Fake AV got by

Discussion in 'ESET NOD32 Antivirus' started by bradtech, Aug 17, 2009.

Thread Status:
Not open for further replies.
  1. bradtech

    bradtech Guest

    ~Virus Total link removed per Policy.~

    Only 4/41 detecting it so far.. Sent in samples to ESET samples email... Windows Protection Suite.. Sits out and listens on the network from a high port..
     
    Last edited by a moderator: Aug 17, 2009
  2. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA
    Hi bradtech,


    You might be referring to this by chance?

    https://www.wilderssecurity.com/showthread.php?t=250921 [already locked by Marcos] and this one also: https://www.wilderssecurity.com/showthread.php?t=250906

    My sister's laptop got hit by this nasty piece of malware and it somehow managed to disable ESET NOD32 v.4.0.437 with latest definitions. I was able to remove it using Malwarebytes v. 1.40. Unfortunately, I did delete the scareware and thus wasn't able to send the sample to ESET to be added to the definitions but if you did, that's great.

    This one is the nastiest piece of Adware I've seen so far. I hope ESET could detect it soon.

    See this link also for more information about this threat: http://remove-malware.com/antimalware/rogue-anti-malware/windows-security-suite-rogue/


    Kind regards,

    Carlos
     
  3. bradtech

    bradtech Guest

    I always harvest the files off the computer, and then send to ESET and upload to Virus Total. Only way to expect better detection :).. Along with threatsense.. A lot of people can't get beyond the fact ESET missed something, but so does everything else.. I have 1,000s of computers and it does not happen very often.

     
  4. edwin3333

    edwin3333 Registered Member

    Joined:
    Aug 29, 2007
    Posts:
    244
    This hit 4 PC's, infecting one of ours. Users were smart on the other 3.

    None of our many AV products detected it at the time. I've submitted my copies to all our AV vendors and all but Symantec so far acknowledged it.
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Could you please PM me your email? All samples we've received that I've seen were already detected at least by our internal version which means they should be added to one of the upcoming updates.
     
Thread Status:
Not open for further replies.