ESET is "useless" if this is not solved !?!?!?

Dear all,
changing from antivirus to another is really annoying.
I have used almost all of them.
now if ESET doesn't have a solution to this
then its time to search for a better antivirus

The problem is the following:

I have many Saved internet explorer webs in my computer (url & html)
and I have been saving them since year 2000 ..
suddenly, ESET detected " HTML Iframe.B.Gen" Virus in them
and the solution is to "delete" them, no "clean" option is available
I attached a photo of the problem ..
I have submitted the file with the problem to ESET, but nothing have changed..

I hope you can help
I'll be grateful

Regards to everyone

 

Most likely the hmtl file contains an Iframe malware, ie. a reference to a site containing malware. If this is the case, you can edit the html file with real-time protection enabled and remove the reference(s) to the malicious site.

 

Would it be technically possible for the scanning engine to sanitize HTML, either over HTTP or the file system, by stripping out frames to malicious locations and continue to render the portions that are not malicious? The rise of 3rd party advertising partners hosting malicious content seems to be creating odd situations where completely valid websites are rendered inaccessible due to issues like this.

 

or exclude the location(s) where you archived those pages from scanning assuming you are convinced they are not malicious

 

Hello,

It may be possible to perform this activity with a realtime block list (RBL) and a content rewriting proxy or tool (GreaseMonkey and Privoxy come to mind).

Regards,

Aryeh Goretsky

 

Then it seems that ESET is "useless" ..
Because all of you gave a possibilty of something
(maybe because of this, maybe because of that)

Im not crazy to delete all my saved webs (html & url)
I've been saving them since year 2000 ..
why so suddenly This virus came up and no solution is given?

anyway,
I'll go for f-secure hoping it'll fix it..

Thanks anyway

and waiting for a solution from others..

regards

 

If you suspect that no malicious website is iframed in your html files, submit them per the instructions here.

I wouldn't consider moving to another AV a solution to the problem just because it doesn't detect the iframed site. It implies you prefer using an AV that detects less threats. Please do as I suggested and we'll see what the virus lab comes up with.

 

I agree with this, better to find out why Eset detects this, mabe there is a good reason, no sense to run to another that might not detect it and it's better to wait for an answer from the virus labs as to the reason for your trouble.

 

agree

 

Frankly It could be a False positive depending on how long he has had Eset. And from how I read it, It just started detecting these as malware. Then again I could be wrong.

 

Ad domains get hijacked or begin serving malicious content out of the blue all the time. That doesn't mean that an iframe that was previously benign and not detected cannot change to begin loading malicious content at a later date.

 

Excuse me but I don't agree..
I already submitted it to ESET Lab.. but nothing changed and they didn't respond..

f-secure internet security is better

 

If ESET can't find a solution to clean a "claimed" Virus.
its a disaster and really a shame to make PC users delete thier own files as an alternative solution to the problem..
what kind of behavior is this?
Un-ethical

I think many people agree with me?
right?

 

I don't recall seeing an email related to this case. Did you submit it per the instructions here? If so, what was the subject of the email?

 

No security solution is perfect, very little software of any sort is. The only way to address problems and strive to solve them for your benefit and for everyone else's is to ask for help in a polite, civilised way and be prepared to help in understanding the problem. I suspect that you are at the point where you are making wild claims which you cannot substantiate. Why do you believe the way to address the problem is to stamp your foot like a child? If you really believe F-Secure is a better product, stop wasting your time and ours and get on with it.

 

useless? It detects what it thinks is a virus and you call that useless. It is obviously a false positive, and needs to be submitted as such.

Calling something useless because it does its job is retarded. My AV program detects viruses it's useless.

F-Secure and Eset are pretty much the same in terms of detection and false positives. If you go to AV-comparatives and look at the test NOD32 score 97.2 and F-Secure scored 97.7. So the chances of your HTML files being detected as a virus in both programs is pretty high.

 

Excuse me,
But you are taking it so personal.
I have the right to claim about a product if i am not satisfied or didnt get what I need since im a customer
I have the right to complain, and shae with others the problem I'm facing.
plus I didn't misbehave, I didn't talk in an un-civilised way, I didn't disrespect anyone, and I was polite. when you discuss a subject either you agree or disagree..
please be careful with your words.
respect people needs and complains.
if you have something useful to the problem, it'll be nice of you to help.
If not, then dont disrespect poeple problems, walk out and leave the subject if im waisting your time..

This is ridiculous, When someone's mood is bad, he/she starts blaiming others..
Thank you anyway..

and about the file i submitted
it contains the subject:
Infected rar file with HTML Iframe.B.Gen Virus

I hope you can help
inform me when you get it..
I'll be thankful

and sorry if anyone of you is taking my words in a bad way

regards,

 

The html file you've submitted contains an iframed link to a Virut domain so it's actually infected. If the file is not from your server and want to keep it, just remove the iframed url along with the starting and ending iframe tag.

 

The infected html file is correctly detected for very long time. Before the client used ESS he was infected by a Virut virus variant (which was not detected by previous security solution at the time of infection) and added iframe element to the files presented on the HDD.

BTW is this tread a duplicate of
https://www.wilderssecurity.com/showthread.php?t=254930 ?

 

It seem like u already post this topic a long ago...It nice thing ESET can detect it and confirm tat url is infected....So ESET surely is the best antivirus

 

hey xfadio
I don't mean any offence.
so what do you have to say now ??
do you still think ESET is Useless; because it cathes the malicious content in your crap.htm.

 

I totally agree. Nod32 might have some issues, but to start with "ESET is "useless" if this is not solved" to ask for help is not the the way to ask for assistance and expect that anyone is willing to help. I guess Eset have to be polite and reply for all type of customers, but i would never try to help for these kind of posts.

Nice to read that Nod32 was actually working as expected in this case.

 

yep one detection and the OP thinks the product is useless? Seems it would be the other way around. Kudos to Eset for being one of the few that actually make a product work right.

 

And, realistically, what Security solution doesn't...

 

Thank you, that is the total truth in one setence. If you visit any vendors support forum you will see this. Some where so bad they did away with their support forum. Eset has issues like do, but if you post your issue in a way that doesnt sound like you are looking to slam someone, you will find a little kindness goes a long way.