Frustrated, I guess nod is not for new users

Discussion in 'ESET NOD32 Antivirus' started by zombix, Nov 8, 2007.

Thread Status:
Not open for further replies.
  1. zombix

    zombix Registered Member

    Joined:
    Jul 22, 2007
    Posts:
    24
    im very disapointed of what nod did for me last night. I was hit with a trojan (which i hardly get attacked) and nod 32 caught it quik and i tried to quarantine the trojan and it did sort of. I checked threat log and the trojan was contained except for 2 lines where it said "error quarantining-connection terminated".

    I then did all sorts of scans and found nothing. I even went into safe mode and scanned-found nothing.

    When i rebooted into regualr vista and opened up internet explorer, BAM! instant crash.

    I never ever crash when opening my browser... So it had to be something with some kind of virus characteristics that was slowly chewing up my system.

    Anyways I reformatted my hardrive and reinstalled nod 32 3.0 I like it so far but is there anyway this time i can get to push a single button and whala! Its gone?

    Or is nod 32 really just made for advanced users, and not for people like me that require a single button push then the virus/trojan ect. is gone?

    I dunno very frustrated with all of this...Im let down..
     
  2. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    No AV gets them all, but a good behaviour-blocker like OnlineArmor or ThreatFire can assist your AV to stop the damage from a virus or trojan, until your AV has the definitions to clean-up the malware....
     
  3. larryb52

    larryb52 Registered Member

    Joined:
    Feb 16, 2006
    Posts:
    1,126
    removing trojans etc should be easy no matter the experience of the user, I'm sorry to see you had to reformat,
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    "connection terminated" means that EAV detected a trojan downloaded to your computer so there must be something that initiated the download. Please send a log from Autoruns to support[at]eset.com with this thread's url in the subject.
     
  5. 19monty64

    19monty64 Registered Member

    Joined:
    Apr 10, 2006
    Posts:
    1,302
    Location:
    Nunya, BZ
    I don't think that's possible...
     
  6. GAN

    GAN Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    355
    Where those files nod32 failed to quarantine in a temp folder on your computer? I seen the same thing when i browse a website with stuff that nod32 block and nod32 is not able to quarantine some files from the temp folder used by internet explorer. If i check the temp directory before i do anything else on my computer the files isn't there which is probably the reason why nod32 couldn't quarantine the files. Not sure why this happen though....i guess internet explorer try to store some files in the temp directory and actually never succeed even if nod32 detect those files and try to quarantine them. Or maybe they are deleted by internet explorer before nod32 is able to quarantine the files.

    Anyway i always ignored those entries from the log and never been infected by doing so. Since you had problems after this incident maybe the trojan managed to do some damage on one or more files before stopped by nod32, but that sounds strange i think. I found it a bit strange if nod32 detect a trojan and then suddenly don't detect the same trojan anymore so i would rather believe some damage were done before the trojan where stopped by nod32 and your computer ended up clean, but maybe with some damaged (or deleted by nod32) files.

    Do you remember the location and what files nod32 detected? Maybe your PC were clean, but a file needed by IE were removed by nod32 because of this incident.
     
    Last edited: Nov 8, 2007
  7. zombix

    zombix Registered Member

    Joined:
    Jul 22, 2007
    Posts:
    24
    I wish i could have ignored the action...But nod 32 blasted an information box in bright red saying "TROJAN RED ALERT!". So i tried to get rid of it. Now i wish i could have ignored the whole thing but i did not have time to go looking in the temp folder...

    Vista was crashing on me from just opening a web browser. Which never happens. So i had to do something fast and reformatting and wiping the drive clean is what worked.

    I thank nod 32 for catching the trojan, because alot of private info would have been comprimised. But i hate reformatting when something could have been done.

    Kudos for catching.
     
  8. GAN

    GAN Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    355
    Well i understand that, but i tried to explain a reason why the quarantine might have failed. Also the log should contain what file that nod32 failed to quarantine so the natural thing to do is to check if the file actually exists since "failed to quarantine" should normally mean that the files is still there. If it's not there and also a full scan no longer detect the trojan i'm pretty sure the trojan is gone. So what you are saying now is that you know that the file that nod32 failed to quarantine were located in the temp directory?

    If you checked what files that where put into quarantine maybe you could have easily replaced that file to solve your problem because i do believe your PC where clean (the trojan removed).

    What i meant about "ignore" is if a file is detected in your temp directory while you browse a webpage, nod32 fail to quarantine and the files isn't there this is normally nothing to worry about. I didn't say you should ignore the trojan, but just that log entry and the temp files that nod32 failed to quarantine could be ignored as well since it's not longer in your temp folder.

    I do believe this could have been fixed much easier then a reinstall.
     
  9. zombix

    zombix Registered Member

    Joined:
    Jul 22, 2007
    Posts:
    24
    Well I see your point. I did not check the temp folder and quarantined. Im sorta relieved that maybe the trojan was deleted.

    i just have nowords on what happened. I panic'd and just reinstalled vista. Im so glad nod detected it because i would have never known what would have hit me. Anyways i just hope 3.0 is a bit simpler to use then 2.7 .
     
  10. GAN

    GAN Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    355
    Well it's good to hear the trojan was detected, but sorry to hear it messed up your system.
    I believe version 3.0 is supposed to be a bit more user friendly even if i liked the old one. When setup correctly it's just running in the background and do the job so i don't really care about the new fancy GUI. The old GUI were faster which i prefer instead of a fancy GUI that is slower. Version 2.7 use less memory as well and also found version 3.0 to have several issues so i'm still using 2.7, but when all the issues are sorted out i might upgrade. Even if 3.0 use more memory it's still much better then other av software.
     
  11. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Get Returnil for virtual protection.
     
Thread Status:
Not open for further replies.