up by a single detection) and/or heuristic (malware is detected by its characteristics or behaviour rather than by exact or near-exact identification): INF/Autorun, for instance, detects an enormous range (and volume) of malicious programs with two characteristics in common: (a) they try to exploit AutoRun (b) they're malicious! .

3. I know that the Mac version of NOD32 is crossplatform and detects Mac,Linux,and Windows malware. But does the Windows version detect Windows, Mac, And Linux malware as well?

Yes, ESET scanners for Windows detect malware OS X and Linux malware.

David Harley BA CISSP FBCS CITP
Director of Malware Intelligence

ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter: http://twitter.com/esetresearch (or http://twitter.com/ESETblog)
ESET White Papers Page: http://www.eset.com/download/whitepapers.php

Securing Our eCity community initiative: http://www.securingourecity.org/

Also blogging at:
http://smallbluegreenblog.wordpress.com/
http://avien.net/blog
http://blogs.securiteam.com
http://blog.isc2.org/
http://macvirus.com/
 

Author David Harley, ESET

  • Johan

    Hi David!
    Thanks for answering my questions, it's always a pleasure asking you questions since your responses are always so good!
    And good to know that the Windows version detects Win, Mac and Linux malware as well.
    Though I got a follow up question for this. Howcome that you don't mention that the Windows version of NOD32/ESS detects Linux, and Mac malware as well, anywhere on the Overview or Feature Tab here: http://www.eset.com/products/nod32.php ??
    That's something I think you should add so people knows about that, since it's a good thing to know :)
    Thanks for answering.

  • Steve Balla

    Installed eav4 beta on my imac. Now it's locked up. Can not do anything, mouse moves, but that's it. I can not click on anything. Will not allow me to reinstall my os.

    • David Harley

      Steve, I’m afraid we can’t do product/tech support through the blog. There aren’t enough of us! Please try the Support tab on the main ESET page, since there doesn’t seem to be one on the beta page. You probably need the “submit a case online” option.

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.