v4 better in removal media virus?

Discussion in 'ESET Smart Security v4 Beta Forum' started by proactivelover, Dec 20, 2008.

Thread Status:
Not open for further replies.
  1. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    today my friend pc was infected by a virus(Win32.AutoIt)
    he has install v3 fully update[noparse](370:cool:[/noparse] but the virus was not detected
    so i install v4 and fully update it but v4 did not do the job so i install norton 2009 and it's detect the virus(w32.sillyFDC)
    i have sent the virus to eset lab but no response
    i sent the file ria_sen.zip to virustotal 17 antivirus detect it
    pls make v4 better for usb viruses
     

    Attached Files:

  2. ASpace

    ASpace Guest

    They are already working in that way . v4 introduces new way of using Adv.Heur. with additional options for removable media.

    As you know - missing threats is pretty normal for any AV vendor nowadays . One will detect it , another will miss it . More important is to miss less and catch more , which ESET already does well.
     

    Attached Files:

    • usb.png
      usb.png
      File size:
      39.6 KB
      Views:
      408
  3. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    i am also a fan of eset antvirus but advanced heuristics on removal media does not even detect it
    this virus is very dangerous eset have to detect it i have sent sample to eset lab
     
  4. ASpace

    ASpace Guest

    I didn't say you aren't .

    Using AH for PE files coming from removable media is generally considered something that will enable better detection of threat spreading via removable media . However , this doesn't mean 100% malware detection .

    According to Symantec's website this threat is used to download another malware - have you checked if the actual payload detected by ESET ?
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,415
    Please PM me details about the email you sent to samples[at]eset.com. I couldn't find any with "sillyFDC" in the subject. What's more, the names you provided seem to be a very generic and cover too many different malware.
     
  6. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    pm sent
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,415
    It's a compiled Autoit script, detected with the latest version 3710.
     
  8. ASpace

    ASpace Guest

    Is it just in v4 or you have somehow made a mistake in the name ?
    Why such name - AutoRun.Autoit ? Isn't this a duplication in the name ?
     

    Attached Files:

  9. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,415
    Sorry, I don't understand. Autorun is the variant name while Autoit is the family name. What's not clear about that?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.