This is the fourth times I sent this below virus file to ESET Customer Care since 27th May 2008:
~malware download link removed....Bubba~

But so far the problem still cannot be resolved. I was so disappointed just because I like NOD32 Smart Security very much and I used to trust on it. But with this virus, NOD32 seems not able to detect and kill this. What is going on?

So far as I know, this virus is from Vietnam or China or something. Once the computer is infected, this virus duplicates itself very quick, it creates a lot of file .exe with the name of folders in your PC and the CPU usage is always occupied by 100% then next your PC will be not responded and suspended.

This virus is easily detected and killed by BitDefender, Kaspersky, Avira, AVG but with NOD32… NO!!!

I do hope my NOD32 to be updated with the databases and patches as fast as possible BUT MORE THAN TEN DAYS HAS PASSED, my problem still cannot be resolved!!! Should I convert to another antivirus with better capabilities then???

Note that if you guys download this virus and wanna try this on your PC then TRY IT AT YOUR OWN RISK!!! Do you guys have any idea about this?

Feel free to continue corresponding with Eset Customer Care. However, do not post links to malware Please as per our TOS (http://www.wilderssecurity.com/tos.php).

-{ Quote: "Furthermore, you agree not to post any links to warez(1) or sites from which malware (viruses, worms, trojans, backdoors etc.) can be downloaded." }-Thanks,
Bubba

Hello!

Refer to this general policy about additing new samples and malware detection:
http://www.wilderssecurity.com/showthread.php?t=178177

I am sorry to read about your bad experience . Have you submitted a support request to ESET or have you tried with a phone call ?

As I said, I sent the sample of virus to ESET 04 times already! First, they ask me to download stuff like SysInspector or something to scan my PC and sent back to them the report! Then, what I received from them at last is: NOTHING!!! Their last mail replied is something like a joke to me!!!

~Image of private email removed per the TOS (http://www.wilderssecurity.com/tos.php) - Ron~

I wonder what else do they want me to send it to them? sample of virus? I did (04 times). Report of my current pc situation? I did.

I don't think to make a call to them can solve all the problems I've got anyway!!!

Off topic post removed. If you can't be helpful, don't post.

You could possibly let the person from ESET Customer Care know that you have submitted the sample . Because the VirusLab may not know you have submitted a possible threat from real infected client .

-{ Quote: "You could possibly let the person from ESET Customer Care know that you have submitted the sample . Because the VirusLab may not know you have submitted a possible threat from real infected client ." }-

I did try many ways to contact them! I click the NOD32 symbol at the system tray to open the NOD32 main interface and submit file for analysis directly from there! Open their website and send mail from there. Find their Customer Care email and send mail as well! I was so tired! Seem all of my efforts lead no where!!! Any suggestion from you guys? Or any of you guys here working at ESET so that I can send this virus sample directly to?

-{ Quote: "Any suggestion from you guys?" }-

Unfortunately , we can't be of any help if the case is really with a virus (file infector) as you describe . In that case , the AV program needs a definition so that it could detect and neutralize the threat.

-{ Quote: "Or any of you guys here working at ESET so that I can send this virus sample directly to?" }-

The best would be to await their response . I am sure an ESET Moderator will soon reply

Hope your problem gets resolved :thumb:

In the case of a file infector, it's necessary to send a couple of infected files (at least 10, if possible) in a password protected archive to samples[at]eset.com. I'd recommend enclosing a link to this thread as well.

-{ Quote: "In the case of a file infector, it's necessary to send a couple of infected files (at least 10, if possible) in a password protected archive to samples[at]eset.com. I'd recommend enclosing a link to this thread as well." }-

Here is what I received from the System Administrator and this is the third times I got this error message:

-{ Quote: "Your message did not reach some or all of the intended recipients.

Subject: FW: Virus infected
Sent: 9/6/2008 01:05

The following recipient(s) cannot be reached:

'samples@eset.com' on 9/6/2008 01:05
552 5.7.0 to review our attachment guidelines. q20sm12367645pog.7" }-

By the way, you're from ESET, aren't you, Marcos?

To HiTech_boy,

Thanks for your help. I did send mail to you!

Cheers,

playboy6006

I got it. I may be wrong but it doesn't seem to be a file infector , but a worm . I'll send Marcos a PM so that he gets the sample

-{ Quote: "Here is what I received from the System Administrator and this is the third times I got this error message:
" }-

You either did not protect the archive with a password, the antivirus scanner on a mail server was able to guess it. If you could upload the file to an ftp by chance, PM me the url please.



-{ Quote: "By the way, you're from ESET, aren't you, Marcos?" }-

Right.

-{ Quote: "If you could upload the file to an ftp by chance, PM me the url please" }-

I did send you a url with the sample uploaded (plus extra information) - precisely what playboy6006 sent previously to me . Check your PM inbox

Thank you very much both of you guys, HiTech_boy and Marcos! Hopefully what you've got can be anyhow useful.

FINALLY, after 14 days (since 27th May 2008 ), ESS now can detect THIS VIRUS/WORM at last!!!

After it was updated with the virus database 3170 (20080610)!!! Pheeewww!!!

It was named Win32/AutoRun.PE worm!!!

[ http://www.imagehosting.com/out.php/i1780602_Untitled1.jpg (http://www.imagehosting.com)

Again, thanks for all the efforts from Marcos, and especially from HiTech_boy!!!

I for one don't see a reason for such emotions. We're not living in the era when there were 10-20 new threats created per day. These days antivirus companies receive several dozens of thousands of new threats on a daily basis. From what we have received I can tell that NOD32 was one of very few AVs to detect a particular threat but, of course, it also missed some. The same is true for any AV program, there's not a single AV that detects 100% of all threats. Having said that, we'll draw this thread to a close.