IRC Bot not flagged by NOD32

Discussion in 'NOD32 version 2 Forum' started by BTW, May 17, 2005.

Thread Status:
Not open for further replies.
  1. BTW

    BTW Guest

    Hello,

    This one : h***://<removed>/virus/picture-14.exe

    Bitdefender, KAV, MacAfee and Panda received a sample on 0515 like NOD32 and other AVers.

    KAV adds it to its DB 2 hours later, Bitdefender 8 hours later. MacAfee and Panda today.

    NOD32 doesnot detect it even with advanced heuristic till now.

    Regards,

    No links on this forum to malware--Ron
     
    Last edited by a moderator: May 17, 2005
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Please refrain from posting urls pointing to malicious files here. If you find a suspicious file not detected by NOD32 send it to samples@eset.com for further analysis. Also, bear in mind the following:
    1. No AV scanner detects 100% of all threats in the world
    2. Many other AV scanners flag also corrupted and non-functional files as infected

    PS: the url doesn't seem to work now
     
  3. BTW

    BTW Guest

    As you may see, I altered the URL before posting and if you replace *** by ttp, it 's still working and of course I sent a sample to samples@eset.com like to the other AVers 2 days ago.

    1. Of course (see Cohen theoreme ;)) . The question is why some other AVers are more reactive than ESET.
    2. This one is no false positive nor corrupted and fully functional as you could see if you run or decompile the sample I sent to you or d/l from the rebuild address :cool:
     
  4. BTW

    BTW Guest

    Hello,

    Now with DB 1.1100 the malware is detected.

    KAV detected it 2 hours after sample submission.
    NOD32 after 4 days...
    No other comment
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    It's been said numerous times here that Eset picks up signatures on a per-need basis. Worms and in-the-wild malware has the highest priority.
     
  6. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    Thank You Marcos :)
     
  7. BTW

    BTW Guest

    FYI it's a worm :cool:
     
  8. .....

    ..... Registered Member

    Joined:
    Jan 14, 2005
    Posts:
    312
    FYI... its a trojan
     
  9. BTW

    BTW Guest


    It is a worm with backdoor Trojan functionality, like a lot of worms nowadays....

    When first run the worm copies itself to the Windows system folder as MSNMSGRS.EXE and is run at Windows start up awaiting for commands from a remote attacker

    Do you mean as this worm install a backdoor it should not be considered as important for an AV/AT to detect it and protect its customers as soon as possible if they happend to get a sample ? Would it be more important in your opinion to detect a simple worm without armfull payload but just spreading in a larger scale ?
     
  10. dvk01

    dvk01 Global Moderator

    Joined:
    Oct 9, 2003
    Posts:
    3,131
    Location:
    Loughton, Essex. UK
    I think what ESET are saying is that it is an IRC bot so needs USER intervention to activate and spread and they prioritize the worms that spread without user intervention and those that will infect the greatest number of people first

    In an ideal world every sample would be analysed and include within minutes of being submitted, just as in the ideal world, you ring your doctor for an appointment, see him 5 minutes later and walk away cured, after one injection or pill, it just doesn't happen and you wait to see the doctor according to the priority of the illness
     
  11. BTW

    BTW Guest

    Hello,

    As most virus, trojans and other malwares, you have to click on the PE to activate it of course ;) All the recent worms and virus do require user intervention, no recent malwares on an up to date Windows OS can activate itself without user action. The fact that it"s an IRC bot does not mean you have to run IRC to activate it :cool:

    What is surprising is that NOD32 is renowned for its strong heuristic and it did not catch it with advanced heuristic. Other products catched it heuristically without updating their DB.
    Surprising too : it takes 3 updates between submission and adding a simple sig in the DB.
    Also strange, no answer, even automatic after sample submission. It does not look very professional from a simple customer point of view : I knew it was a backdoor when submitting, it took me 2 minutes to verify by myself ;)

    Does not seem to be "high priority" this last days for AVers, very few adding in the DBs.

    I know KAV is often first on the ball, but other products where updated the day after, NOD32 4 days after : that's a bad point for ESET whatever they may say about their so called priorities...
     
  12. Tinribs

    Tinribs Registered Member

    Joined:
    Mar 14, 2002
    Posts:
    734
    Location:
    England
    I will be interested to read any further discussions on this matter, I was an avid user and promoter of Nod32 once, but several instances turned me away from them and this is another example.On three occassions I forwarded a file that Kav had detected but Nod had not, I had zero feedback, and it took, on one occassion, three emails to get a response that it indeed was an infected file.

    I fear they, as a company, may be resting on their laurels and believing their own hype.
    It is a shame, as they have the technology to 'take over the world' in an a/v stance but they seem to be more concerned polishing their VB100 awards than reacting to0 new and in the wild threats. Please prove me wrong.
     
    Last edited: May 18, 2005
  13. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    I run both NOD32 and KAV on different machines.

    Seems to me KAV is starting to get behind more and more in adding detections that other AVs detect.

    Last piece of malware found was Trojan.DragonBot in aimbot.exe, detected by:

    Code:
    Scanner  Malware name  
    AntiVir  X  
    Avast  Win32:Trojano-1302  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  Trojan.DragonBot  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  X  
    VBA32  Trojan.DragonBot  
    
     
    ---
     
    Last piece of malware found was !LargeGroup^.Backdoor.AntiLamer^.Backdoor.Delphi^.Trojan.LdPinch^
    Worm.Bagle^Backdoor.APRE.1 in undetected.exe, detected by:
    
    
    Scanner  Malware name  
    AntiVir  TR/Madtol.A  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  BehavesLike:Win32.ExplorerHijack  
    ClamAV  Trojan.W32.Madtol.A.1  
    Dr.Web  X  
    F-Prot Antivirus  unknown virus  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Malware  
    VBA32  !LargeGroup^.Backdoor.AntiLamer^.Backdoor.Delphi^.
    Trojan.LdPinch^.Worm.Bagle^Backdoor.APRE.1  
    
     
    ---
     
    Last piece of malware found was Backdoor.Small.DL in dfg.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Backdoor.Small.DL  
    ClamAV  Trojan.Small-39  
    Dr.Web  BackDoor.Teh  
    F-Prot Antivirus  unknown virus  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Malware  
    VBA32  X  
    
     
    Last piece of malware found was Backdoor.Win32.Ciadoor.13 in server4.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  BDS/Ciadoor.13.B  
    Avast  Win32:Ciadoor-024  
    AVG Antivirus  X  
    BitDefender  GenPack:Backdoor.Ciadoor.13  
    ClamAV  Trojan.Ciadoor.13.C  
    Dr.Web  X  
    F-Prot Antivirus  W32/Ciadoor.AQ@bd  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  Win32/Ciadoor.13  
    Norman Virus Control  X  
    VBA32  Backdoor.Win32.Ciadoor.13  
    
     
    Last piece of malware found was probably unknown WIN32 in server1.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  BDS/VB.adn.1  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown WIN32  
    Norman Virus Control  X  
    VBA32  X  
    
     
    ---
     
    Last piece of malware found was Embedded.Trojan.Win32.Rootkit.h in lx2.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  Worm/Rbot.MM.2  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  Exploit.DCOM.Gen  
    Dr.Web  Win32.HLLW.MyBot.based  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  Embedded.Trojan.Win32.Rootkit.h  
    
     
    ---
     
    Last piece of malware found was BackDoor.Generic.947 in goettin.zip, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  Trojan.Mosucker-28  
    Dr.Web  BackDoor.Generic.947  
    F-Prot Antivirus  X  
    Fortinet  W32/Mosuck.X-tr  
    Kaspersky Anti-Virus  X  
    mks_vir  Trojan.Mosucker.Ah  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  BackDoor.Generic.947  
    
     
    ---
     
    Last piece of malware found was probably unknown NewHeur_PE in winwy.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  TR/Dldr.Delf.CQ  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  Trojan.PWS.Lineage  
    F-Prot Antivirus  unknown virus  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    ---
     
    Last piece of malware found was Trojan.Spybi in aurora.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  Trojan.Spybi  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  X  
    VBA32  Trojan.Spybi  
    
     
    --
     
    Last piece of malware found was Embedded.Trojan-Downloader.Win32.ConHook.d in 1_VIRUS.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Dropped:Trojan.Downloader.ConHook.D  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  X  
    VBA32  Embedded.Trojan-Downloader.Win32.ConHook.d  
    
     
    ---
     
    Last piece of malware found was probably unknown NewHeur_PE in 00005.SPL, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  Win32.HLLW.Agobot  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    ---
     
    Last piece of malware found was Heuristic/Trojan.PwdStealer in 092E89E5.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  Heuristic/Trojan.PwdStealer  
    Avast  Win32:Haltura-B  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  Sandbox: W32/Backdoor  
    VBA32  X  
    
     
    --
     
    Last piece of malware found was Trojan.Bankfraud in Important Information From LaSalle Bank Billing Department.eml, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  HTML.Phishing.Bank-1  
    Dr.Web  Trojan.Bankfraud  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  X  
    VBA32  X  
    
     
    ----
     
    Last piece of malware found was BehavesLike:Trojan.Downloader in note.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  BehavesLike:Trojan.Downloader  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Downloader  
    VBA32  X  
    
     
    ----
     
    Last piece of malware found was Trojan.MulDrop.1732 in yod12st275.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  Trojan.MulDrop.1732  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Win32.4  
    NOD32  X  
    Norman Virus Control  X  
    VBA32  X  
    
     
    ---
     
    Last piece of malware found was probably unknown NewHeur_PE in HomeVideo.txt, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  BackDoor.Generic.806  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    ---
     
    Last piece of malware found was Backdoor.VisualBasic.12 in BRAT.zip, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Backdoor.Generic.941  
    ClamAV  X  
    Dr.Web  modification of BackDoor.Generic.941  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  Backdoor.VisualBasic.12  
    
     
    ---
     
    Last piece of malware found was Dropped:Trojan.PWS.Ldpinch.AK in krtqvyuh.virus exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Dropped:Trojan.PWS.Ldpinch.AK  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Win32  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Downloader  
    VBA32  X  
    
     
    ---
     
    Last piece of malware found was probably unknown NewHeur_PE in popuper.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  TR/Drop.Puper.D.1  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    ---
     
    Last piece of malware found was Dropped:Backdoor.Prorat.19 in UPXServer.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  Dropper.Small.15.S  
    BitDefender  Dropped:Backdoor.Prorat.19  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  X  
    VBA32  X  
    
     
    -----
     
    Last piece of malware found was DIAL/Generic dialer in uk_nm.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  DIAL/Generic dialer  
    Avast  X  
    AVG Antivirus  Dialer.26.AC  
    BitDefender  BehavesLike:Trojan.StartPage  
    ClamAV  Dialer-135  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  Dial/256  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Malware  
    VBA32  X  
    
     
    -----------------
     
    Last piece of malware found was probably unknown NewHeur_PE in MMD_Svr.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  TR/Spy.Delf.EQ.1  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  BehavesLike:Win32.ExplorerHijack  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  unknown virus  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    -----
     
    Last piece of malware found was BehavesLike:Trojan.LowZones in gclib.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  BehavesLike:Trojan.LowZones  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  unknown virus  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Malware  
    VBA32  X  
    
    
     
    ----
     
    Last piece of malware found was Bifrose.D in server.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Backdoor.Bifrose.D  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Win32.4  
    NOD32  X  
    Norman Virus Control  Bifrose.D  
    VBA32  X  
    
     
    ----
     
    Last piece of malware found was Heuristic/Trojan.Downloader in ali.pif, detected by:
    
    Scanner  Malware name  
    AntiVir  Heuristic/Trojan.Downloader  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  BehavesLike:Win32.ExplorerHijack  
    ClamAV  Trojan.Downloader.Small-213  
    Dr.Web  Trojan.Elirt.101  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Trojan.Trojandownloader.Small.Fk  
    NOD32  X  
    Norman Virus Control  Sandbox: W32/Downloader  
    VBA32  X  
    
     
    ----
     
    Last piece of malware found was JS/Relink.A in Htm2.zip, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Exploit.Html.MhtRedir.Gen  
    ClamAV  Exploit.HTML.MHTRedir-8  
    Dr.Web  Exploit.MhtRedir  
    F-Prot Antivirus  X  
    Fortinet  HTML/Exploit.Mht  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  HTML/Mht.AP Exploit  
    Norman Virus Control  JS/Relink.A  
    VBA32  X  
    
     
    ---
     
    Last piece of malware found was Backdoor.Win32.Evilsock in evilsocks.zip, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Trojan.Evilsock  
    NOD32  X  
    Norman Virus Control  X  
    VBA32  Backdoor.Win32.Evilsock  
    
     
    ----
     
    Last piece of malware found was probably unknown NewHeur_PE in server.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  Trojan.Runup.10-srv-2  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Trojan.Xcv  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    ------
     
    Last piece of malware found was Trojan-Downloader.Win32.Agent.ex in testinst.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  Downloader.Agent.12.AF  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  W32/Agent.EX-tr  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  X  
    VBA32  Trojan-Downloader.Win32.Agent.ex  
    
     
    ----------
     
    Last piece of malware found was Trojan-Downloader.Win32.Agent.ex in ViaSky.zip, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  Downloader.Agent.12.AF  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  W32/Agent.EX-tr  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  X  
    VBA32  Trojan-Downloader.Win32.Agent.ex  
    
     
    -----
     
    Last piece of malware found was Worm/SdBot.57334.A in Edited2.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  Worm/SdBot.57334.A  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  BehavesLike:Win32.IRC-Backdoor  
    ClamAV  Trojan.SdBot-279  
    Dr.Web  X  
    F-Prot Antivirus  unknown virus  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Malware  
    VBA32  X  
    
     
    ----
     
    Last piece of malware found was probably unknown NewHeur_PE in Data_1.bin, detected by:
    
    Scanner  Malware name  
    AntiVir  TR/Dldr.Bandos.C  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    -----
     
    Last piece of malware found was Trojan.LdPinch.1 in s3.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  Win32/Prorat.16  
    Norman Virus Control  X  
    VBA32  Trojan.LdPinch.1  
    
     
    -----------
     
    Last piece of malware found was probably unknown NewHeur_PE in burn.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  Win32:Ciadoor-024  
    AVG Antivirus  X  
    BitDefender  Backdoor.VB.ASB  
    ClamAV  X  
    Dr.Web  BackDoor.Generic.920  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    ------
     
    Last piece of malware found was Win32.HLLW.NetSky.c in rx7-encrypt.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Gaobot.gen  
    VBA32  Unknown.Win32Virus  
    
    ----
     
    Last piece of malware found was Trojan.Trojandownloader.Small.Eo in mHOn.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  TR/Dldr.Small.EO  
    Avast  Win32:Trojano-271  
    AVG Antivirus  X  
    BitDefender  BehavesLike:Win32.ExplorerHijack  
    ClamAV  Trojan.Downloader.TFWB  
    Dr.Web  Trojan.DownLoader.3072  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Trojan.Trojandownloader.Small.Eo  
    NOD32  X  
    Norman Virus Control  X  
    VBA32  X  
    
     
     
    ----------
     
    Last piece of malware found was Backdoor.Win32.Bifrose.d in server.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Win95  
    NOD32  probably unknown WIN32  
    Norman Virus Control  Bifrose.D  
    VBA32  Backdoor.Win32.Bifrose.d  
    
     
    ------
     
    Last piece of malware found was Unknown.Win32Virus in (EFZ) LongBOt.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  Trojan.DragonBot  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  X  
    VBA32  Unknown.Win32Virus  
    
     
    -------
     
    Last piece of malware found was probably unknown NewHeur_PE in csmss32.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  TR/Proxy.Agent.CK.1  
    Avast  Win32:Trojan-gen.  
    AVG Antivirus  X  
    BitDefender  Trojan.Agent.DO  
    ClamAV  X  
    Dr.Web  BackDoor.Zorro  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    -----
     
    Last piece of malware found was Embedded.Trojan.Win32.Rootkit.h in shited.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Malware  
    VBA32  Embedded.Trojan.Win32.Rootkit.h  
    
     
    -------
     
    Last piece of malware found was probably unknown NewHeur_PE in bogieman.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Malware  
    VBA32  X  
    
     
     
    -------
     
    Last piece of malware found was probably unknown NewHeur_PE in rBot.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  BehavesLike:Win32.IRC-Backdoor  
    ClamAV  X  
    Dr.Web  Win32.HLLW.ForBot  
    F-Prot Antivirus  unknown virus  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    ----------------
     
    Last piece of malware found was probably unknown NewHeur_PE in sdbot05b.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Backdoor.SDBot.78116B39  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  unknown virus  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    -------------
     
    Last piece of malware found was probably unknown NewHeur_PE in p1.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  Trojan.Mosucker-28  
    Dr.Web  BackDoor.Generic.947  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Trojan.Mosucker.Ah  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    ------
     
     
    Last piece of malware found was Win32/VB.NAD in smss.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Trojan.Vb.Nad  
    NOD32  Win32/VB.NAD  
    Norman Virus Control  X  
    VBA32  X  
    
     
     
    ------
     
    Last piece of malware found was BehavesLike:Win32.FileInfector in Stubbos.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  BehavesLike:Win32.FileInfector  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  unknown virus  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Malware  
    VBA32  X  
    
    
     
    -------
     
    Last piece of malware found was probably unknown NewHeur_PE in ForBot-NoSSL.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Backdoor.SDBot.68B55F76  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    VBA32  X  
    
     
    ---------
     
    Last piece of malware found was Dropped:Backdoor.Bifrose.D in tester.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Dropped:Backdoor.Bifrose.D  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  Win32/TrojanDropper.Small.FK  
    Norman Virus Control  Sandbox: W32/Malware  
    VBA32  X  
    
     
    -------
     
    Last piece of malware found was probably unknown CRYPT.WIN32 in build3xing.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  TR/Click.Small.DN.3  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  Trojan.Rbot.GEN-3  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  W32.Generic  
    NOD32  probably unknown CRYPT.WIN32  
    Norman Virus Control  X  
    VBA32  X  
    
     
    -----
     
    Last piece of malware found was Heuristic/Backdoor.IRCBot in vegasbot.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  Heuristic/Backdoor.IRCBot  
    Avast  X  
    AVG Antivirus  IRC/BackDoor.SdBot  
    BitDefender  Backdoor.SDBot.3667B92B  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  unknown virus  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Backdoor  
    VBA32  X  
    
     
    -------------
     
    Last piece of malware found was Win32/Beastdoor.207.B in 91826740_server.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Backdoor.Beastdoor.207.B  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Win32.4  
    NOD32  Win32/Beastdoor.207.B  
    Norman Virus Control  X  
    
     
    --------
     
    Last piece of malware found was HackerTool/Cracksearch in CrackSearcher.rar, detected by:
    
    Scanner  Malware name  
    AntiVir  PMS/CrackSearch.A possible malicious software  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  not a virus Tool.CrackSearch  
    F-Prot Antivirus  X  
    Fortinet  HackerTool/Cracksearch  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  X  
    
    
     
    --------
     
    Last piece of malware found was probably unknown NewHeur_PE in virus.eee, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Win32.Mydoom.1.Gen@mm  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Win32.4  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    
     
    -----
     
    Last piece of malware found was Win32/TrojanDropper.Small.NBO in rocked.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Win32.4  
    NOD32  Win32/TrojanDropper.Small.NBO  
    Norman Virus Control  X  
    
     
    -------
     
    Last piece of malware found was W32/StartPage-tr in geoe.dll, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  Win32:StartPage-080  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  Trojan.Startpage-215  
    Dr.Web  Trojan.StartPage.581  
    F-Prot Antivirus  X  
    Fortinet  W32/StartPage-tr  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  X  
    
     
    -----
     
    Last piece of malware found was probably unknown NewHeur_PE in document.htm.pi_, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Win32.Mydoom.1.Gen@mm  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Win32.4  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  X  
    
     
    ---------
     
     
    Last piece of malware found was W32/Bagle.Gen!Rar in Encrypted.rar, detected by:
    
    Scanner  Malware name  
    AntiVir  Heuristic/PwdRAR  
    Avast  RarPSW  
    AVG Antivirus  X  
    BitDefender  Win32.Bagle.M (RAR)  
    ClamAV  Worm.Bagle.Gen-rarpwd  
    Dr.Web  Win32.HLLM.Beagle.pswzip  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  Win32/Bagle.gen.rar  
    Norman Virus Control  W32/Bagle.Gen!Rar  
    
     
    -----------
     
    Last piece of malware found was Win32/DSNX.05 in 999.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  Win32/DSNX.05  
    Norman Virus Control  Sandbox: W32/Malware  
    
     
    --------
     
     
    Last piece of malware found was Trojan.Littlewitch.61.Aa in Pena ;(.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  Heuristic/Trojan.PwdStealer  
    Avast  X  
    AVG Antivirus  BackDoor.LittleWitch.DD  
    BitDefender  Backdoor.LittleWitch.6.1.V  
    ClamAV  X  
    Dr.Web  BackDoor.LWitch.61  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Trojan.Littlewitch.61.Aa  
    NOD32  X  
    Norman Virus Control  X  
    
     
    ------------
     
    Last piece of malware found was BackDoor.Seed.11 in pic1.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  BDS/Seed.11.A  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  X  
    ClamAV  Trojan.Seed-1  
    Dr.Web  BackDoor.Seed.11  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  X  
    
     
    ------
     
    Last piece of malware found was W32/PWSteal-tr in IFinst25.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Backdoor.IzRam.1.7  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  W32/PWSteal-tr  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  X  
    Norman Virus Control  X  
    
     
    --------
     
    Last piece of malware found was Trojan.Downloader.Delf.Jy in cartao.scr, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Trojan.Downloader.Delf.JI  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  X  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Trojan.Downloader.Delf.Jy  
    NOD32  X  
    Norman Virus Control  X  
    
     
    ----------------------
    Last piece of malware found was BehavesLike:Trojan.Downloader in ifc.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  BehavesLike:Trojan.Downloader  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  unknown virus  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  X  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/Downloader  
    
     
    ---------
     
    Last piece of malware found was Dropped:Win32.Worm.Kiph.A in main.exe, detected by:
    
    Scanner  Malware name  
    AntiVir  X  
    Avast  X  
    AVG Antivirus  X  
    BitDefender  Dropped:Win32.Worm.Kiph.A  
    ClamAV  X  
    Dr.Web  X  
    F-Prot Antivirus  unknown virus  
    Fortinet  X  
    Kaspersky Anti-Virus  X  
    mks_vir  Win32  
    NOD32  probably unknown NewHeur_PE  
    Norman Virus Control  Sandbox: W32/P2PWorm  
    
     
    -----------
     
    Last piece of malware found was W32/SDBot.CWI in rfc.exe, detected by:
    
    Scanner  Malware name  Time taken  
    AntiVir  Worm/SdBot-43744  0.39 seconds  
    Avast  Win32:SdBot-1245  1.53 seconds  
    AVG Antivirus  IRC/BackDoor.SdBot.154.AT  0.54 seconds  
    BitDefender  X  0.53 seconds  
    ClamAV  X  0.61 seconds  
    Dr.Web  X  0.91 seconds  
    F-Prot Antivirus  X  0.13 seconds  
    Fortinet  X  0.45 seconds  
    Kaspersky Anti-Virus  X  1.03 seconds  
    mks_vir  Win32  0.23 seconds  
    NOD32  X  0.49 seconds  
    Norman Virus Control  W32/SDBot.CWI  0.23 seconds  
    
     
    -----------------
     
    Last piece of malware found was Dropped:Trojan.Agent.DN in m2.exe, detected by:
    
    Scanner  Malware name  Time taken  
    AntiVir  X  0.42 seconds  
    Avast  X  1.53 seconds  
    AVG Antivirus  X  0.56 seconds  
    BitDefender  Dropped:Trojan.Agent.DN  0.60 seconds  
    ClamAV  Trojan.Dropper.Purityscan.F  0.66 seconds  
    Dr.Web  X  0.94 seconds  
    F-Prot Antivirus  X  0.18 seconds  
    Fortinet  X  0.49 seconds  
    Kaspersky Anti-Virus  X  1.07 seconds  
    mks_vir  X  0.47 seconds  
    NOD32  Win32/TrojanDropper.PurityScan.G.gen  0.60 seconds  
    Norman Virus Control  Sandbox: W32/Malware  22.03 
    
    ----------------------------------------------------------------------------------
     
    Last piece of malware found was probably unknown NewHeur_PE in hmzz.exe, detected by:
    
    Scanner  Malware name  Time taken  
    AntiVir  BDS/Optix.Pro.13.28  0.81 seconds  
    Avast  Win32:Optix-J  3.08 seconds  
    AVG Antivirus  X  1.12 seconds  
    BitDefender  Backdoor.OptixPro.1.Gen  1.16 seconds  
    ClamAV  Trojan.PWS.Wexd  1.54 seconds  
    Dr.Web  X  1.71 seconds  
    F-Prot Antivirus  X  0.19 seconds  
    Fortinet  X  0.88 seconds  
    Kaspersky Anti-Virus  X  2.12 seconds  
    mks_vir  Trojan.Optix.Pro.13  0.43 seconds  
    NOD32  probably unknown NewHeur_PE  1.07 seconds  
    Norman Virus Control  X  0.64 seconds
     
    Last edited by a moderator: May 18, 2005
  14. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Yep, we've got hundreds (if not thousands) of samples detected only by NOD32 that all other AV/AS/AT have missed. But this is not the right thread for comparing NOD32 vs other AV.
     
  15. Tinribs

    Tinribs Registered Member

    Joined:
    Mar 14, 2002
    Posts:
    734
    Location:
    England
    Do you also keep the examples detected by other a/v firms before Nod32 does? if so can we have a list?
    My only example I can go on does entail the three files I provided via Marco and Jan that were (all of a sudden ) detected several days after |I admitted them, and still with zero email response until I went through wilders
     
  16. BTW

    BTW Guest

    My purpose is not to compare AV, I like and run NOD32 but to understand why a simple variant of a well known worm is not detected by advanced heuristic, why it takes so long to add a sig in the DB and why no feedback after a sample submission ?
    After all, I don't care about this malware, even without AV it could not infect me and even if I infected myself purposely I could clean up manually in a breeze :)
    I do think the biggest problem about NOD32 is communication with their users and never admitting that as any other product it's not perfect.
     
  17. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    I heard on the grapevine that ESET recieved in the order of 1300 samples yesterday(or the day before). I don't expect them to personally respond to each of them.
    "Some antivirus companies claim "100% virus detection" for their programs.

    We wouldn't dare to insult your intelligence with such a claim !!!" -->HERE<--
     
  18. BTW

    BTW Guest

    They should be able to send an automatic answer, shouldn't they ?

    Nobody but Viguard from TEGAM claimed such a stupidity and it is no antivirus but a blocker...
    BTW, saying there are other priorities than protecting against a worm installing a trojan backdoor : sneak oil too :-D

    Read my post : I don't say NOD32 should detect all malwares, I wonder why they don't add a sig faster and why advanced heuristic does not detect a simple variant of a well know worm.
     
  19. Stan999

    Stan999 Registered Member

    Joined:
    Sep 27, 2002
    Posts:
    566
    Location:
    Fort Worth, TX USA
    Just because it didn't detect this specific IRC Bot with their AH, I would still have to say that NOD32's advance heuristic is one of the best and provides some significan zero-hour detection over some of the other AVs.

    I suppose one could single out any AV and then show they were a bit slow on the uptake for some specific threat at times.
     
  20. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    Re: IRC Bot now flagged by NOD32 after update

    I'm sorry, I probably should have elaborated on what I meant a little more. I was really just wanting to mention that as any other AV vendor ought to admit freely, NOD32 is not trying to suggest it's perfect. This was a specific response to your post 'never admitting that as any other product it's not perfect'. I really wasn't trying to have a dig at you or anything like that - just passing on some information that I though might be helpful to you in light of your post.
    I have to admit that even an automatic response to submissions would be welcomed - at least then people know it has been recieved. I don't know what else specifically ESET had on their plate at the time but I'm glad that they have a system for prioritising the adding signatures - even if it doesn't always work out perfectly. I'm glad they have a specific intent to provide the best possible protection. :)
     
  21. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Re: IRC Bot now flagged by NOD32 after update

    There is a system for automatic and manual submission of samples in v. 2.50. After a file has been submitted successfully, a record will appear in the Event log.
     
  22. Carver

    Carver Guest

    Its under early warning/Advanced, it gives you an option for Nod32 to ask if you want to submit the sample or submit the sample without asking.
     
  23. BTW

    BTW Guest

    Seems to me but didn't check that's for submitting suspected files found by NOD32 and/or in quarantine. This file was not suspected by NOD32 => I sent it from Outlook.
     
  24. Visitor99

    Visitor99 Guest

    That still doesn't confirm or acknowledge that ESET got the file.......only that it was sent by the user. How difficult would it be to have the submission email address send back an autoreply? Thousands of folks do it........why can't ESET?
     
  25. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    The message a file has been submitted to Eset for analysis appears in the log after the server has confirmed receipt of the file.
     
Thread Status:
Not open for further replies.