I received an infected file by e-mail and send it to Antivir, Arcavir, Avast!, AVG, BitDefender, GDATA, Kaspersky, MKS_VIR and NOd-32 to be analysed and added to database.
Kaspersky answered 30 minutes later saying that it had detected a virus and it would add to the data base in the next update. One hour later the virus already was in the data base of my update.
AVG answered (auto-response) saying that had not found a valid serial with my email and it would be ignored. NOt added to database yet.
NOD-32 said 2 days later that my file need you be zipped and password protected to be analysed.
Antivir and Avast! answered 1 day later saying to have found a virus and that it would be added to database. However, in update following he had still not been added. Only 2 days later it occurred.
BitDefender and MKS_VIR added to the DB 2 weeks later, without answer to me (I don't know if they added after my e-mail).
Other companies ignored me ;)
It's a BIG difference that can define the quality of an antivirus software/company.

Wow, pretty neat - so how did you know the file was infected when none of those applications were able to detect it?
Where did you test all those different AVs?
What was the filename and the name of the malware?

ive never sent anything to anyone other than kaspersky, and like you experienced its usually added to the kav definitions within 1-2 hours.

and how did i know? something new trying to connect out

{QUOTE-> ive never sent anything to anyone other than kaspersky, and like you experienced its usually added to the kav definitions within 1-2 hours.

and how did i know? something new trying to connect out <-QUOTE}
If possible, try to send that sample to McAfee too. I was quite pleased with their malware analysts. :)

i think ill stick with sending it to companies i like

{QUOTE-> i think ill stick with sending it to companies i like <-QUOTE}
You dont want me to cry now do you? :'(:P;D

{QUOTE-> You dont want me to cry now do you? :'(:P;D <-QUOTE}

LOL! ;D

i read an interview with one of the virus analystrs from norman some time ago. according to him all the anti virus companies have some kind of joint server where all new samples are uploaded to. that means as soon as one company spots a new malware all the others will have access to it too. but its just the malware that is shared, not the cure, thats up to the individual companies to find

{QUOTE-> Wow, pretty neat - so how did you know the file was infected when none of those applications were able to detect it?
Where did you test all those different AVs?
What was the filename and the name of the malware? <-QUOTE}


1. Ppl that sent it to me have a website about virii and said that was infected.
2. I install and uninstall antivirus software every week. I scan the files using online scan service of antivirus websites or generic websites with scan engine.
3. The filename isn't important and Kaspersky analysts said:
"Hello.

This is trojan script Trojan.BAT.Shutdown.l.
Detection added.

Sincerely yours,
Pavel Zelensky
Virus analyst"
____
As you questioned about it, I can put here more information about other AV companies.
I sent the file to the companies at May 20.
___
Kaspersky answered - May 20 - with the information above.
__
AVG said:
This email is an auto-response message.

Thank you for your email.

We have not been able to find AVG Professional License Number or your email address registered in our database.

Your license number or email address has been found to be registered with AVG Free.
*Maybe I sent to worng address...
___
Antivir:
Dear Sirs,


Thank you for your recent inquiry.

We found a new virus in the attachment you have sent us.
The signature will be integrated in one of our next updates.


We thank you for your assistance.
--
Freundliche Gruesse/Sincerely
AntiVir PersonalProducts GmbH

--
Mit freundlichen Grüßen/Sincerely
AntiVir PersonalProducts GmbH

_____
Avast!:
Dear customer,
i sent it to analysis, but normally, you should not even read these mails and delete it, as they are allways fake.

--
Best regards,
David Podracky - avast! support team
____

{QUOTE-> i read an interview with one of the virus analystrs from norman some time ago. according to him all the anti virus companies have some kind of joint server where all new samples are uploaded to. that means as soon as one company spots a new malware all the others will have access to it too. but its just the malware that is shared, not the cure, thats up to the individual companies to find <-QUOTE}


I think it's impossible. If you get a virus detected by Kaspersky (or by other companie and not detect by Kaspersky) other you'll see that itsn't ok... You can get an infected file and send to ONLINE SCAN of antivirus companies (F-Secure, kaspersky, mks-Vir and other)... or install and uninstall many softwares... (!!!)

Your findings are similar to mine;

http://www.wilderssecurity.com/showthread.php?t=87210

http://antivirus.nafoto.net/images/photo20050701183905.JPG
and
http://antivirus.nafoto.net/images/photo20050701183920.JPG

It's TODAY!!! (July, 1)

The same file...

{QUOTE-> NOD-32 said 2 days later that my file need you be zipped and password protected to be analysed. <-QUOTE}
Here is the procedure to manually submit suspected virus files to Eset, as found on http://www.eset.com/support/nodfaq2.htm#virus :
{QUOTE-> To submit a suspicious file to Eset for analysis, please carry on as follows:
compress the file(s) into a zip or rar archive, protect it with the password "infected"
attach the archive to an email message
send the message with the attachment to samples@eset.com

If the suspicious file has been quarantined, you can simply send the appropriate nqf file from the program files\eset\infected folder to samples@eset.com

If a file is reported as infected with a probable unknown virus, we recommend to submit it to sample@eset.com <-QUOTE}

Or, since you are in Brazil...
http://www.nod32.com.br/support/faq.php
{QUOTE-> Como enviar um arquivo suspeito para análise?

Por favor, envie o(s) arquivo(s) SUSPEITO(s) ORIGINAL(is) para análise apurada, para o e-mail samples@eset.com.br.

Caso não o localize no endereço indicado pelo NOD32 no ato da detecção, envie o conteúdo da pasta "Quarentena" (= infected).

C:\Arquivos de programas\ESET\infected

Selecione os arquivos dentro da pasta "infected" e arraste-os para o corpo do email que irá nos enviar. Envie o email normalmente.

Lembre-se, para que seja atendido(a) mais rapidamente:

1. Sempre compacte o "arquivo suspeito" e proteja-o por senha, antes de anexá-lo e enviá-lo por e-mail.
2. Use somente a senha: infected
3. Sempre coloque no campo do Assunto/Subject do email o seguinte texto: [nod32sample] <-QUOTE}

By doing so, you will do those of us who do use NOD32 a favor by helping them update their definitions. ;)

{QUOTE-> i read an interview with one of the virus analystrs from norman some time ago. according to him all the anti virus companies have some kind of joint server where all new samples are uploaded to. that means as soon as one company spots a new malware all the others will have access to it too. but its just the malware that is shared, not the cure, thats up to the individual companies to find <-QUOTE}This is very interesting. How about this...well sounds like colabiration is going on and that is a good thing. ;)

{QUOTE-> AVG said:
This email is an auto-response message.

Thank you for your email.

We have not been able to find AVG Professional License Number or your email address registered in our database.

Your license number or email address has been found to be registered with AVG Free.
*Maybe I sent to worng address... <-QUOTE}Well if I understand this correctly this blows one of my reasons that I thought AV companies distibuted Free versions of their AV products, which was to gather virus samples quickly from their free av users in order to get them into their update data bases quickly. Any thoughts anyone?

{QUOTE-> Well if I understand this correctly this blows one of my reasons that I thought AV companies distibuted Free versions of their AV products, which was to gather virus samples quickly from their free av users in order to get them into their update data bases quickly. Any thoughts anyone? <-QUOTE}

I doubt that's the primary reason for distributing free versions.
The people tech savy enough to submit virus samples, probably use several AVs and will be smart enough to submit it to more than 1 company.

There's autosubmission of samples of course, but that's not very reliable as compared to manual submission by someone who knows what he is doing.

Well,take a look at avast! and AntiVir. avast! guys don't make any difference between free and payable version. Even support is the same (altghough i assume, that paying customers have priority for support).
All samples that i have sent to avast! and AntiVir were added regardless if i was running free or payble version. GriSoft guys are dumb if they don't allow free users to submit files (like digging grave for yourself).

{QUOTE-> If possible, try to send that sample to McAfee too. I was quite pleased with their malware analysts. :) <-QUOTE}
I also agree, seemed like good people when I submitted stuff.

Hi,

To submit virus samples to Grisoft (AVG) send them zipped and password protected to virus@grisoft.com

I don't ever get a reply but they do usually end up being detected in future updates.

Kind Regards

Jlo

{QUOTE-> i think ill stick with sending it to companies i like <-QUOTE}

Which is why I consider every aspect of one's post, and take them with a grain of salt ;)

I received this file by mail and searched for malware.
The results are:

July 3, 02:00 AM (England)

Jotti
http://antivirus.nafoto.net/images/photo20050704213711.JPG
and
VirusTotal
http://antivirus.nafoto.net/images/photo20050704213739.JPG

After send the sample to ALL Antivirus listed in dobble websites, we have now it:
July 5, 00:43 AM

Jotti
http://antivirus.nafoto.net/images/photo20050704214024.JPG
and
http://antivirus.nafoto.net/images/photo20050704214240.JPG
====

You can analyze and create your own conclusions.

Best regards