NOD32 Didn't Stop Well Known WIN32 Downloader! WHY?

WHY DID NOD32 FAIL TO STOP THIS WIN32 DOWNLOADER TROJAN?
- trojan adware.w32.expdwnldr -​

This is NOT a new TROJAN, in fact it's over three (3) years in the wild, and I would have expected NOD32 to be able to stop this trojan in it's tracks the moment it tried to attack the PC.

I DO NOT believe NOD32 operated as promised or advertised. I KNOW NOD32 FAILED because I spent several hours manually removing this trojan and the downloading bombs it laid all over this PC.

So what is eset going to do to ensure I don't have to spend several hours of my billable time cleaning up messes like this on my NOD32 "protected" PCs in the future?

I am NOT impressed AT ALL. In fact in all the years I used Norton I NEVER once had any of my PCs nailed like this. NEVER!

A very dissatisfied customer!

mliving

 

Please provide the "NOD32 Event Logs" from that system, as well as the last scan log.

Blackspear.

 

According to the description I've found on the web, it looks like a downloader for a rogue antivirus program. I haven't seen a case when this downloader was undetected by NOD32. However, bear in mind that no AV is 100% perfect and each misses more or less threats. If you come across a suspicious file not picked up by NOD32, send it to samples[at]eset.com for analysis.

The rogue antivirus only pretends to find viruses on your pc and lures you into buying it in order to remove infection. It has no other purpose like spying or damaging files on your disk.

 

Dont spend your time sending samples to ESET.

I sent more than twenty samples in a month and ESET didn`t update the database and today NOD32 don`t detect any sample, well-known as Banker family.

 

This has been answered multiple times. Please see the ANSWER provided in the Frequently Asked Questions - FAQs thread under the heading of "Submitting samples and suspicious files to ESET."

Blackspear.

 

Who knows what did you submit .When I send something , it is added really soon . Undetected real threats are always added soon , crap may not be added.

 

I sent some brazilian quickly spread malwares who steals sensitive information using keylogging techniques and ESET don`t use this to improve detection of Banload/Banbra/Banker. I cant undestand buts OK

 

Hello,

I used avast! antivirus for 3 years and I like it very (VERY) much, but I have to admit NOD32 is far superior, not only superior than avast! which is itself a great product, but NOD is superior -to my understanding- to all other solutions out there, including F-Prot and Avira which has the better heuristics engine I have seen.

I think it's a **** to become infected with a virus/malware but as Marcos said there's no antivirus/antimalware solution that can be 100% effective, besides that I find really difficult that so old malware just slips behind NOD without being noticed.

On the other side, if you don't trust NOD sure you can go and try any other solution because you know antiviruses are like shoes: there's no one that fits for all but allways there's one that fits you.

Just keep in mind getting out of NOD you will be giving your back to one of the most excellent reliable malware protection solutions existing today in the market, a beautiful crafted piece of code with large chunks of Assembler which makes it the most fast and versatile solution out there.

The only complaint I could have with ESET now I'm a fully customer is it's archaic GUI, it stinks. Of course after little playing a get confident with it but that's because I'm a power user, I still think this GUI isn't for everyone and that's a major drawback with this solution. That I am a power user and I can feel at home with this prehistoric GUI after little player doesn't mean I would not like a more fancy and 'ergonomic' GUI. In fact, F-Secure 2007 and Norton IS 2007 GUIs are both excellent and I think ESET should follow those steps.

 

GUI has completely changed with ESS. If you want to try out ESS beta, see the thread https://www.wilderssecurity.com/showthread.php?t=174235

 

I have a question.

Why is that old post still touted as "the" answer to such questions, when, judging from posts in this forum, there are obviously many people who find the policy unsatisfactory?

Is it a subtle hint for us to "deal with it", since that's the way things are and will be?

 

Because this is the answer and it is the way ESET handle submissions.

They handle a customer with an infected system very differently, priority is given in such an instance.

Cheers