'AV Security Suite' infection from ESET?

Discussion in 'ESET Smart Security' started by MJamo, Jun 7, 2010.

Thread Status:
Not open for further replies.
  1. MJamo

    MJamo Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    2
    Has anyone else run into the issue of "AV security Suite" being installed on your system(s). I am running a trial on ESS and this happened on my work laptop last night, and my work computer today. The only thing I was doing was updating ESS, I had cnn and some other harmless website opened in the background. Then out of the blue "AV Security Suite" pops up saying my computer is infected and blocks me from doing aynthing. I eventually cleaned it, but it seems like the infection came from the ESS update. Has this happen to anyone else?

    Thanks,

    Matt Jamieson
     
  2. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    It can,t happen unless their servers were comoromized that is an extremely remote posibility.

    Your PC was compromised or you hit some banner/ ad/ button etc that lead to the download of this rouge. I guess you are using XP. Is it updated? Is your browser updated?

    Also run a scan with Malwarebytes antimalware and some AV( other than NOD) to see if there are some other infections or remnants, not detected by NOD.
     
  3. MJamo

    MJamo Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    2
    Both are windows 7 machines and both had no previous infections. Just seems real strange. I have never has an issue like this before, and after I install ESS on both machines with in a couple days they both have this issue.
     
  4. COSMO26

    COSMO26 Registered Member

    Joined:
    Oct 21, 2003
    Posts:
    404
  5. pc-support

    pc-support Registered Member

    Joined:
    Mar 10, 2005
    Posts:
    285
    Location:
    Edinburgh, UK
    Download and run Combofix and then either (or better, both) Malwarebytes / Superantispyware.

    What is worrying though is that NOD didn't catch the initial AV Security Suite download…..
     
  6. davecampbell

    davecampbell Registered Member

    Joined:
    Mar 19, 2010
    Posts:
    1
    I've had two computers infected with AV Security Suite in the past week. I run ESS on about 50 machines, mostly WinXP with the latest updates. And it's still getting past Eset. Our license is up for renewal this month and while I've been pleased overall with the product, I need something that can block this malware garbage.
     
  7. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    Fake AV programs are constantly updated by their creators in order to avoid detection, which is why nearly every virus signature database update released by ESET contains new detections for them.

    If you have one which is not being detected by ESET's software, it is a good idea to contact technical support for assistance in manually removing it and obtaining a sample to send off to the virus lab so that detection for it can be added.

    Regards,

    Aryeh Goretsky
     
  8. VeeHexx

    VeeHexx Registered Member

    Joined:
    Nov 12, 2006
    Posts:
    14
    i've got it too. while im not saying i did something asbent minded (although very unlikely), im in IT so know my stuff..

    nod32 didnt alert when this was downloaded/installed. win7-64, nod32 v4 and fully updated system.

    cant believe i've got a virus. last time i had one was before i bought AV software. a day of fun reinstalling i think.
    tempted to move over to linux anyway; it would of stopped this infection, plus my requirements can be ran in VM anyway. MS are just getting silly with alot of things.

    point of this post? just to update the record. seems nod32 isnt catching this one....
     
  9. gijames1982

    gijames1982 Registered Member

    Joined:
    Aug 20, 2010
    Posts:
    1
    I'm not quite sure how it happened to me too, but Security Suite got right past ESET. ESET did not protect me from this virus, my ESET is up-to-date. Win 7 Business with all updates installed.
     
  10. tbaker

    tbaker Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    2
    Do you run ESET in active mode?
     
  11. Brummelchen

    Brummelchen Registered Member

    Joined:
    Jan 3, 2009
    Posts:
    1,734
    several options:
    - if that dialog popus in your browser -> close or kick browser, clean cache
    and restart browser -> improve script and ad filters!!!

    - if that crap has already touched your harddrive without notice may have several reasons:
    -- you have java installed - a manipulated java archive was executed and that loaded
    a malicious exe file with trojan virus osa.
    (happend twice as descriven to users in my other support forums)

    so - for reason i dont have any java installed. i use a whitelist for flash sites
    and i never open pdf files in browser!
    java is not important for normal web usage. so admins should improve global
    web filters either on local computers or on a proxy server through which the
    clients connects. and admin should limit user rights (normal home users should
    do that too - DONT surf as admin) a whitelist for allowed executables may help also.

    as much i can read people rely too much on antivirus solutions instead a proper security concept.

    HTH
     
Thread Status:
Not open for further replies.