For re-search

hi,
sorry for my bad english, i have an question.
I search active malware in France, i have send an file : IM88532.JPG-www.facebook.com.exe ( MD5 : 38f06b4bb8e9af0b9b409bcabab3a237 )

after few hours this worm has detected :

but after again few hours i have an email :

and i have an other detection for THIS file (is not an other) :

Now i have send an other, ( 2192e7f5593bd75f502f3cf07bf0e682 with named too : IM88532.JPG-www.facebook.com.exe )
is pending.

but my question, why i have 2 differente detection for on file ? it is infocard.exe make different detection ?

thank you for help, it is for my blog, follow and help friend

Eset'Fan
Aranud.fr

 

%SystemRoot%\infocard.exe - this is not where infocard.exe should be. I suggest submitting that file also.

 

hum ok,
i go to work now but this today i remake test and i scan with nod32 for see if detect it with this 2 samples


thank you for reply

 

i remake test and result is good.

ok files is deleted :

but I have an question, eset remove keys registry infected ?
because i make sysinspector computer clean, computer infected and computer cleaned, i don't see in the cleaned keys registry ?

 

The reference to IM88532.JPG-www.facebook.com.exe should be removed from the registry if the threat has been cleaned.

 

ok ok is very good but it is harm that nod32 not say key of registry cleaned/deleted

 

the scanner automatically deletes/cures all the files and registry entries neccessary according to how the ESET guys set it in the virus database update

also if you wish to delete registry, files or other stuff that has not been removed, you can use ESET SysInspector for that, to see its capabilities and how to use it to modify your system see this article: http://mertinger.spaces.live.com/blog/cns!7D5A978937E2E1DD!165.entry