Nod32 Is Not Detect viruses on these web site

Discussion in 'NOD32 version 2 Forum' started by shanijee, Mar 7, 2006.

Thread Status:
Not open for further replies.
  1. shanijee

    shanijee Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    107
    Location:
    Faisalabad(Pakistan)
    Nod32 Is Not Detect viruses on these web site
    { removed }
    { removed }
     
  2. shanijee

    shanijee Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    107
    Location:
    Faisalabad(Pakistan)
    i am uploading some serious trojan not detect by nod32
    { removed }
    zip password is v
     
  3. Happy Bytes

    Happy Bytes Guest

    This is now really the last time that i warn you!
    Next time you publish malware in our public support forum you get serious trouble.

    *pissed*
     
  4. shanijee

    shanijee Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    107
    Location:
    Faisalabad(Pakistan)
    ok i will keep in my mind
     
  5. pc-support

    pc-support Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    285
    Location:
    Edinburgh, UK
    And why are you uploading trojans then complaining that NOD doesnt detect it?

    NOD is an antivirus program, not an antispyware program. The fact that it can deal with the majority of spyware is an added bonus.

    Well said HB :D
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I wouldn't see this as a problem. The question is whether the guy actually tested them for functionality, whether he submitted them to Eset and whether they actually pose a real threat to a larger number of people or whether they are just some lab samples.
     
  7. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    Any chance the malware that was posted was a JavaScript that forced the browser to open many mailto: and news: links?
     
  8. Happy Bytes

    Happy Bytes Guest

    Did you click on it? :eek:
     
  9. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    Click on what? The JavaScript I am talking about isn't a link; it is one that loads as soon as the web page itself loads.

    I submitted it to Eset few days ago, but so far ... nothing. (KAV 5.0 detects the script, but it doesn't do much good, because by the time KAV puts up an alert, the script is already running and doing damage! This is a good case for proving the necessity of IMON's "High efficiency mode".)
     
  10. shanijee

    shanijee Registered Member

    Joined:
    Feb 1, 2006
    Posts:
    107
    Location:
    Faisalabad(Pakistan)
    KAV detect all these
    but nod32 can not why
     
  11. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    As I mentioned, KAV can detect the JavaScript I encountered, but it doesn't do much good, because the harm has been done by that point.

    In addition to the script, I also submitted to Eset the name of the site that it runs on. I'd expect them to add *.sitename.org to their Website access blocking list, at the very least, since the site in question serves no purpose other than a malicious one.
     
  12. Ga1tar

    Ga1tar Registered Member

    Joined:
    Apr 11, 2004
    Posts:
    118
    Location:
    U.K
    Forgive my ignorance, but how did you know these were viruses when they were not detected by NOD32
     
  13. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Perhaps some other product (Pandao_O) detected it..........

    Anyway, I agree with Marcos' comments on this matter.
     
  14. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Marcos, I agree with you and I wouldn't have posted here if this subject wasn't started... Anyway, what do you mean by "they actually pose a real threat to a larger number of people" ? If a file is infected and is a malware do you expect more ppl to get infected and when finish counting the number of infections you add it?

    I"ve submitted these weeks about 18 samples and no answer... still not detected. I assume some may be non functional samples, but all 18? If I run one of it by mistake and get infected what happens? Will ESET recover my damages and the files I've lost ?

    Sorry, no ofence here, and I know you guys try to improve NOD as much as you can, but 9 days is not enough to analyse some samples ?
     
  15. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    It can take up to 21 days to get added to the database, if I remember correctly......No idea why, but as long as it DOES get added, I guess its OK. :)
     
  16. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Firecat it may be OK but what about these 21 days ?? If you came across the virus and you get infected? And it's more than 21 days.... for me some took longer.

    And why the majority of AVs add a sample in 2-3 days ?
     
  17. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    I can see what you are trying to say here. :)

    But I'd rather first hear what Eset has to say about this issue before commenting on it. Everyone has their reasons y'know, and I don't feel right making statements without knowing the facts first :doubt:
     
  18. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Finally someone understands me. :D :-* :cool: Hope Eset will do the same. :)
     
  19. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    I'll carve out my own spleen if the answer has to do with something other than personnel resources.
     
  20. Lollan

    Lollan Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    288
    It's mrtwolman's fault.


    Now, give me your spleen. :D
     
  21. nameless

    nameless Registered Member

    Joined:
    Feb 23, 2003
    Posts:
    1,184
    Well no matter what anyone says, Eset has admitted (I can't remember whether it was here or in private) that they don't have anywhere near the resources of Kaspersky. Which is understandable... I'm not making a judgment, so don't anyone jump on me.

    What bothers me is that I can encounter a malicious JavaScript, but hear that "It doesn't matter, since it doesn't affect enough people". Well when it happens to you, it's quite "enough".

    But yeah, I'm not stupid. I understand that they have to work within their personnel resources, and if they get 1,000 samples, they have to give priority to the worst of them. But just say so--don't say you don't want the database to get too big, so the malware I encountered needs to be ignored.
     
  22. Lollan

    Lollan Registered Member

    Joined:
    Feb 2, 2006
    Posts:
    288
    If I was trained properly, I would test samples for free. Unfortunately, I am not :p
     
  23. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    If it's apparent that a sample comes from labs and not from a real world, it shouldn't have higher priority than worms, trojans, backdoors and other threats endangering large number of people.

    Eset receives much more samples every day than you mentioned.
     
  24. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Well, Marcos, you didn't cleared out some questions I've posted here, but at least I hope you'll analyse the samples and add the functional ones.
     
  25. pc-support

    pc-support Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    285
    Location:
    Edinburgh, UK
    What you should remember is that NO antivirus is 100% perfect. All products miss items that others pick up and ultimately the onus is (and always should be) on the user (and not the AV/Spyware companies) to be fully aware of what they are doing.

    If you visit a dodgy site then expect to be hit with something. If you open an email with a suspicious attachment then expect to be hit. If you visit google or microsoft or some other reputable site then expect not to.

    Infections nearly always boil down to HIV infections... (human idiocy virus)

    You never hear people ranting about how Lavasoft, Spybot or MS antispyware miss something items and not others. How many people on these forums rely on just 1 antispyware program?

    However, once the suspicious file has been submitted then the AV/Spyware companies should do their best to check them out and include them were possible as soon as possible.

    And I for one am more than happy with NOD. I and my 70+ customers have never EVER been infected with anything since NOD has gone on to their machines. They are happy which makes me happy which means I will always order more NOD licences and will happily recommend them to anyone.
     
Thread Status:
Not open for further replies.