Virus received via Windows Live Messenger, but EAV doesn't detect as a virus!!!

If I had been a non-technical person, thanks to ESET I would be infected with some dodgy virus by now.

Just received a file via Windows Live Messenger from a friend. The file is around 100KB and is compressed. Inside is a "MS-DOS Application" file (according to Windows), around 120KB.

Doing a scan via EAV and ESET Online Scanner brings back nothing.

Submitting the file to VirusTotal brings back: ~Removed per Policy.~

How could Kaspersky and that lot beat ESET to it? Does EAV actually have Advanced Heuristics??

This isn't good at all...

Thankfully I've not opened the file and there are no additional ports in use on my firewall, nor any dodgy processes open in Windows. However for some poor non-technical user who runs EAV and receives this file, they're screwed. Anyone else agree?

Just to add, Kaspersky received word of this virus yesterday and released a definition within 2 hours (http://www.kaspersky.com/viruswatchlite?search_virus=Trojan.Win32.Agent.dnb&x=0&y=0&hour_offset=5). Why didn't ESET do the same??

 

right click the files -> Advanced options -> Submit for analysis . With default settings after the next updates , the program will submit the file for analysis to ESET Labs

Strange post from a technical person, I am pretty sure you have seen this:
https://www.wilderssecurity.com/showpost.php?p=860087

 

Simply KAV detected the trojan itself, not Virut that infected the trojan. We'll see if we can get the sample and detect it.

 

The point I'm trying to make is EAV missed an "in the wild" virus. Can any steps be taken to ensure this doesn't happen again?

 

In a word, no.

This happens numerous times on a daily basis. It happened yesterday, and will happen again tomorrow, the day after tomorrow, and the day after that. And there's nothing Eset, or any other anti-malware vendor, can do about it.

 

Right. Nowadays many malware authors tune up their code until it's undetected by antivirus programs.

 

Well that sucks.

 

There's a set up like Virus Total on a site in Russia that uses 15 of the most popular anti viruses to scan files, (most likely without these companies permission) however in this case they do not submit the files to the anti virus companies. It appears to be a way for malware writers to test their 'wares' against the anti viruses until they get one that isn't detected by any of them. Costs a dollar a file.