There's a nasty one going around lately that reportedly gets by all A/V software, INCLUDING NOD32. It's been in the wild for months.

Signature files include buritos.exe, karina.exe, karina.dat, braviax.exe and more.

I haven't seen any mention of it here, and pardon if there's a better way to ask this, but is NOD32 detecting this at all yet?

/kenw

It depends on which variant you mean. Yes, we detect them, but you must take into account that these rogue AVs are continually modified and tested for detection before they are released. We are familiar with variants that are currently not detected by any of the antivirus programs. Some of these samples I've seen today were succeesfully blocked during the download anyway thanks to another kind of proactive protection we employ.

{QUOTE-> It depends on which variant you mean. Yes, we detect them, but you must take into account that these rogue AVs are continually modified and tested for detection before they are released. We are familiar with variants that are currently not detected by any of the antivirus programs. Some of these samples I've seen today were succeesfully blocked during the download anyway thanks to another kind of proactive protection we employ. <-QUOTE}


still seeing infected systems with braviax.exe variants at clients who use nod32, clients who use symantec seem to avoid the same variants.

{QUOTE-> still seeing infected systems with braviax.exe variants at clients who use nod32, clients who use symantec seem to avoid the same variants. <-QUOTE}

Everything is possible. We have received hundreds of variants that were detected only by NOD32 and one more AV and it wasn't the one you mentioned. No AV will 100% protect you against this terrible malware.