quarantine

Discussion in 'NOD32 version 2 Forum' started by funkydude, Dec 6, 2004.

Thread Status:
Not open for further replies.
  1. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    win98 latest version of nod32 1.940 etc
    im wondering if theres any way of reporting programs that you think may be a virus to eset for analysis?
    also how in the world do you add files to your quarantine if nod32 doesnt find a virus in them?
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    The upcoming program component update is going to bring a brand new feature of automatic submission of supicious files. In the meantime, please encrypt any suspicious files with RAR or ZIP, protect the archive with password "infected" and send it to sample@eset.com (or samples@eset.com). The former is dedicated mostly to NewHeur_PE viruses.
     
  3. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
    Thank you!! :)
     
  4. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    subject to being turned on, or on a case by case basis via click of a button right?

    There is a HUGE privacy issue attached to "automatic" submission of these files!

    regards

    GH-L
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    You will see and be able to adjust a list of files ready for upload. Plus you will have an option to exclude directories / files from submitting.
     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    when does this come out?
     
  7. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    ok - that's good - but one more thing I would like to see if you can get it into the release, is either a cap on the file-size (ie, do not email file if greater than X kb) or at the very least the file-size in the list of file awaiting approval to be sent. Obviously broadband clients won't care that much, but is I have a winzipped archive of a CD and it's contents at 700Mb, I don't want to email that, regardless of my connection speed!

    regards

    Greg Hewitt-Long
     
  8. anotherjack

    anotherjack Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    224
    Location:
    Louisiana
    Marcos - As AV admin at my company, I'd like the ability to reroute submissions directly to me for investigation instead of them going directly to Eset from the end user. Obviously, I will send them along, but I need to keep records of this sort of thing. Do you know if that will be an option?
     
  9. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    We'll add it into Future Changes to Nod32.

    Cheers :D
     
  10. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    Hi Marcos,
    Excellent news! :D
    One comments: Please when yours implement such feature, don't implement this feature with SMTP. For example: In some AVs, if you want to use such feature, you need to configure a SMTP server. The problem is that most SMTP servers has AV and that can block the file being send to Eset. NAV has a good feature, you can send samples without configure a SMTP server. I think it uses a Symantec SMTP server or something like that.


     
  11. anotherjack

    anotherjack Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    224
    Location:
    Louisiana
    Wouldn't it be easier to automatically zip it with a default password so that the SMTP gateway couldn't scan it? It could even be set up so that only Eset knew the password, in case it inadvertently got out somewhere...
     
  12. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    um i got no answer
     
  13. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Eset don't release dates, they work on the product and then release a Beta, and to date they have done so here as well.

    Hope this helps...

    Cheers :D
     
  14. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    well what about a rough month? february, march? around there? approximately?
     
  15. anotherjack

    anotherjack Registered Member

    Joined:
    Jun 13, 2003
    Posts:
    224
    Location:
    Louisiana
    PCUs generally come out once or twice a year. Unless there's something wrong with the current version that's going to be fixed in the PCU, I'd just consider it "icing on the cake" when it does come out.
     
  16. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    The PCU's going to be released within 2-3 months, depending on whether some issues will be discovered during the beta testing or not.
     
  17. bsilva

    bsilva Registered Member

    Joined:
    Mar 24, 2004
    Posts:
    238
    Location:
    MA, USA
    Will we get the beta version to test?
     
  18. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    ok well thanks. let me get this straight though, it samples@eset.com? as i sent one to sample and i have not recieved a reply for 4 days.
     
  19. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
  20. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Hi,
    please drop me a PM with your email address so that I can track down your email. If you are the one who sent us a sample of a 26 MB file infected with the Etap virus, then I'd like to ask you to give our developers more time as this particular virus is not detected by an exact signature, but NOD32 uses a sophisticated algorithm for detection instead.
     
  21. 0pium_Dealer

    0pium_Dealer Registered Member

    Joined:
    Jun 20, 2004
    Posts:
    106
    Generally, how long would you expect to wait before NOD get back to you by email?

    I just sent a sample to NOD, as I have a file that it keeps flagging up as a possible virus.

    I think the file may be a false positive, the file was downloaded from the Final Fantasy XI web site, as an update.
     
Thread Status:
Not open for further replies.