v4 better in removal media virus?

Discussion in 'ESET Smart Security v4 Beta Forum' started by proactivelover, Dec 20, 2008.

Thread Status:
Not open for further replies.
  1. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    today my friend pc was infected by a virus(Win32.AutoIt)
    he has install v3 fully update[noparse](370:cool:[/noparse] but the virus was not detected
    so i install v4 and fully update it but v4 did not do the job so i install norton 2009 and it's detect the virus(w32.sillyFDC)
    i have sent the virus to eset lab but no response
    i sent the file ria_sen.zip to virustotal 17 antivirus detect it
    pls make v4 better for usb viruses
     

    Attached Files:

  2. ASpace

    ASpace Guest

    They are already working in that way . v4 introduces new way of using Adv.Heur. with additional options for removable media.

    As you know - missing threats is pretty normal for any AV vendor nowadays . One will detect it , another will miss it . More important is to miss less and catch more , which ESET already does well.
     

    Attached Files:

    • usb.png
      usb.png
      File size:
      39.6 KB
      Views:
      408
  3. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    i am also a fan of eset antvirus but advanced heuristics on removal media does not even detect it
    this virus is very dangerous eset have to detect it i have sent sample to eset lab
     
  4. ASpace

    ASpace Guest

    I didn't say you aren't .

    Using AH for PE files coming from removable media is generally considered something that will enable better detection of threat spreading via removable media . However , this doesn't mean 100% malware detection .

    According to Symantec's website this threat is used to download another malware - have you checked if the actual payload detected by ESET ?
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Please PM me details about the email you sent to samples[at]eset.com. I couldn't find any with "sillyFDC" in the subject. What's more, the names you provided seem to be a very generic and cover too many different malware.
     
  6. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    pm sent
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    It's a compiled Autoit script, detected with the latest version 3710.
     
  8. ASpace

    ASpace Guest

    Is it just in v4 or you have somehow made a mistake in the name ?
    Why such name - AutoRun.Autoit ? Isn't this a duplication in the name ?
     

    Attached Files:

  9. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Sorry, I don't understand. Autorun is the variant name while Autoit is the family name. What's not clear about that?
     
Thread Status:
Not open for further replies.