Trojan...not detected :(

Discussion in 'NOD32 version 2 Forum' started by pykko, Jan 4, 2006.

Thread Status:
Not open for further replies.
  1. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    I don't want to start a new thread about samples but I'm really concerned about on file I've submitted to ESET 2-3 weeks ago.

    I don't know why isn't it detected...is it due to the packers or simply those malwares are not in the database??

    I've attached the scan results from jotti and I don't know .... if it's all about the packers it's OK, but I'm, afraid to test.. :D
    If NOD doesn't pick the virus I get infected :p


    Thank you and if somebody wants to test the file I could send it via mail, or perhaps to send it again to ESET.

    Post only if you have an answer to my topic, I don't want to start a never ending fight on samples again! ;)
     

    Attached Files:

  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,408
    It looks like a SFX archive :) Are you sure the files aren't detected after being unpacked?
     
  3. alglove

    alglove Registered Member

    Joined:
    Jan 17, 2005
    Posts:
    904
    Location:
    Houston, Texas, USA
    I think he is too scared to unpack them to find out.
     
  4. tazdevl

    tazdevl Registered Member

    Joined:
    May 17, 2004
    Posts:
    837
    Location:
    AZ, USA
    That's asking a lot Marcos.
     
  5. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Well, Marcos how should I unpack it? Isn't it easyer to submit it again to ESET? :D
     
  6. sir_carew

    sir_carew Registered Member

    Joined:
    Sep 2, 2003
    Posts:
    884
    Location:
    Santiago, Chile
    If it's an SFX file, you can simply open it using WinRAR.

     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,408
    It's indeed a Rap! sfx archive and the files are detected upon extraction. A majority of them by signatures and the rest generically. BTW, WinRAR does not open this archive.
     
  8. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,174
    Location:
    Denmark
    The on-demand scanner would detect any nasties inside that achive...
    Just rightclick and scan
     
  9. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,408
    Not yet as this special type of archive is not supported by NOD32's archive module yet. However, AMON detected the file upon extraction and deleted it.
     
  10. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,174
    Location:
    Denmark
    Hmm.. I just looked at the last report on the image: "RAR".
    I know NOD can scan those archives :)
     
  11. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    Thx, Marcos! The viruses are detected indeed when running the file. AMON prompt me to delete 2 Trojans. ;)

    Hope you'll add support for this type of archive to NOD32 3.0

    P.S. I"ve tried to uncompress with WinRAR but I couldn't done it, that's why I've posted.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.