Virut infects mi EXE´s, NOD32 delete my EXE´s

Discussion in 'ESET NOD32 Antivirus' started by toxinon12345, Sep 10, 2010.

Thread Status:
Not open for further replies.
  1. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Hello,
    I'm infected with a variant of Win32/Virut.NCF.
    All my EXE's are being infected and deleted. :(

    I sent a sample of an infected file [MD5: 328e39c0668d46a1631b4beda06a2bc0] to samples@eset-la.com and samples@eset.sk, however, only got an automated response (eset-la [Ticket # 2010090810000119])
    that the file was received and minutes later it was automatically analyzed and identified as a variant of Win32/Virut.NCF, with no response if the cure would be added in the next signatures. o_O

    The sample was also sent via EAV 4 GUI two days ago. :ninja:
     
    Last edited: Sep 10, 2010
  2. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Send a private message to one of the ESET Moderators, quoting this thread with a brief explanation of your situation.

    Apparently submitting files from the GUI go to the void, I have stopped doing this since this feature was recently deemed as useless :ouch:

    If you get no reply (assuming you are in the US or Canada) call ESET 1-866-343-3738
     
    Last edited: Sep 11, 2010
  3. 3GUSER

    3GUSER Registered Member

    Joined:
    Jan 10, 2010
    Posts:
    812
  4. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,033
    Location:
    California
    Hello,

    The Virut family of file-infecting viruses will often damage files when it infects them by deleting original portions of their program code. Disinfection in these circumstances is not possible since the anti-virus program cannot re-write the missing parts of the program.


    Regards,

    Aryeh Goretsky
     
  5. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    On an earlier occasion had downloaded a program for GUI´s in Delphi.
    NOD32 automatically alerted me and cleaned / repaired the file (Win32/Virut.NBI)

    Now the detection is a variant of Win32/Virut.NCF
    Free Dr.Web says that "cured" the files to their previous state,
    but when I sent the "cured" file to VirusTotal, Avira says that the file was patched.

    I want an exact disinfection, not a mitigation.
    Apparently, in this case is not possible as before.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.