ESET is "useless" if this is not solved !?!?!?

Discussion in 'ESET NOD32 Antivirus' started by xfadio, Nov 17, 2009.

Thread Status:
Not open for further replies.
  1. xfadio

    xfadio Registered Member

    Joined:
    Oct 5, 2009
    Posts:
    17
    Dear all,
    changing from antivirus to another is really annoying.
    I have used almost all of them.
    now if ESET doesn't have a solution to this
    then its time to search for a better antivirus

    The problem is the following:

    I have many Saved internet explorer webs in my computer (url & html)
    and I have been saving them since year 2000 ..
    suddenly, ESET detected " HTML Iframe.B.Gen" Virus in them
    and the solution is to "delete" them, no "clean" option is available
    I attached a photo of the problem ..
    I have submitted the file with the problem to ESET, but nothing have changed..

    I hope you can help
    I'll be grateful

    Regards to everyone
     

    Attached Files:

  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Most likely the hmtl file contains an Iframe malware, ie. a reference to a site containing malware. If this is the case, you can edit the html file with real-time protection enabled and remove the reference(s) to the malicious site.
     
  3. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    Would it be technically possible for the scanning engine to sanitize HTML, either over HTTP or the file system, by stripping out frames to malicious locations and continue to render the portions that are not malicious? The rise of 3rd party advertising partners hosting malicious content seems to be creating odd situations where completely valid websites are rendered inaccessible due to issues like this.
     
  4. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    or exclude the location(s) where you archived those pages from scanning assuming you are convinced they are not malicious
     
  5. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,032
    Location:
    California
    Hello,

    It may be possible to perform this activity with a realtime block list (RBL) and a content rewriting proxy or tool (GreaseMonkey and Privoxy come to mind).

    Regards,

    Aryeh Goretsky
     
  6. xfadio

    xfadio Registered Member

    Joined:
    Oct 5, 2009
    Posts:
    17
    Then it seems that ESET is "useless" .. o_O o_O o_O o_O o_O o_O
    Because all of you gave a possibilty of something
    (maybe because of this, maybe because of that)

    Im not crazy to delete all my saved webs (html & url)
    I've been saving them since year 2000 ..
    why so suddenly This virus came up and no solution is given?

    anyway,
    I'll go for f-secure hoping it'll fix it..

    Thanks anyway

    and waiting for a solution from others..

    regards
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    If you suspect that no malicious website is iframed in your html files, submit them per the instructions here.

    I wouldn't consider moving to another AV a solution to the problem just because it doesn't detect the iframed site. It implies you prefer using an AV that detects less threats. Please do as I suggested and we'll see what the virus lab comes up with.
     
  8. ccomputertek

    ccomputertek Registered Member

    Joined:
    Jul 27, 2009
    Posts:
    371
    I agree with this, better to find out why Eset detects this, mabe there is a good reason, no sense to run to another that might not detect it and it's better to wait for an answer from the virus labs as to the reason for your trouble.
     
  9. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    agree :thumb:
     
  10. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    Frankly It could be a False positive depending on how long he has had Eset. And from how I read it, It just started detecting these as malware. Then again I could be wrong. :D
     
  11. SmackyTheFrog

    SmackyTheFrog Registered Member

    Joined:
    Nov 5, 2007
    Posts:
    767
    Location:
    Lansing, Michigan
    Ad domains get hijacked or begin serving malicious content out of the blue all the time. That doesn't mean that an iframe that was previously benign and not detected cannot change to begin loading malicious content at a later date.
     
  12. xfadio

    xfadio Registered Member

    Joined:
    Oct 5, 2009
    Posts:
    17


    Excuse me but I don't agree..
    I already submitted it to ESET Lab.. but nothing changed and they didn't respond..

    f-secure internet security is better
     
  13. xfadio

    xfadio Registered Member

    Joined:
    Oct 5, 2009
    Posts:
    17
    If ESET can't find a solution to clean a "claimed" Virus.
    its a disaster and really a shame to make PC users delete thier own files as an alternative solution to the problem..
    what kind of behavior is this?
    Un-ethical

    I think many people agree with me?
    right?
     
  14. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    I don't recall seeing an email related to this case. Did you submit it per the instructions here? If so, what was the subject of the email?
     
  15. JeremyWW

    JeremyWW Registered Member

    Joined:
    Apr 13, 2005
    Posts:
    237
    No security solution is perfect, very little software of any sort is. The only way to address problems and strive to solve them for your benefit and for everyone else's is to ask for help in a polite, civilised way and be prepared to help in understanding the problem. I suspect that you are at the point where you are making wild claims which you cannot substantiate. Why do you believe the way to address the problem is to stamp your foot like a child? If you really believe F-Secure is a better product, stop wasting your time and ours and get on with it.
     
  16. HSChronic

    HSChronic Registered Member

    Joined:
    Feb 22, 2007
    Posts:
    10
    useless? It detects what it thinks is a virus and you call that useless. It is obviously a false positive, and needs to be submitted as such.

    Calling something useless because it does its job is retarded. My AV program detects viruses it's useless.

    F-Secure and Eset are pretty much the same in terms of detection and false positives. If you go to AV-comparatives and look at the test NOD32 score 97.2 and F-Secure scored 97.7. So the chances of your HTML files being detected as a virus in both programs is pretty high.
     
  17. xfadio

    xfadio Registered Member

    Joined:
    Oct 5, 2009
    Posts:
    17

    Excuse me,
    But you are taking it so personal.
    I have the right to claim about a product if i am not satisfied or didnt get what I need since im a customer
    I have the right to complain, and shae with others the problem I'm facing.
    plus I didn't misbehave, I didn't talk in an un-civilised way, I didn't disrespect anyone, and I was polite. when you discuss a subject either you agree or disagree..
    please be careful with your words.
    respect people needs and complains.
    if you have something useful to the problem, it'll be nice of you to help.
    If not, then dont disrespect poeple problems, walk out and leave the subject if im waisting your time..

    This is ridiculous, When someone's mood is bad, he/she starts blaiming others..
    Thank you anyway..

    and about the file i submitted
    it contains the subject:
    Infected rar file with HTML Iframe.B.Gen Virus

    I hope you can help
    inform me when you get it..
    I'll be thankful

    and sorry if anyone of you is taking my words in a bad way

    regards,
     
  18. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    The html file you've submitted contains an iframed link to a Virut domain so it's actually infected. If the file is not from your server and want to keep it, just remove the iframed url along with the starting and ending iframe tag.
     
  19. danieln

    danieln Eset Staff

    Joined:
    Jan 7, 2009
    Posts:
    112
    The infected html file is correctly detected for very long time. Before the client used ESS he was infected by a Virut virus variant (which was not detected by previous security solution at the time of infection) and added iframe element to the files presented on the HDD.

    BTW is this tread a duplicate of
    https://www.wilderssecurity.com/showthread.php?t=254930 ?
     
  20. reevesloh

    reevesloh Registered Member

    Joined:
    Jul 6, 2009
    Posts:
    160
    It seem like u already post this topic a long ago...It nice thing ESET can detect it and confirm tat url is infected....So ESET surely is the best antivirus
     
  21. kalu

    kalu Registered Member

    Joined:
    Nov 3, 2009
    Posts:
    49
    hey xfadio
    I don't mean any offence.
    so what do you have to say now ??
    do you still think ESET is Useless; because it cathes the malicious content in your crap.htm.
     
  22. GAN

    GAN Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    355
    I totally agree. Nod32 might have some issues, but to start with "ESET is "useless" if this is not solved" to ask for help is not the the way to ask for assistance and expect that anyone is willing to help. I guess Eset have to be polite and reply for all type of customers, but i would never try to help for these kind of posts.

    Nice to read that Nod32 was actually working as expected in this case.
     
  23. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    yep one detection and the OP thinks the product is useless? Seems it would be the other way around. Kudos to Eset for being one of the few that actually make a product work right.:thumb:
     
  24. JeremyWW

    JeremyWW Registered Member

    Joined:
    Apr 13, 2005
    Posts:
    237
    And, realistically, what Security solution doesn't...
     
  25. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    Thank you, that is the total truth in one setence. If you visit any vendors support forum you will see this. Some where so bad they did away with their support forum. Eset has issues like do, but if you post your issue in a way that doesnt sound like you are looking to slam someone, you will find a little kindness goes a long way.
     
Thread Status:
Not open for further replies.