5 days since samples sent

Discussion in 'NOD32 version 2 Forum' started by enduser999, Apr 22, 2005.

Thread Status:
Not open for further replies.
  1. enduser999

    enduser999 Registered Member

    Joined:
    Apr 17, 2005
    Posts:
    418
    Location:
    The Peg
    Back on APril 17th I emailed several files to samples@nod32.com that NOD32 indicated were infected with an unknow virus. These files have been on my computer for years and no other anti-virus that I have tried indcated any problem with them. How long is it usually before one hears back?
     
  2. kjempen

    kjempen Registered Member

    Joined:
    May 6, 2004
    Posts:
    379
    If you try scanning the files here and here , you can see if any other antivirus detects these files. If not, and you believe they're all false positives, report this in an e-mail to support at eset.com (someone please correct me if this is wrong), with the samples in a .zipped archive protected with the password "infected", and link to this thread in the e-mail.

    If they are not false positives, then by scanning at the two previous places I mentioned, you are also automatically (re-)submitting these samples.
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,415
    If you are using the new beta 2.5 (which I would rather call a release candidate), suspicious file will be submitted automatically.

    Please bear in mind that signatues are picked up on a per-need basis which means that threats not detected even by heuristics have higher priority than not so common threats picked up by heuristics.
     
  4. enduser999

    enduser999 Registered Member

    Joined:
    Apr 17, 2005
    Posts:
    418
    Location:
    The Peg
    Jotti indicated:
    "POSSIBLY INFECTED/MALWARE (Note: this file was only flagged as malware by heuristic detection(s). This might be a false positive. Therefore, results of this scan will not be stored in the database)"

    While VirusTotal indicated:

    Either the 1 of the 3 files were suspicious (including NOD32) or possibly infected with the Macro.crypt virus.

    I am using the non-beta version of NOD32.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,415
    One more thing you could check - the heuristics level in the AMON setup should be set to Standard and not to Deep to avoid getting a lot of false positives.

    Should NOD32 still report it and the file in question is crucial to you, just send it to support@eset.com with a link to this thread.
     
  6. enduser999

    enduser999 Registered Member

    Joined:
    Apr 17, 2005
    Posts:
    418
    Location:
    The Peg
    It is using the default settings. It is just that these files have been on my computer for over 6 years at least and I find it kinda of strange that they would br infected after all this time and countless scanning using a variety of virus scanners during that time. That is why I sent them to samples@nod32.com.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.