I have a pdf exploit I submitted several weeks ago that still isn't detected. Also, automated signatures are nothing to brag about, its those kind of weak signatures that are easily broken.
1.One missing malware"if this is right"dont make the av bad even huge companies like symantec do this.
2.automated signature adding mean analyzing files and watch for bad activities from it then the automate program will add its signature to the database,that is like the work done by human"ofcourse hman analyzing is better"but if i or my program analyze a file and it was a malware we both will add it signature to my database.