ZLOB detection

Discussion in 'NOD32 version 2 Forum' started by hsobrevilla02, Sep 20, 2007.

Thread Status:
Not open for further replies.
  1. hsobrevilla02

    hsobrevilla02 Registered Member

    Joined:
    Sep 4, 2007
    Posts:
    19
    how long does NOD32 update its signatures?
    because as of today, I already sent my sample file to samples@eset.com and to another AV vendor(kaspersky-newvirus@kaspersky.com).
    by the way, the said file was sent and detected to jotti and virustotal today.

    would it be possible to send through PM to any moderators here my sample file?
    that is, if its legal.

    hoping for any response.
    thanks...
     
  2. ASpace

    ASpace Guest

  3. hsobrevilla02

    hsobrevilla02 Registered Member

    Joined:
    Sep 4, 2007
    Posts:
    19
    after just about an hour, the other AV responded to the mail that was sent to them and adjusted their signatures stating it was indeed a malicious software.
    how about NOD32?
    please dont be mistaken that this is a start of comparison of what is better AV? X or Y?
    I am a fan of this site,almost everyday I visit this site(same as the other AV)
    all I want to know is that I can be protected by my AV against malicious program out in the wild, if not now...maybe the next hour or the next day....hoping NOT THE NEXT WEEK OR NEXT MONTH...
    hope the moderators of this forum would understand my opinion.
    if this is in violation of any forum rules...please delete it.
    thank you.

    to Mr.HiTech_boy,

    thank you very much for the info.
    I appreciated it a lot!
    like what I said in my first post, would it be legal for this forum to send a PM to the moderators and give my sample file?
    thanks again.


     
    Last edited: Sep 21, 2007
  4. ASpace

    ASpace Guest

    You are welcome !

    Since you have sent ESET this Zlob sample , they already have it . Due to the fact they receive a lot of samples on daily bases , they put priorities on these potential malware and will add them when and if they find it appropriate . I personally cannot tell you when exactly . In case you personally is infected , you can contact ESET Technical Support Dept.
     
  5. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Hi guys,

    Win32/TrojanDownloader.Zlob has got each day new variants, which are located on specified websites. It masks e.g. as video codec.:thumb:
     
  6. rogervernon

    rogervernon Registered Member

    Joined:
    Jul 16, 2006
    Posts:
    289
    Yes- and anyone who gets a pop-up message that the video they want to watch requires a new codec, (together with a link supplied), deserve all they get if they click through, for being foolish!
     
  7. hsobrevilla02

    hsobrevilla02 Registered Member

    Joined:
    Sep 4, 2007
    Posts:
    19
    yes...some users are quite foolish if indeed they do this...

    that is also the same reason why i gave eset a sample file of that virus because others make mistakes...unintentionally...maybe expecting that their AV can protect them...but as I believe...no AV detects 100%--that is only my opinion--that's why I send eset a sample for them to check and if indeed a virus...maybe...just maybe they can add it to their signatures in the following update or the following day...

    cheers...
     
  8. hsobrevilla02

    hsobrevilla02 Registered Member

    Joined:
    Sep 4, 2007
    Posts:
    19
    good day!
    still no update regarding this file?
    up until now, NOD32 IS NOT DETECTING this file as VIRUS although other AV's that did not detect it the first time I sent it to jotti & virustotal but NOW, they are detected.
    just a question/follow up?

     
  9. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Please review the information posted in THIS THREAD regarding samples and how ESET handle them.

    THREAD CLOSED.

    Blackspear.
     
Thread Status:
Not open for further replies.