Macro virus

Discussion in 'ESET NOD32 Antivirus' started by SunRui, Mar 12, 2010.

Thread Status:
Not open for further replies.
  1. SunRui

    SunRui Registered Member

    Joined:
    Aug 21, 2009
    Posts:
    42
    I have a macro virus sample, if i set macro safety to medium then,open the virus sample,let macro code go,then close the file,that means i just let macro go and do nothing more,then NOD32 can clear the macro code and save the oringnal doc. that is why?
     
  2. SunRui

    SunRui Registered Member

    Joined:
    Aug 21, 2009
    Posts:
    42
    and the virus name is w97m/xaler.f
     
  3. SunRui

    SunRui Registered Member

    Joined:
    Aug 21, 2009
    Posts:
    42
    sorry, if clear the sample directly without any other operation, ESET fails to clear it~
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    If it's recognized it should be detected by real-time protection and removed.
     
  5. SunRui

    SunRui Registered Member

    Joined:
    Aug 21, 2009
    Posts:
    42
    but if user had been infected by the virus, then they choose NOD32 trying to clear it and save the doc itself healthy,that needs NOD32 to clean it,instead of del it~

    As we all seen, the sample defined by xaler.f, does it mean ESET lab had been analysed it,and give it a name and its corresponding handling way? just like the final judgment? any submition to their email is labour in vain ?
     
Thread Status:
Not open for further replies.