ESET NOD32 Antivirus don't detect these viruses

Discussion in 'ESET NOD32 Antivirus' started by miki75, Oct 12, 2008.

Thread Status:
Not open for further replies.
  1. miki75

    miki75 Registered Member

    Joined:
    Oct 12, 2008
    Posts:
    7
    Location:
    Italy
    Hi,

    2 problems with ESET database and real time antivirus, because don't detect these files:

    - this malware got from web pages: 0xf9.exe
    and here the result form Virus Total: ~Link removed per Policy. - Ron~

    - this MBR rootkit got from a regular web site (but was hacked and infected): ROOTKIT INFECTION - index.pdf
    and here the result form Virus Total: ~Link removed per Policy. - Ron~
    The first don't give me problems, because was a malware and I have blocked it (manually)
    but the second (the rootkit) give me many many problems and I have removed using GMER and mbr.exe
    The PC is vulnerable only when Acrobat is a version below 8.1.2,
    because version 8.1.1 and below have security problems.
    But also in this case, NOD32 should detect and block this !!! :cautious:

    All files are on this zip file: Snipped: link removed. Posting links to malware is against TOS.

    Regards

    Miki
     
    Last edited by a moderator: Oct 12, 2008
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    As you can see, there are very few AVs that detect these files. As always, if you come across a suspicious file send it in a RAR archive (or compressed with another ordinary packer) protected with the password "infected" to samples[at]eset.com with as much information about the files as possible.
     
  3. Kosak

    Kosak Registered Member

    Joined:
    Jul 25, 2007
    Posts:
    711
    Location:
    Slovakia
    Hello miki, check, if NOD32 with the newest Antistealth module saw that files. This you can recognize, when you enable logging all objects or use ECLS.
     
Thread Status:
Not open for further replies.