Got a trojan-- Avira missed it SAS caught it...

Discussion in 'malware problems & news' started by owen35ny, Jan 5, 2009.

Thread Status:
Not open for further replies.
  1. owen35ny

    owen35ny Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    28
    I have something called trojan dropper gen detected on SAS. Avira missed ito_O
     
  2. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
  3. eagle5

    eagle5 Registered Member

    Joined:
    Oct 4, 2008
    Posts:
    21
    At least you can be happy knowing that your security systems work...as it was detected :)
     
  4. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Yeah, well, Avira missed it. Get over it. No security product can catch ALL malware in the world. Maybe next time SAS misses something and Avira will catch it. That's why we must have a security strategy and cover our bases with a well thought setup.
     
  5. rOadToIS

    rOadToIS Registered Member

    Joined:
    Dec 16, 2008
    Posts:
    168
    I agree.:thumb:
     
  6. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    Ask yourself how you got the Trojan and what you are going to do to avoid this problem in the future. The answer is certainly not to rely on Avira, SAS or any other "security" program.
     
  7. rookieman

    rookieman Registered Member

    Joined:
    Mar 26, 2006
    Posts:
    409
    Exactly!I had a trial of Avira on my son's computer a while ago and it detected it,go figure.In regards to telling the poster to "Get over it" isn't an answer at all:thumbd:
     
  8. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    And we have at least one more user who has seen the light, and now understands that no single product catches all malware :)

    A big step I might say :) separates one from the masses :D
     
  9. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    May help a bit if the OP can confirm that the find was not a false positive before jumping to conclusions.
     
  10. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Yes indeedy.
    OP, follow my suggestion above. Please post the results.
     
  11. innerpeace

    innerpeace Registered Member

    Joined:
    Jan 15, 2007
    Posts:
    2,095
    Location:
    Mountaineer Country
    Yep, it's always good to have more than one scanner. Trust me, I have 2 examples where the OP's situation is reversed ;).
     
  12. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    I wonder, if you have Avira's heuristic set at high, because by default, it is not.
     
  13. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    If that was the case, wouldn't it be more likely that Avira would have caught the trojan?
    (Op is saying SAS caught it; Avira didn't.)
     
  14. owen35ny

    owen35ny Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    28
    Well, I didn't upload it, I'm not very good with viruses. I don;t know how to wotk with a trojan in virtual. It was in Microsoft internet explorer temp files so I ran cleaner and deleted it with SAS. I looked it up and it seems it could be a false positive if it is in a genuine app file but this was in temp file so I assume it is bad. I complain about Avira because I thought it was invincible and it is not. Also this was a FRESH vista install and I only used explorer for about a half hour to get security apps and to read reviews on them. I then switched to mozilla with sand boxie.
    Is it possible that while viewing sites with a sand boxed browser that the site was sand boxed but the java flash video on the page was not?

    Heuristics was high. The malware is called SETUP_NVD[1].exe
     
    Last edited: Jan 6, 2009
  15. lordpake

    lordpake Registered Member

    Joined:
    Aug 7, 2004
    Posts:
    563
    Location:
    Helsinki ~ European Union
    Welcome to the real world. Avira is good, as are other top players in the field too, but none of them catches 100% of malware.

    False positive from SAS or not, this is important lesson :)
     
  16. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Here is a user who encountered the same thing from SAS. He goes on to say, "I went ahead and quarantined it and when I rebooted, NoScript was no longer on Firefox. WTF?" The forum helper told him to run MBAM, then, "go ahead and download Avira personal". (Kind of ironic, I think, given the title of this thread.) The OP might want to check into the disappearing NoScript, if running Firefox. :)
     
Loading...
Thread Status:
Not open for further replies.