WORM/Zhelatin.HJ

Discussion in 'NOD32 version 2 Forum' started by aurics, Sep 4, 2007.

Thread Status:
Not open for further replies.
  1. aurics

    aurics Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    6
    How such a thing could be possible .... such a shame ....
    I just recieved and got infected with this pig
    "WORM/Zhelatin.HJ" via e-mail...

    ~Virus Total screenshot removed. - Send the file to Eset. - Ron~


    infected url:

    ~No links to malware on these forums. -Ron~
     
    aurics, Sep 4, 2007
    #1
  2. PcBorg

    PcBorg Registered Member

    Joined:
    Feb 18, 2007
    Posts:
    28
    what the hell man! dont post links to malware like that, especially not active links!

    Sucks for you though that NOD32 is one of the few that missed it... still, thats the NOD32 compromise...

    But seriously... whay did you click any links in a spam email? or even in an email that looks genuine but whose source you don't know?
     
    PcBorg, Sep 4, 2007
    #2
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    I'd be interested in getting that sample. We've got dozens of thousands Nuwar/Zhelatin samples and all functional are detected by IMON/AMON.
     
    Marcos, Sep 4, 2007
    #3
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    I have found the link you posted. The file labour.exe is NON-FUNCTIONAL and as such doesn't run at all. That's the reason why it wasn't detected by NOD32.
     
    Marcos, Sep 4, 2007
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...