Nod detected 3 possible virus, how do I send samples to ESET? Is my computer safe?

Discussion in 'ESET NOD32 Antivirus' started by dannyeluciane, Sep 3, 2008.

Thread Status:
Not open for further replies.
  1. dannyeluciane

    dannyeluciane Registered Member

    Joined:
    May 22, 2008
    Posts:
    70
    Location:
    USA
    Hello everyone,

    Although I am still waiting for a response to my last post at https://www.wilderssecurity.com/showthread.php?t=219457, I have a more urgent question.

    I need to know is my computer safe and clean from these virus? How do I send samples to ESET?

    Today I received an e-mail from what appeared to be the Brazilian Justice Department. I downloaded the attachments, it was a text file, a word document. Scanned the file by right clicking it and nod32 v3 showed no virus. I opened the document and Nod32 portuguese version sent multiple alerts:

    3/9/2008 07:46:43 Proteção em tempo real do sistema de arquivos arquivo C:\WINDOWS\msnmsgr.exe provavelmente uma variante de Win32/Packed.Themida aplicativo limpo por exclusão - em quarentena
    AUTORIDADE NT\SYSTEM

    Evento ocorrido no novo arquivo criado pelo aplicativo: C:\Documents and Settings\Administrador\Desktop\despacho_artigo8755151.scr.

    3/9/2008 07:46:43 Proteção em tempo real do sistema de arquivos arquivo
    C:\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5\X1HKYX47\lol[1].gif
    provavelmente uma variante de Win32/Packed.Themida aplicativo
    limpo por exclusão AUTORIDADE NT\SYSTEM

    Evento ocorrido no novo arquivo criado pelo aplicativo: C:\Documents and Settings\Administrador\Desktop\despacho_artigo8755151.scr.

    3/9/2008 07:45:53 Filtro HTTP arquivo ~Link Removed.~ provavelmente uma variante de Win32/Packed.Themida aplicativo conexão finalizada - em quarentena USER-06F063BBDF\Administrador
    Foi detectada uma ameaça ao acessar à web por meio do aplicativo: C:\Documents and Settings\Administrador\Desktop\despacho_artigo8755151.scr.

    The virus comes in an e-mail from a Brazilian government address. It is in both my wife's and my e-mail boxes, Yahoo and MSN Hotmail.
    Is my computer cleaned and safe from these virus?

    Thank you in advance for the help!
    Danny
     
    Last edited by a moderator: Sep 4, 2008
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Hello,
    Please send a log from ESET SysInspector to samples[at]eset.com with this thread's url in the subject.
     
  3. dannyeluciane

    dannyeluciane Registered Member

    Joined:
    May 22, 2008
    Posts:
    70
    Location:
    USA
    Marcos,
    Thank you for the fast response. I sent the log file. I never used Sysinspector; so I don't know if I did it correctly.
    How long does it normally take to receive a response to the e-mail?

    Also I think that Nod32 to sent the virus files to ESET's lab. I received a pop asking me if I wanted to send the files. Is there a way to know if ESET's lab received the files?

    Again thank you for the fast response and the help.
    Danny
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    I've just replied you ;) The files submitted serve mainly for statistical purposes or for improving generic detections. If they are already detected, they can also be removed unless they are resistant and need to be removed in safe mode or after booting from a clean media.
     
  5. dannyeluciane

    dannyeluciane Registered Member

    Joined:
    May 22, 2008
    Posts:
    70
    Location:
    USA
    Marcos,

    Thank you for replying quickly. I replied to your e-mail. I don't know what the file antiplugin is. Also I sent the file from the email that triggered all the alerts. I noticed that two of the virus are in quarantee and the other I think was deleted. If necessary I can format the computer. I really appreciate all the help you have been giving!:)

    Danny.
     
  6. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    You might want to contact the Brazilian Justice Department for real and find out if it is common to communicate with average citizens in this way. I suspect it is not their preferred way of doing business. Perhaps they would be interested in a copy of what you received.
     
  7. splicer707

    splicer707 Registered Member

    Joined:
    Sep 1, 2008
    Posts:
    26
    Re: Nod detected 3 possible virus, how do I send samples to ESET? Is my computer safe

    I have just submitted 2 pieces of malware to samples(at)eset.com

    Will someone email me when detection is added so I can disinfect my PC?
     
  8. llydmissile

    llydmissile Registered Member

    Joined:
    Sep 3, 2008
    Posts:
    5
    Re: Nod detected 3 possible virus, how do I send samples to ESET? Is my computer safe

    Of course they will reply you.I used to submit infected samples to Avira, McAfee and Kaspersky, and they all reply me soon.
     
  9. dannyeluciane

    dannyeluciane Registered Member

    Joined:
    May 22, 2008
    Posts:
    70
    Location:
    USA
    The Hammer,

    I took your advice. I went to the Brazilian Justice department's website to get their contact information. They already had a noticed posted on their site about the false e-mails. They are aware of the false e-mails. They posted that they don't send emails to the public. The e-mail looked so real and professional. Now Hotmail is alerting the email as a phishing scam. So happy I had Nod32 to protect my computer.

    Thanks,
    Danny
     
  10. krypton_harsh

    krypton_harsh Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    84
    Regarding Replies

    Sorry to say,

    but eset never replies that the update has been added with the submission file, or atleast that the file submitted has reached them successfully as compared to other AVS company who reply at both instance.
     
  11. Lusitano

    Lusitano Registered Member

    Joined:
    Jun 17, 2008
    Posts:
    20
    They don't reply and can take weeks to add a new threat to their database. I've sent some malware samples some weeks ago to ESET and so far no detection added :doubt:
     
Thread Status:
Not open for further replies.