Jump to content

ESET Smart Security Premium 2018 Failed Test


Recommended Posts

Failed, can not fix it ..

the hips setting was on, the filter was not set correctly, can not this be improved with proper program control?

Edited by galaxy
Link to comment
Share on other sites

  • Administrators

And also post a hash of the file HelloWorld.exe. It's not a typical name for malware so it could have been crafted to be not detected. One could take any malware and modify it until it becomes undetected by the AV that he or she focuses on so making any conclusions just based on one undetected and probably not real file doesn't make any sense. Knowing a hash of it would help us find out how many users have encountered it.  My estimation is 1 or 2 if the "tester" had the LiveGrid feedback system enabled.

Link to comment
Share on other sites

Unfortunately, I do not find the hash, but the variant exists since 2010, so it should be recognized and blocked, a program control would be great.in google you will find a lot

 

Edited by galaxy
Link to comment
Share on other sites

As far as HellowWord.exe being malware, it could be anything. Comodo has 10 variants listed here: https://file-intelligence.comodo.com/windows-process-virus-malware/exe/HelloWorld

Emsisoft: https://www.isthisfilesafe.com/ has over 100 listed for HellowWord.exe. Most are associated with Apache HTTP Server.

Edited by itman
Link to comment
Share on other sites

9 hours ago, Marcos said:

It's not a typical name for malware so it could have been crafted to be not detected

Seriously?  What is a typical name for a malware?  And, a typical malware is crafted to be detected?

What would you expect, a malware with name virus.exe?

Edited by Marcos
Formatting
Link to comment
Share on other sites

  • Administrators

Please refrain from shouting at moderators which is against forum rules and keep your posts polite. Your message has been edited and unnecessary exclamation marks and formatting was removed.

Link to comment
Share on other sites

I want to help that this Crypto Ransomware is recognized, but still höfflich and we try to fix the problem. is not this possible?

Link to comment
Share on other sites

  • Administrators
8 minutes ago, galaxy said:

I want to help that this Crypto Ransomware is recognized, but still höfflich and we try to fix the problem. is not this possible?

Please submit the sample as per the instructions https://support.eset.com/kb141/ for analysis.

Link to comment
Share on other sites

Please do not be angry, but I have to first try to get this file, it is not possible to recognize the ransomware

Link to comment
Share on other sites

I put in the hips setting the filters, also the user and all disks. does that protect me from that?

Edited by galaxy
Link to comment
Share on other sites

3 hours ago, galaxy said:

Kyrox is the name of the malware

Since you refuse to post a file hash, it is impossible to positively identify what malware you are referring to and if it is detectible by any AV solutions.

It appears you are referring to the Kyrox ransomware oftentimes delivery as RansomKyrox.exe. There is a detailed analysis of it on Hybrid-Analysis here: https://www.hybrid-analysis.com/sample/d3cb8a23a8250177c67a54e02ac33e5bd1c6d3a551c2bc39c660f3f62b7c9a5f?environmentId=100 . This variant is detected by 44 vendors on VT including Eset which does so as "a variant of Generik.TZCZKH."

Ad hoc testing of malware such as what you are doing is strongly not recommended. This is because malware delivery method is critical in detection by most AV security solutions today. You downloading this sample from wherever you got it from and directly executing it not the proper way to perform malware testing.  

Link to comment
Share on other sites

I found only the video, unfortunately I can not get to the file, otherwise I would submit it immediately

Link to comment
Share on other sites

2 minutes ago, galaxy said:

I found only the video

Take uTube malware test video's "with a grain of salt." There is no way to independently verify what and how they tested.

Link to comment
Share on other sites

ESET works against known threats with its database and is cloud, but the HIPS is clearly to rethink, because even in the Intelligent mode too much happens: /

Edited by galaxy
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...