JerryG 4 Posted April 8 Share Posted April 8 Hi Admin and Superusers, I am a long time user and financial supporter of ESET and today i was working on another infected PC and was able to locate the infected file (fyi the file is about 18 months old so not new). I safely moved it to my PC and scanned it with ESET Internet Security and it came up clean. I then uploaded it to Virus total and 51 vendors cited it as being infected INCLUDING ESET-NOD32. I can't understand why if ESET on Virus Total flagged it, why didn't my current updated version on my PC flag it. My PC version: Internet Security 16.0.26.0, Version of detection engine: 27035 (20230407). Thanks In advance J Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,694 Posted April 8 Administrators Share Posted April 8 Please provide: 1, A link to VirusTotal results 2, Logs collected with ESET Log Collector. Quote Link to comment Share on other sites More sharing options...
itman 1,538 Posted April 8 Share Posted April 8 13 hours ago, JerryG said: I safely moved it to my PC and scanned it with ESET Internet Security and it came up clean. I then uploaded it to Virus total and 51 vendors cited it as being infected INCLUDING ESET-NOD32. I can't understand why if ESET on Virus Total flagged it, why didn't my current updated version on my PC flag it. File could be packed, obfuscated, etc.. In other words, malware won't be detected until executed and loaded into memory. Quote Link to comment Share on other sites More sharing options...
rotaru 10 Posted April 9 Share Posted April 9 On 4/8/2023 at 10:18 AM, itman said: malware won't be detected until executed and loaded into memory. With all due respect, I believe this is a wrong statement. I was under the impression that when you do a computer scan malwares will be detected without being executed in RAM Quote Link to comment Share on other sites More sharing options...
itman 1,538 Posted April 9 Share Posted April 9 (edited) 24 minutes ago, rotaru said: With all due respect, I believe this is a wrong statement. I was under the impression that when you do a computer scan malwares will be detected without being executed in RAM In this instance, Eset's real-time protection should have detected the the malware when it was created on the OP's device. Since it wasn't detected then, it wouldn't have been when the file was manually scanned since it uses the same real-time scanning methods. As I posted, not all malware can be detected via Eset's real-time heuristic sandbox processing. I assume if the OP was using ESSP and the file was submitted to the Eset Cloud via LiveGuard, it would have detected it. Edited April 9 by itman Quote Link to comment Share on other sites More sharing options...
rotaru 10 Posted April 9 Share Posted April 9 16 minutes ago, itman said: not all malware can be detected via Eset's real-time heuristic Why not assume that the specified malware is not detected by ESET, cloud or not? Quote Link to comment Share on other sites More sharing options...
itman 1,538 Posted April 9 Share Posted April 9 We need to stop speculating till the OP posts the VT detection link as requested. @Marcos can then download the sample from VT and determine if Eset detects it on file creation or not. Quote Link to comment Share on other sites More sharing options...
rotaru 10 Posted April 10 Share Posted April 10 1 hour ago, itman said: We need to stop speculating I agree, we should have never started with " In other words, malware won't be detected until executed and loaded into memory." Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.