Eset Failed to block "spyware protection virus"

I was surprised to find one of our XP SP3 PCs running Eset Smart Security 4.04.. failed to block the "spyware protection virus" which seemed to block every action to stop it. It was one of these scamware programs suggesting the system was infected with all kinds of nonsense. it wasn't, of course, but, for the user it was very concerning.

The scamware seemed to disable Eset, it would not allow windows task manager to stay open, and blocked any antivirus or antispam .exe file from running.

Rather than spend all day fighting the thing, I decided that a system restore and backup data restore would solve the problem.

Although it took a good 6 hours to recover the system, i'm somewhat upset that eset didn't put up a better defence.

 

see
https://www.wilderssecurity.com/showpost.php?p=1853093&postcount=2

 

Thanks for the reply.

The latest update is always there, it's set to d/l automatically. All components operational.

It was not possible to do anything with that computer. Everything was locked out. It was a really nasty scamware program.

That being the case, it was not possible to submit a file analysis as the system had to be completely wiped and restored. Thankfully, we had backups, too.

 

Did you try booting it in safe mode and running a on demand scan with another program?

 

Thanks, yes, it had complete control of the boot. I was concerned, too, that it had affected the bios, but that didn't turn out to be the case.

Once again, it's a shame that eset nod32 didn't block this, it was difficult to eradicate, so it would have been nice if it was blocked before getting on the system and causing so much annoyance and one day of lost work from me to restore, and one day of lost work from my colleague.
It was an expensive operation to clean it up.

 

Hi poshsimontemplar,

Malware is being constantly updated to avoid detection. Would it be possible for you to send samples of the missing threats to ESET for analysis?

How to submit virus or potential false positive samples to ESET's labs

Thank you.

 

Hi Tony,
I'm sorry, no, I can't, as I mentioned, it was not possible to do anything with the machine, and the formatting of the HD and full system restore obviously wiped it, which is what i needed to do to get it working again.