Virus Submission

Discussion in 'NOD32 version 2 Forum' started by dos, Jan 24, 2004.

Thread Status:
Not open for further replies.
  1. dos

    dos Registered Member

    Joined:
    Oct 17, 2003
    Posts:
    43
    Hello people,

    I was fixing a friends PC today when I came across his mini virus collection, I decided to scan it with NOD32 using AH, and to my suprise it missed quite a few. :'( His AV scanner picked them all up though. I'm sure these are fairly old/rare viruses and may not be ITW anymore, but still I think NOD staff may appreciate their product being able to detect them. Thing is there are 40 zip files containing all sorts, so how am I supposed to submit them all? NOD obviously did pick up alot, but sifting through them to pick out the exact ones it didnt is something I don't really have time for. So am I supposed to bung them all together in one zip file? and send it to samples@nod32.com (?) is that right? o_O
     
  2. izi

    izi Registered Member

    Joined:
    Jan 19, 2004
    Posts:
    354
    Location:
    Slovenia
    Yes, this is right!

    Izi
     
  3. Tony

    Tony Registered Member

    Joined:
    Feb 9, 2003
    Posts:
    722
    Location:
    Cumbria, England
    Wots his AV scannero_O
     
  4. Yeah I had few instances where NAV or KAV will pickup a few strains in full scan that Nod32 left behind (full fledged clients or .exe's not parts) and sometimes I had it the other way around. But it's those Nod32 silent moments that make me consider the validity of the Virus Bulletin 100% awards and hence VB testing procedure (especially when some of the viral code might be old).
     
  5. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    I'm not agree with you, I've some viruses that only NOD caught and not KAV and NAV. NAV is a toy, NOD is much better detecting viruses via signatures/heuristic.
     
  6. Hence I've stated that. But still a 100% detection rate times ~23 tests should signify that most of the malware should be detected. Especially when it's old (greater than 3 months).
     
  7. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    NOD has earned 24 VB Awards.
    A old virus don't mean that it's in-the-wild or a AV have the obligation of detect that threat. Old viruses aren't the more important today. VirusBulleting test the AV with in-the-wild viruses and not VX viruses, or viruses that aren't spreading or that aren't in-the-wild. I'm 100 & segure that the viruses that NOD don't caught you, aren't in-the-wild and has been spreaded little. Also, NOD is able to detect the 80 % of in-the-wild viruses via heuristic, in other words, without use signatures and without require updates unlike others AV like KAV/NAV (NAV's heuristic is a "joke").
     
  8. mrtwolman

    mrtwolman Eset Staff Account

    Joined:
    Dec 5, 2002
    Posts:
    613
    From my personal experiences, especially KAV has in database lot of intended viruses and worms which are corrupt and ends with some error. The question is - are they dangerous or aren't they? Just fork the samples to ESET for processing it. An antivirus program can be only as good as the collection on malware the producer has (unless heuristic analyses makes the proggy far better than rest of the pack :cool:).
    I think any submission of malware other AV catches and NOD32 does not has sense. But you should always add some description of the situation - e.g. the name of the beast according your other AV (do not forget to state which AV do you use)....

    Regards
     
  9. sofascan

    sofascan Guest

    I also after uninstalled Nortun used to find some viruses with NOD.

    Also KAV found 2 viruses on 1 PC which NOD missed but than i sent them to NOD and they reply that it is not viruses.
     
Thread Status:
Not open for further replies.