How are new viruses added?

Discussion in 'NOD32 version 2 Forum' started by Stijnson, Jan 4, 2008.

Thread Status:
Not open for further replies.
  1. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    I read that Trend Micro has discovered a new variant of Sohanad (Sohanad.FM). I haven't seen it in the NOD updates so far, but I was wondering (in general) how new variants are added to the definitions.
    Are they only added once someone has been infected or is the lab also investigating on its own?
     
  2. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    Does anyone know if sohanad.fm has been added to the definitions yet (perhaps under a different name)?
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Sohanad is an Autoit script worm, it's easy to modify it and create tons of variants on a daily basis. I'd say NOD32 detects more than 95% of them and detection will be improved even more shortly.
     
  4. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
    So ThreatSense will pick most of them right up?
     
  5. Stijnson

    Stijnson Registered Member

    Joined:
    Nov 7, 2007
    Posts:
    533
    Location:
    Paranoia Heaven
Thread Status:
Not open for further replies.