Discussion in 'ESET Smart Security v4 Beta Forum' started by nodyforever, Nov 19, 2008.
1 - scanning
2 - after reboot pc
Hello, this isn't FP 100%.
A virus for sure
v3 - not detect
v4 - detect
Each time you restart the pc it says is the lack of file ... if it were a virus was the same?
Maybe V4 has better malware detection, i have some files that are detected in V3 but not in V2
This should be checked . Are you sure ? Nowhere have I read that detection was improved in this regards
because the file is gone but the reg key is not (most likely)
Could you send them to me (please load them somewhere and PM me links) . I am very interested because all I have seen was detected by both versions - just curious . Thanks!
Win32/Adware.Virtumonde produces amount of DLLs in system folders and every file hasn't to be detected, too. When you remove only file without his Registry values, OS calls this DLL at startup everytime. I recommend you check this in ESET SysInspector.
Of course, as soon as PM's are available again
v3 data base virus setup installation
v4 data base virus setup installation
not update internet connection
you can see for myself if the virus was present in v3 database?
I got it . thanks!
As far as I'm concerned, exchanging malware samples is not allowed at Wilders, but correct me if I'm wrong. Could you please send a log from SysInspector to samples[at]eset.com with this thread's url in the subject?
I just noticed from your screenshot that the program is not up-to-date but with old signatures . Do you mean that you were running v3 with definitions out of date - the one that came integrated in the installer ? If so , it is normal because the v4 installer does have newer signature version than the one from the v3 installer of 3.0.672
He didn't post them for the public , just sent them for me in-private. This way nobone can get infected .
It is not malware, its a keygen, and i'm sure it didnt do anything at all, but the strange thing, is that is detected in V3 as a variant of Win32/Agent Trojan, but V2 do not detect it with all options enabed
Ah, BTW Marcos, i think u should show more interesting in answering things very important like this http://www.wilderssecurity.com/showthread.php?t=225634
And no worrying about such trivial stuff.
yes friend, signatures database setup, no updates internet connection
Please submit the file in a password-protected archive to firstname.lastname@example.org with a link to this message thread.
It's not a trivial stuff at all, maybe it seems so to you, but it's not. I cannot answer the other question right now. Please send the ESI log as requested to samples[at]eset.com with this thread's url in the subject. The file is 100% Virtumonde, but I'd like to check the log to see where it's registered and what application could have dropped it.
Send tomorrow Marcos
By the way , you should submit the keygen file as false positive because it really isn't malware (IMO) .
I for one think that keygens are not desired stuff in corporate environment. Should we really spend precious time removing detection for keyloggers instead of dealing with malware?
If it is not malware, u should.
I agree .
Do you have this file ? You detect it as a variant of Trojan Agent . Is it trojan actually ? I doubt . "It's a keygen so let's detect it even though it is not a malware" - I didn't expect to hear such thing from you.
I think if you want to you use a keygen, just exclude it
Separate names with a comma.