A virus kill my NOD32

Discussion in 'NOD32 version 2 Forum' started by Galaxykiss, Jul 4, 2007.

Thread Status:
Not open for further replies.
  1. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    I got a virus who kill my nod32.I tried to send the virus through Theatsense.net. But NOD32 still doesn't detect the virus. Some of my friends' NOD32 have been stopped for a week.PLease help us.
    Just give me a Green Channel so that I can sent it to ESET.

    PS:I found 3 rules to let the virus pass the NOD32 scanning, I'll tell you later.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Just send the threats in an archive protected with the password "infected" to samples[at]eset.com with this thread's url in the subject.

    It's not a secret:
    1. disable AMON and run a threat
    2. keep signatures outdated and run a new threat
    3. uninstall NOD32
     
  3. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    I'm so glad that you're here.
    Not that secre!
    It'a a technical way , some virus maker told me.
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Frankly, it's not a secret for antivirus companies; they all are aware of the means how to bypass their scanners.
     
  5. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    hello.
    I just want you to Improve NOD32.Sorry for the delay.
    To Pass the NOD32 scanning,firstly we pack the virus(using ASPack,PE-AMORE ect),then change the Package code(I don't know how to describe,They just told me do it like this).secondly,NOd32 will fail to unpack the virus and let the user wait more than 50 seconds in this progress.In the end, encrypt the imput and output list ,let NOD32 unpack error directly.

    I dosn't good at English, do you know what I meant??
     
  6. Don johnson

    Don johnson Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    77
    In these ways,every av can be bypass very easily.To a virus maker,bypass every av is a very easy thing.
     
  7. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    hi,
    if you know how it bypass,So why don't eset improve their product,or just let it pass it?
     
  8. Don johnson

    Don johnson Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    77
    Please know that,if you improve it,the virus maker also can bypass easily in another ways.This is a inevitable thing.
     
  9. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    future is future ,not now.
    In my opinion , If the problem is here ,we shall face it.At least , this improvement can detect more virus from the wild without add another too many virus signerture into the database.I know nod32 is good at protect PC from virus ,but I think this is a good suggestion.
     
  10. Galaxykiss

    Galaxykiss Registered Member

    Joined:
    Mar 23, 2007
    Posts:
    167
    Location:
    China
    I wonder how NOD32 officer think of this problem . And as far as I know , the graybird maker have changed the graybird's GEN ,Do you know that ?
     
  11. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    Snore. Wake me up when this troll is done. :p
     
Thread Status:
Not open for further replies.