|
|
#1
October 12th, 2008, 01:45 PM
|
|||
|
|||
ESET NOD32 Antivirus don't detect these viruses
Hi,
2 problems with ESET database and real time antivirus, because don't detect these files: - this malware got from web pages: 0xf9.exe and here the result form Virus Total: ~Link removed per Policy. - Ron~ - this MBR rootkit got from a regular web site (but was hacked and infected): ROOTKIT INFECTION - index.pdf and here the result form Virus Total: ~Link removed per Policy. - Ron~ The first don't give me problems, because was a malware and I have blocked it (manually) but the second (the rootkit) give me many many problems and I have removed using GMER and mbr.exe The PC is vulnerable only when Acrobat is a version below 8.1.2, because version 8.1.1 and below have security problems. But also in this case, NOD32 should detect and block this !!!  All files are on this zip file: Snipped: link removed. Posting links to malware is against TOS. Regards Miki Last edited by ronjor : October 12th, 2008 at 02:29 PM. Reason: Virus Total/Jotti links removed |
|
#2
October 12th, 2008, 01:55 PM
|
|||
|
|||
Re: ESET NOD32 Antivirus don't detect these viruses
As you can see, there are very few AVs that detect these files. As always, if you come across a suspicious file send it in a RAR archive (or compressed with another ordinary packer) protected with the password "infected" to samples[at]eset.com with as much information about the files as possible.
|
|
#3
October 12th, 2008, 02:50 PM
|
||||
|
||||
|
Re: ESET NOD32 Antivirus don't detect these viruses
Hello miki, check, if NOD32 with the newest Antistealth module saw that files. This you can recognize, when you enable logging all objects or use ECLS.
|
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
