e-card virus issue

Discussion in 'ESET NOD32 Antivirus' started by bsilva, Mar 12, 2009.

Thread Status:
Not open for further replies.
  1. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,752
    Location:
    Toronto Canada
    BitDefender assuming they detect it, is one that will delete unless you change the setting to tell it not to. Fine for a single computer but 1800! :eek: But I'm sure Eset will rectify the situation soon enough.
     
  2. bsilva

    bsilva Registered Member

    Joined:
    Mar 24, 2004
    Posts:
    238
    Location:
    MA, USA
    Luckily we were able to contain using GW to setup rules to prevent forwarding of the e-card email.

    I think we've cleaned up most computers. It wasn't all 1800 of them but it was a good amount (over 50). I saw some more updates so I hope it detects it now. I have a test computer that is infected.
     
  3. BedreAntivirus

    BedreAntivirus Registered Member

    Joined:
    Mar 11, 2008
    Posts:
    92
  4. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    No, they didn't. Whether it's a folder or a registry entry. I wouldn't recommend Symantec's online cleaner either, if I were to recommend a free cleaner it would be Dr. Web's cure it, no install, easy update, simple clean. It's one of my cleanup tools I take with me when fixing someones machine.
     
  5. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
    There was a new update released few min ago...does it detect it now?


    Oh and reason why I kept saying Norton is that it's been proven to detect this strain, so it was logical to use a tool that has allready shown a positive detection.

    And yes Malwarebytes and SuperAntiSpyware are both very good and nuking Vundo, however they are not server managed...and I forgot that the user had 50 machines to clean.

    Also a good tool is SCOTTY aka WinPatrol...it's a freebie or if you so inclined you can pay the author for making it and get the PLUS version.
     
  6. elavoie

    elavoie Registered Member

    Joined:
    Mar 13, 2009
    Posts:
    6
    Alas the new update does not work, and for removal of vundo i must admit malwarebytes is quite thourough in removing it, i have encounterred this virtumonde crap for the last 5 years. From inception it has been one of the nastiest piece of $%$ every time i encounterred it, this current one is pretty impressive, it hooks itself in so many corner. As for not using norton, nothing religious about it, i find most AV are not great at cleaning virtumonde, spybot only cleans it a partially, malwarebytes was pretty spot on. Now i hope we get an update that detects it.
     
    Last edited: Mar 15, 2009
  7. GrammatonCleric

    GrammatonCleric Registered Member

    Joined:
    Jan 8, 2009
    Posts:
    372
    Please let us know when it's detected.
    Welcome to the submission to definition addition lag.
    I don't know what determines when they add the files, but many times the lag is horrid and then on occasion it's few hours.

    Of course that does not help the fact that if you are the one who is infected and waiting for the solution has to be kept waiting for 3+ days and counting.
     
  8. bsilva

    bsilva Registered Member

    Joined:
    Mar 24, 2004
    Posts:
    238
    Location:
    MA, USA
    I got an update for it and Eset sees it as Win32/Merond.G.
     
  9. elavoie

    elavoie Registered Member

    Joined:
    Mar 13, 2009
    Posts:
    6
    Same here, problem solved
     
  10. jimwillsher

    jimwillsher Registered Member

    Joined:
    Mar 4, 2009
    Posts:
    667
    I do find ESET to be sometimes slow in detecting.

    If ever I have to download from Usenet and I'm unsure of the file, I always use Kaspersky's free online virus scanner. On at least a dozen occasions it has detected a virus when ESET hasn't; I've then sent the file to ESET, and the next update has detected it.

    Seems like Kaspersky are proactive and ESET are reactive.


    Jim
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.