CRYPT.WIN32?

Discussion in 'NOD32 version 2 Forum' started by conchiuro, Nov 7, 2004.

Thread Status:
Not open for further replies.
  1. conchiuro

    conchiuro Registered Member

    Joined:
    Nov 7, 2004
    Posts:
    4
    nod has detcted this unknown virus, is it dangerous?
    thx
     
  2. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Hi Conchiuro, welcome to Wilders. Can you please quarantine the file and send it from quarantine folder C> Program Files> Nod32> infected as an attachment to samples@nod32.com

    If you do not hear from Eset within 3 days (allows for weekends), please advise us here...

    Let us know how you go…

    Cheers :D
     
  3. conchiuro

    conchiuro Registered Member

    Joined:
    Nov 7, 2004
    Posts:
    4
    already done, no response
    what do you know about this virus?
     
  4. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    It may simply be a false positive, analysis by Eset will confirm what it is...

    Cheers :D
     
  5. conchiuro

    conchiuro Registered Member

    Joined:
    Nov 7, 2004
    Posts:
    4
    thx
    but how can i know if is a false positive?
     
  6. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Wait for Eset to reply to the Quarantined file sample that you sent, they will advise you further...

    Cheers :D
     
  7. conchiuro

    conchiuro Registered Member

    Joined:
    Nov 7, 2004
    Posts:
    4
    i sent file 3 weeks ago
    no response
    can anyone check in encyclopedia

    sorry for my english
     
  8. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    I have just sent a email to Eset to see what I can find out....

    Cheers :D
     
  9. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
    conchiuro

    I would like to add that you can search either the NOD forum or the entire forum to sometimes give you a hint on a question about malware.
    The search function is on the bottom of each forum page.
    Advanced search gives you many more options as to what and how you search.
     

    Attached Files:

  10. Bandicoot

    Bandicoot Eset Staff

    Joined:
    Mar 23, 2004
    Posts:
    297
    Location:
    California
    Hello Conchiuro,

    I'm sorry that nobody has responded from the Eset virus analysis department. I'm not going to try and make any lame excuses but they are up to their proverbial eyes in samples, etc.

    I have found out a little bit of info about the virus you are concerned about: CRYPT = crypted code. It's a way of hiding the viral code or protecting it from curious people. This info is from NOD's advanced heuristics. There's a fair chance that this is a false alarm. Is there any chance you could send the sample to Eset again please? Send it to sample@eset.com (the correct address for AH found samples) just in case you sent it to the wrong department.

    Thank you very much.
    Bandicoot.
    :D
     
    Last edited: Nov 9, 2004
Thread Status:
Not open for further replies.