5 days since samples sent

Discussion in 'NOD32 version 2 Forum' started by enduser999, Apr 22, 2005.

Thread Status:
Not open for further replies.
  1. enduser999

    enduser999 Registered Member

    Joined:
    Apr 17, 2005
    Posts:
    418
    Location:
    The Peg
    Back on APril 17th I emailed several files to samples@nod32.com that NOD32 indicated were infected with an unknow virus. These files have been on my computer for years and no other anti-virus that I have tried indcated any problem with them. How long is it usually before one hears back?
     
  2. kjempen

    kjempen Registered Member

    Joined:
    May 6, 2004
    Posts:
    379
    If you try scanning the files here and here , you can see if any other antivirus detects these files. If not, and you believe they're all false positives, report this in an e-mail to support at eset.com (someone please correct me if this is wrong), with the samples in a .zipped archive protected with the password "infected", and link to this thread in the e-mail.

    If they are not false positives, then by scanning at the two previous places I mentioned, you are also automatically (re-)submitting these samples.
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    If you are using the new beta 2.5 (which I would rather call a release candidate), suspicious file will be submitted automatically.

    Please bear in mind that signatues are picked up on a per-need basis which means that threats not detected even by heuristics have higher priority than not so common threats picked up by heuristics.
     
  4. enduser999

    enduser999 Registered Member

    Joined:
    Apr 17, 2005
    Posts:
    418
    Location:
    The Peg
    Jotti indicated:
    "POSSIBLY INFECTED/MALWARE (Note: this file was only flagged as malware by heuristic detection(s). This might be a false positive. Therefore, results of this scan will not be stored in the database)"

    While VirusTotal indicated:

    Either the 1 of the 3 files were suspicious (including NOD32) or possibly infected with the Macro.crypt virus.

    I am using the non-beta version of NOD32.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    One more thing you could check - the heuristics level in the AMON setup should be set to Standard and not to Deep to avoid getting a lot of false positives.

    Should NOD32 still report it and the file in question is crucial to you, just send it to support@eset.com with a link to this thread.
     
  6. enduser999

    enduser999 Registered Member

    Joined:
    Apr 17, 2005
    Posts:
    418
    Location:
    The Peg
    It is using the default settings. It is just that these files have been on my computer for over 6 years at least and I find it kinda of strange that they would br infected after all this time and countless scanning using a variety of virus scanners during that time. That is why I sent them to samples@nod32.com.
     
Thread Status:
Not open for further replies.