Malware known to Viruslabs but not Eset

Discussion in 'ESET NOD32 Antivirus' started by rembert, Apr 1, 2011.

Thread Status:
Not open for further replies.
  1. rembert

    rembert Registered Member

    Joined:
    Oct 26, 2006
    Posts:
    8
    Location:
    Amsterdam Area
    Yesterday a user at one of my customers received a UPS.ZIP containing a UPS.EXE. User started it and it did run without Eset blocking it. The malware did crash however.

    I've checked the virus against viruslabs.com and found it was discovered a couple of hours earliers already and 5 virusscanners already updated their signatures to recognize it. It's now 24 hours later and we've had several signature updates from Eset but it still doesn't seem to recognize it according to the VirusLabs website.

    *

    How much can we trust the viruslabs website? The infected computer and user are useless now and I won't turn it on before being sure the next signature will fix it.
     
    Last edited by a moderator: Apr 1, 2011
    rembert, Apr 1, 2011
    #1
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,963
    Location:
    Somethingshire
    Cudni, Apr 1, 2011
    #2
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    We've seen some spammed ups.exe that were corrupted and didn't run. There was no need to add detection as the file is non-functional and does nothing but crashes. As far as I know, even the recent corrupted variants should be covered in update 6006, just for the purpose of filtering as there's no actual malware to protect from.
     
    Last edited: Apr 1, 2011
    Marcos, Apr 1, 2011
    #3
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...