How such a thing could be possible .... such a shame .... I just recieved and got infected with this pig "WORM/Zhelatin.HJ" via e-mail... ~Virus Total screenshot removed. - Send the file to Eset. - Ron~ infected url: ~No links to malware on these forums. -Ron~
what the hell man! dont post links to malware like that, especially not active links! Sucks for you though that NOD32 is one of the few that missed it... still, thats the NOD32 compromise... But seriously... whay did you click any links in a spam email? or even in an email that looks genuine but whose source you don't know?
I'd be interested in getting that sample. We've got dozens of thousands Nuwar/Zhelatin samples and all functional are detected by IMON/AMON.
I have found the link you posted. The file labour.exe is NON-FUNCTIONAL and as such doesn't run at all. That's the reason why it wasn't detected by NOD32.