should I submit this to NOD?

Discussion in 'NOD32 version 2 Forum' started by divedog, Jan 23, 2006.

Thread Status:
Not open for further replies.
  1. divedog

    divedog Registered Member

    Joined:
    Jun 7, 2004
    Posts:
    265
    Location:
    Seabeck WA
    Bo Clean caught it. Nothing from nod. I even shut down Bo Clean and ran it just to see if nod would catch it. Sygate caugt it trying to phone home. No problem to get rid of thanx to Shadow Surfer.
     

    Attached Files:

    Last edited by a moderator: Jan 23, 2006
  2. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    The sooner you submit it the better.
     
  3. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Using the F-port find as an example(W32/Downloader.gen)....that leads me to believe it was a WMF exploit type file :doubt:

    If so and if you have your Nod settings proper....Nod should have alerted you that the file was a variant of Win32/TrojanDownloader.Small.AOD :doubt:
     
  4. divedog

    divedog Registered Member

    Joined:
    Jun 7, 2004
    Posts:
    265
    Location:
    Seabeck WA
    I have nod set up as per Blackspears settings.
     
  5. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    I know my settings are proper (as per Blackspear) and I had a variant that was picked up by Spybot on an on demand scan. I submitted it. If in doubt submit.
     
  6. divedog

    divedog Registered Member

    Joined:
    Jun 7, 2004
    Posts:
    265
    Location:
    Seabeck WA
    I sent it to eset. I will hang on to it to see if it is added in the near future.
     
  7. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    sure can't argue with that now can eye :eek:
     
  8. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Off topic comment removed.
     
  9. divedog

    divedog Registered Member

    Joined:
    Jun 7, 2004
    Posts:
    265
    Location:
    Seabeck WA
    Wow! I submitted it yesterday came home today and scanned the file again and nod nabbed it. Good work nod. Must have been a good one.
     

    Attached Files:

  10. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    That's odd since it found it as Win32/TrojanDownloader.Small.AOD which was already in their database :doubt:
     
  11. divedog

    divedog Registered Member

    Joined:
    Jun 7, 2004
    Posts:
    265
    Location:
    Seabeck WA
    Maybe a variant that it couldn’t find or something? I don’t know, but I haven’t changed any nod settings between yesterday and today.
     
  12. divedog

    divedog Registered Member

    Joined:
    Jun 7, 2004
    Posts:
    265
    Location:
    Seabeck WA
    I am trying to re submit to virus total to see if the results changed since yesterday. Their server is too busy to get a reply. Same at Jotti. Is that normal for those services or is there an outbreak?
     
  13. Hysa

    Hysa Guest

    Just try again or click refresh on Jotti scan, and try on Virus total again,
    and show us the results again here pls...
     
  14. divedog

    divedog Registered Member

    Joined:
    Jun 7, 2004
    Posts:
    265
    Location:
    Seabeck WA
    as of today
     

    Attached Files:

    • nod2.JPG
      nod2.JPG
      File size:
      95.2 KB
      Views:
      130
  15. divedog

    divedog Registered Member

    Joined:
    Jun 7, 2004
    Posts:
    265
    Location:
    Seabeck WA
    It would seem avg and nod added it in the last day.
     
Thread Status:
Not open for further replies.