Ecops ransomware intrusion

Discussion in 'ESET NOD32 Antivirus' started by johan39, Oct 13, 2012.

Thread Status:
Not open for further replies.
  1. johan39

    johan39 Registered Member

    Joined:
    Oct 13, 2012
    Posts:
    2
    Location:
    Belgium
    Hello,

    I have Eset Sercurity 5 on my pc. Nevertheless i had 2 intrusions of the ECops virus, blocking my pc and asking for a ransom. Is Eset not giving sufficient protection against this malware?
    Thanks for your advise.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Not sure if you mean this one. If so, it's detected by ESET as Win32/LockScreen.AJA trojan. If you have MD5/SHA1 hash or the file itself, submit it to ESET.
     
  3. wolliballa

    wolliballa Registered Member

    Joined:
    Nov 9, 2011
    Posts:
    90
    Location:
    Germany
    See this one https://www.wilderssecurity.com/showthread.php?t=332305. I basically reported the same. Either sometimes Eset is not quick enough or the malware programmers know better tricks to bypass NOD32....
    Funny enough, once you manage to get rid of the autostart entry, in most cases the malware IS detected
    To be honest, once I supplied Eset with samples they were added to the next updates very fast...........
     
  4. johan39

    johan39 Registered Member

    Joined:
    Oct 13, 2012
    Posts:
    2
    Location:
    Belgium
    It is probably a variant of that trojan. The screen is a little different, but in principle the same. The heading was "Federale Politie" in stead of "ECOPS". I was not able to copy the file, since my pc was completely blocked. I restored my pc with recent image file. I hope Nod32 will block the trojan.
    Thanks anyway.
     
Thread Status:
Not open for further replies.