Jump to content

Why doesn't my ESET detect the infected file


Recommended Posts

Hi Admin and Superusers,

I am a long time user and financial supporter of ESET and today i was working on another infected PC and was able to locate the infected file (fyi the file is about 18 months old so not new).

I safely moved it to my PC and scanned it with ESET Internet Security and it came up clean. I then uploaded it to Virus total and 51 vendors cited it as being infected INCLUDING ESET-NOD32.

I can't understand why if ESET on Virus Total flagged it, why didn't my current updated version on my PC flag it.

My PC version:

Internet Security 16.0.26.0, Version of detection engine: 27035 (20230407).

Thanks In advance

J

 

Link to comment
Share on other sites

13 hours ago, JerryG said:

I safely moved it to my PC and scanned it with ESET Internet Security and it came up clean. I then uploaded it to Virus total and 51 vendors cited it as being infected INCLUDING ESET-NOD32.

I can't understand why if ESET on Virus Total flagged it, why didn't my current updated version on my PC flag it.

File could be packed, obfuscated, etc.. In other words, malware won't be detected until executed and loaded into memory.

Link to comment
Share on other sites

On 4/8/2023 at 10:18 AM, itman said:

malware won't be detected until executed and loaded into memory.

With all due respect, I believe this is a wrong statement.

I was under the impression that when you do a computer scan malwares will be detected without being executed in RAM

Link to comment
Share on other sites

24 minutes ago, rotaru said:

With all due respect, I believe this is a wrong statement.

I was under the impression that when you do a computer scan malwares will be detected without being executed in RAM

In this instance, Eset's real-time protection should have detected the the malware when it was created on the OP's device. Since it wasn't detected then, it wouldn't have been when the file was manually scanned since it uses the same real-time scanning methods.

As I posted, not all malware can be detected via Eset's real-time heuristic sandbox processing. I assume if the OP was using ESSP and the file was submitted to the Eset Cloud via LiveGuard, it would have detected it.

Edited by itman
Link to comment
Share on other sites

16 minutes ago, itman said:

not all malware can be detected via Eset's real-time heuristic

Why not assume that the specified malware is not detected by ESET, cloud or not?

Link to comment
Share on other sites

We need to stop speculating till the OP posts the VT detection link as requested. @Marcos can then download the sample from VT and determine if Eset detects it on file creation or not.

Link to comment
Share on other sites

1 hour ago, itman said:

We need to stop speculating

I agree, we should have never started with " In other words, malware won't be detected until executed and loaded into memory."

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...