Detection issues

Discussion in 'ESET NOD32 Antivirus' started by Ego_Dekker, Aug 21, 2012.

Thread Status:
Not open for further replies.
  1. Ego_Dekker

    Ego_Dekker Registered Member

    Joined:
    Aug 22, 2010
    Posts:
    97
    Location:
    Russia
    Some detection issues are described here (v5) and here (v6).
    And another one.
    1. Choose D30B684633F7E7172A08B54F5448710B → click “Scan with ESET NOD32 Antivirus” (Smart Optimization is off) → a variant of Win32/Kryptik.AJOK.
    2. Choose D30B684633F7E7172A08B54F5448710B → click “Scan with ESET NOD32 Antivirus” (Smart Optimization is on) → undetected.

    Windows Vista (32-bit).
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    It could be providing that it's a special-structured dll (ie. non-executable file). However, on actually infected systems it would be detected and removed fine. Also in-depth scan would detect it as it has smart optimization disabled.
     
  3. Ego_Dekker

    Ego_Dekker Registered Member

    Joined:
    Aug 22, 2010
    Posts:
    97
    Location:
    Russia
    CE60DCA1DA4343DAD1269A36F4D44579
    jeefo.png

    Virus signature database: 7556 (20121007)
    Update module: 1040 (20120313)
    Antivirus and antispyware scanner module: 1367 (20120921)
    Advanced heuristics module: 1134 (20120903)
    Archive support module: 1153 (20120917)
    Cleaner module: 1057 (20120626)
    Anti-Stealth support module: 1032 (20120806)
    ESET SysInspector module: 1226 (20120809)
    Self-defense support module: 1018 (20100812)
    Real-time file system protection module: 1007 (20111129)
    Translation support module: 1094 (2012092:cool:
    HIPS support module: 1056 (20120905)
    Internet protection module: 1047 (20121002)
    Database module: 1023 (20120917)
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    I don't see anything wrong with the above detection. Did you mean that music.exe was incorrectly detected as Win32/Delf.NFY worm?
     
  5. Ego_Dekker

    Ego_Dekker Registered Member

    Joined:
    Aug 22, 2010
    Posts:
    97
    Location:
    Russia
    Yes, the infected file was incorrectly detected so it cannot be disinfected.
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    The file music.exe seems suspicious and it doesn't look like a legit application at all. Anyways, I'll pass it to the viruslab to make sure.
     
  7. Ego_Dekker

    Ego_Dekker Registered Member

    Joined:
    Aug 22, 2010
    Posts:
    97
    Location:
    Russia
    So what did they say about CE60DCA1DA4343DAD1269A36F4D44579 and EC10F8472B50DB6A51BCA8F3D25B5EFB ?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.