I've been having a real, real problem with Trojans & Downloaders getting onto my PC and causing problems and the other day after a few got onto my hard drive it became corrupted and it took me 2 days to get it back to normal. No Trojan program seemed to pay much attention to some of these backdoor infiltrations coming from websites and I tried everything but once they get on they eat my drive.

I know NOD 32 is not really meant for this but just have a look at this wil ya'.

Time Module Object Name Virus Action User Info
7/29/2004 1:32:04 AM IMON archive <snip> multiple infiltrations connection terminated WORLDCITIZEN\David
7/29/2004 1:32:03 AM IMON archive <snip> multiple infiltrations connection terminated WORLDCITIZEN\David

These HIDDEN bugs can do great damage and now after seeing this I have changed my opinion of NOD 32 from best in the world to best in the Universe!!! This is REAL CLASS MAN!! This is what protecting a PC is ALL ABOUT!! See how BEAUTIFULLY NOD32 intervened!! I didn't even know about this until I looked in IMON and saw 8 infections and 2 cleaned. Then I went to the log and saw the above. MY PRAYERS ANSWERED!! My Sun Java cache is ususally full of these but as I fretted that my drive was about to be eaten again I found not one had got to the cache. JUST BEAUUUTIFUL!!

Also, things like this tell you a lot about the professionalism of the programmers at Eset. I surf a hell of a lot and sometimes I just get a corrupted drive for no reason and programs get deleted but with this kind of protection in the new BETA at least I've got a fighting chance and I sincerely hope they don't change much and commend Eset on this tremendous improvement in REAL TIME PROTECTION.


Dave


edited to remove live virus links - Detox

It seems to me that you also need a firewall, that would definitely help with all of your trojans, from the sounds of it a hardware and software firewall together should be used. Also the most important of all in the battle for a secure computer, you must secure the USER. No AV software in the world can protect you 100% of the time everytime, (after all even the best software is written by a mistake prone human). Yes I agree NOD is one of the better AV's out there, and improving rapidily here of late, but you still have to practice some safe computing. It's like saying "well I am wearing a bullet proof vest,so I should go to Iraq.", Instead of " well if I have to go to Iraq,I should wear a bullet proof vest"

What other security are you using on your PC World Citizen? It may be time to see what the people here at Wilders can offer you in advice to setting up your system a little safer...

Cheers ;D

PS. Nice reply FlyrFan111

The NOD 32 BETA is the FIRST program to ever address these infiltrations for ME. No other program seems to stop these. Very good work ESET. Am very happy with the new Beta and look forward to the full release of the new version.

Dave

-{ Quote: "The NOD 32 BETA is the FIRST program to ever address these infiltrations for ME. No other program seems to stop these. Very good work ESET. Am very happy with the new Beta and look forward to the full release of the new version.

Dave" }-

Here is a starters list of where we begin for a customer:

Nod32
ZoneAlarm
Spyware Guard
Spyware Blaster
Spybot Search and Destroy
AdAware

Then you should look at something like:

TDS
System Safety Monitor
Mozilla Firefox
Proxomitron
etc

Hope this helps...

Cheers ;D

I was having problems with trojans and found some useful advice at http://www.grc.com/default.htm Try the shields up test to make sure all the ports are closed. Especially Netbios ones.

Otherwise it's only a matter of time before you come up against some malware NOD32 doesn't detect, no AV's perfect.

A definite need to practise safe-hex; http://www.dslreports.com/faq/security

-{ Quote: "A definite need to practise safe-hex; http://www.dslreports.com/faq/security" }-

Nice link Blackcat.

Cheers ;D

for what its worth, here is what i use..

nod32 latest beta or release
adaware6
spybot
spywareblaster
opera browser (not free, use firefox if u want something free thats safer then IE)
kerio personal firewall latest beta or release

regards

Hi Everyone,

I HAVE to say again - this new http scanner ROCKS!!

NONE of the trojan downloaders I used to get are getting thru. I repeat NONE. They are ALL being stopped dead in their tracks. IMON kills them and simply stops the connection from loading them!!

Dave

Nice that they are stopped. Though, if NOD32 only detects them heuristically (pe_heur or "possible win32.crypt" or something), you should submit the samples (or URLs to the files) in order to make sure they are properly detected by signatures too.

-{ Quote: "Hi Everyone,

I HAVE to say again - this new http scanner ROCKS!!

NONE of the trojan downloaders I used to get are getting thru. I repeat NONE. They are ALL being stopped dead in their tracks. IMON kills them and simply stops the connection from loading them!!

Dave" }-
I dunno what kind of sites you are visiting, but if you are routinely getting trojan downloaders on your PC I'd be willing to bet you are using internet explorer. Stop. Go to http://www.mozilla.org and get yourself a new browser. Sooner or later a trojan will get past nod32. I havent had one trojandownloader or piece of spyware near my PC since I ditched the bug-ridden nightmare that is IE.
I seriously think the security holes in IE are the biggest threat to the average home user, i'd sooner run a PC without a firewall and AV than i'd use internet explorer to visit anything other than windows update.
Also as regards http scanning, isn't it redundant anyway? Any on-access scanner should scan anything that hits the HD before it has a chance to execute, what extra benefit does an http scanner have?

-{ Quote: "I dunno what kind of sites you are visiting, but if you are routinely getting trojan downloaders on your PC I'd be willing to bet you are using internet explorer. Stop. Go to http://www.mozilla.org and get yourself a new browser. Sooner or later a trojan will get past nod32. I havent had one trojandownloader or piece of spyware near my PC since I ditched the bug-ridden nightmare that is IE.
I seriously think the security holes in IE are the biggest threat to the average home user, i'd sooner run a PC without a firewall and AV than i'd use internet explorer to visit anything other than windows update. " }-

I bet he doesn't have a properly configured firewall. I use Firefox almost exclusively but I had my firewall badly setup and managed to contract several Trojans over the course of a week before I went to GRC.com and failed all the shields up tests. You don't even have to browse the internet do contract some nasties, just being connected with all your ports and TCPIP file sharing enabled is enough to hoover them up as I discovered :-[

-{ Quote: "Also as regards http scanning, isn't it redundant anyway? Any on-access scanner should scan anything that hits the HD before it has a chance to execute, what extra benefit does an http scanner have?" }-

I think Advanced Heuristics only scans stuff downloaded through IMON. Archives are also only examined when created through IMON, and deletion should be easier as the only program using the file containing the malware will be NOD32 if it is downloaded through IMON.

If you are using the beta, IMON, AMON and DMON all use AH as well as the on demand scanner.