Desktop AV vs. Virus Total

Discussion in 'other anti-virus software' started by Bob D, Aug 29, 2015.

  1. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,150
    Location:
    Mass., USA
    Received email from unknown party with .doc attachment (“...here’s the resume you requested....blah blah”).
    Of course I assume a macro virus or the like, so, for giggles, I scan with Nod32 AV. Nothing detected.
    Upload to Virus Total, and Nod32 (and a couple others) identified it as a virus?
    (Same virus sig database as on my desktop)?
     
  2. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,078
    Did you enable document protection integration in ESET?
     
  3. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,150
    Location:
    Mass., USA
    It was off (by default).
    Does it need to be on? i.e: Would not a manual scan of the file detect malware?
     
  4. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,078
    I usually enabled integration. I don't know why it wasn't detected.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Document protection has no effect on detection. It's better to keep it disabled to prevent a bug in MS Office from manifesting (performance issues that occur even with an empty plug-in registered in the system). Send the file to samples[at]eset.com with a description of the issue.
     
  6. wshrugged

    wshrugged Registered Member

    Joined:
    Jun 12, 2009
    Posts:
    202
    https://www.virustotal.com/en/faq/
     
  7. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,150
    Location:
    Mass., USA
    Interesting, thanks.
     
  8. wshrugged

    wshrugged Registered Member

    Joined:
    Jun 12, 2009
    Posts:
    202
    You're welcome. :)
     
  9. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Well, I'm not perfect, and I can still make mistakes. That's why I'm still using a desktop AV.
     
  10. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Please submit the file to ESET as instructed in my previous message. A trial version of ESET is exactly same as the full version in terms of detection and protection.
     
  11. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,150
    Location:
    Mass., USA
    File sent.
    Local is not trial. (ESET on my boxes for years.)
    Note ~48 hrs later it is now flagged by Nod32 local as well as many more vendors on VirusTotal.
     
  12. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,734
    unknown files from unknown parties -> drop dev.nul (recycle bin), no waste of time and thoughts.
     
Loading...