How Important are User Virus Submissions to AV Co's

[Und3ertak3r]

How Important are User Virus Submissions to AV Co's:

I do wonder if it is because I am a bit of a AV Butterfly.. they only create defs for the higher risk subissions..or Is ist that the AV companies are not realy interested in User subissions.

Over the past months I have been submitting an average of 1 unidentified Malware file every 4 days. to the following Trend Micro, and Symantec, with 1 in 4 replies from Symantec and zero from Trend.. those replies I get from symantec are recently discoveries.. and the defs are not updated yet.. the rest... Nothing happens for about 2 to 3 weeks and suddenly my original file is being detected.. quiet funny I do the same with Grisoft I send group of the files to a friend who is a paying user of AVG.. and he uses his prog to submit.. similar story as Symantec ..

So do we need to be Corporate Users to see the a reasonable return on submissions or is it just my Aussi BO..

Anyone else have similar probs.. ?

OH regarding Trend.. (worst product support for consumers I have encountered) our licence is up in a couple of weeks. and it seems the powers that be are pushing NAV corp.. so I may see soon what the difference is!


Cheers

[groovicus]

I'm probably going to catch it for this...but here goes..

Anything but NAV..The auto-updater is a huge resource hog.

And as much as the Windows operating Platform is the biggest target for malware, Norton is the biggest target for malware to disable. I have cleaned countless systems where Norton failed to pick up anything, mainly because the bit of malware wiped out files necessary for it to run. Zone-Alarm is another favorite target.

So before anybody jumps on the "it works perfectly for me" bandwagon..maybe it does, but I would recommend using one of the many available online scanners to make sure it is working properly. Actually, I would recommend that anyway, as no AV is invulnerable to malware attack.

As far as the malware submissions go, I really don't care whether or not they respond..I figure the chances that I am going to find something new is slim. I send them in, just in case.

[Und3ertak3r]

Unfortunatly for me. the decision for NAV Corp was out of my control completly..

I really don't care whether or not they respond..

trouble is i'm in a bit of a backwater here.. and while I only submitt 1 to 2 unidentified file per-week I may encounter that file 4 or five times in the following 2 to 3 weeks ..THAT is enough for me to make a comment..

Having to deal with the general public as well as staff , things like Tech support are important.. I don't want to be the tech support person for a product that has a company suport team already.. and part of the customer expectation is that the company will make a reasonable effort to protect them.. and the extreem delay in dealing with submissions is against that Consumer expectation..

I think I now know why I haven't been posting as much on this site for the last year..

mite be time to move on..

[groovicus]

I think I now know why I haven't been posting as much on this site for the last year..

Hmm...I truly hope that you don't think I was somehow being derogatory towards you. You are in a different situation than I am, and I definately understand not wanting to be tech support for someone else's product, although it seems that by cleaning a system that doesn't belong to you, that is exactly what are doing.

Anyhow, I just meant that whether or not I receive an email acknowledging my submission is not as important to me as just making someone aware of it, or if anything, more widespread. And I really don't recall having ever received an email regarding any of my submissions.

That being said, I regard user submissions to be very important.

As far as my comments about NAV, off-topic as they were..take those with a grain of salt. I currently have a hate-hate relationship with it.

[Tiger Shark]

Undies:

Dunno if you have seen it but I would like to hear your thoughts on this thread.

I'm beginning to question the AV companies.... Let alone the "high-priced" AV companies..... It's beginning to make a little less sense to me.....

[Und3ertak3r]

although it seems that by cleaning a system that doesn't belong to you, that is exactly what are doing

and

I currently have a hate-hate relationship with it.

That is true and who dosent have a strong negitive feelings about some of the av co's.. I hate McAfee because of their crap mail policy.. it would be the no 1 spammer of the AV co's.. And Trend Micro has the most pathetic customer support I have ever encountered (note I refer to it's Australian distributer here)

Example of the reaction times of the AV co's.. this was not customer related.. it was more an exercise in testing my Av progs..
Earlier this year (Febuary I think) I heard about a updated Trojan called Beast.. decided to get a hold of it to test the av's on a number of my systems.. The CTD (Crash Test Dummy) d/l and burn't to CD.. the HDD was then scanned by All of the following, NAV 2002, 2003,2004, PC-Cillen 2003 and 2004, AVG 6 (Free), and 7 (not so free), the Cleaner, and VET 10.53. None detected the Malicious file. I then submitted to Symantec and Trend.
AVG was the first to detect the file as malicious.in MAY of this year .. now this was a very publicy announced piece of malware . Trends info on my submission is still at the "ready to look at"stage.. F**k that is more than 6 months later, symantec replied with "this is a Trojan horse" in 48hrs.. BUT none of the NAV packages detected it as malware untill late MAY..why?..

Sorry Groov.. my bad in grammer.. in the reply I was refering to updated status.. . they acknowledge reciept but no action there after..

yep TS have been having a read of the mentioned thread.. the difference is client side and server-side how they need to run is different.




cheers

[Palemoon]

AV is based upon what is known and then an update. I for the likes of me will never undrstand why anyone would spawn a billion dollar industry based upon a fault in the OS. Yet that is what someone who releases a virus does. And it infects computers and everyone makes money but the virus author whom is left with bragging rights...wow. People make money on this stuff and wait until the next, they want to be given the problem and well guess what you have to pay for the answer in the next upgrade, because they are the only one's to solve it.

Same for spam some of the first spam I ever got was off of Hotmail (M$), AOL, and Yahoo and for years they ignored the complaints from everyone. Now they are going to fix the very problem they created? Guess what yep they will and it will cost you $$$ in a software upgrade. Yet I went back to just the basics that were about oh 20 years ago and my open source AV scanner caught the latest Baegle virus before it was even listed by the AV people, I nix and clean the spam, program cleans out about 95% of the one message per 15 seconds they send to my network. Total cost for this endevor was about 500 US dollars, and what my company saved by not upgrading under my reccommendation Exchange and AV software.

Do I feed AV people info? Hell NO if their products are so great they on the bleeding edge not the cutting edge?. But I do support and whom I work for now support Open Source, why because they are cutting edge. It is just old hat stuff no bells or whistles just works because of the people behind it. Only place 6 months from now you will find windos in my office is the desktop, and even that is just for now.