New Facebook Virus

Discussion in 'ESET NOD32 Antivirus' started by CellThree, Oct 30, 2009.

Thread Status:
Not open for further replies.
  1. CellThree

    CellThree Registered Member

    Joined:
    Mar 9, 2009
    Posts:
    5
    I received the email stated below yesterday, ESET SS didn't pick anything up. I'm running ESET SS 4.0.314 with the latest updates on Win7 RC using Thunderbird as my email client.
    I didn't open the attachment as it was obviously a fake.

    Just wondering if this is covered in the new definitions file or overlooked?

    Source : http://www.itbusiness.ca/it/client/en/home/news.asp?id=55081
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Have you submitted it to Virus Total to see how many AVs actually detect it? Bredolab variants are detected by ESET so if you come across an undetected sample, submit it to samples[at]eset.com for analysis.
     
  3. Scotto

    Scotto Registered Member

    Joined:
    Nov 11, 2007
    Posts:
    12
    Location:
    Sydney
    I got that facebook password reset email last night.
    I thought it looked sus but let it through Mailwasher and when it went through to Outlook Express, ESS V3 caught it and deleted it.
    According to ESS V3 it was a variant of Win 32/Kryptik.AZE trojan.
    Have a great day,
    Scotto.

    ESS V3 3.0.694.0
     
    Last edited: Oct 30, 2009
  4. cssoz

    cssoz Registered Member

    Joined:
    Apr 11, 2009
    Posts:
    79
    glad you're one of the smart people who use the latest of NOD32 v3 or v4
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Basically in this case it doesn't matter what version of the program is used, Bredolabs are detected fine by v2 as well as v3/v4. As for detection ratio, it's equal in v3 and v4, the latter has improved cleaning, however.
     
  6. CellThree

    CellThree Registered Member

    Joined:
    Mar 9, 2009
    Posts:
    5
    I wish I still had it. I had already deleted the email then saw the article a little while later. I was surprised it didn't pick up. Next time I'll remember to submit it!

    Thanks
     
Thread Status:
Not open for further replies.