Having 2nd Thoughts About NOD After This Beta!!

Discussion in 'ESET NOD32 v3 Beta Forum' started by worldcitizen, Jul 28, 2004.

Thread Status:
Not open for further replies.
  1. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    I've been having a real, real problem with Trojans & Downloaders getting onto my PC and causing problems and the other day after a few got onto my hard drive it became corrupted and it took me 2 days to get it back to normal. No Trojan program seemed to pay much attention to some of these backdoor infiltrations coming from websites and I tried everything but once they get on they eat my drive.

    I know NOD 32 is not really meant for this but just have a look at this wil ya'.

    Time Module Object Name Virus Action User Info
    7/29/2004 1:32:04 AM IMON archive <snip> multiple infiltrations connection terminated WORLDCITIZEN\David
    7/29/2004 1:32:03 AM IMON archive <snip> multiple infiltrations connection terminated WORLDCITIZEN\David

    These HIDDEN bugs can do great damage and now after seeing this I have changed my opinion of NOD 32 from best in the world to best in the Universe!!! This is REAL CLASS MAN!! This is what protecting a PC is ALL ABOUT!! See how BEAUTIFULLY NOD32 intervened!! I didn't even know about this until I looked in IMON and saw 8 infections and 2 cleaned. Then I went to the log and saw the above. MY PRAYERS ANSWERED!! My Sun Java cache is ususally full of these but as I fretted that my drive was about to be eaten again I found not one had got to the cache. JUST BEAUUUTIFUL!!

    Also, things like this tell you a lot about the professionalism of the programmers at Eset. I surf a hell of a lot and sometimes I just get a corrupted drive for no reason and programs get deleted but with this kind of protection in the new BETA at least I've got a fighting chance and I sincerely hope they don't change much and commend Eset on this tremendous improvement in REAL TIME PROTECTION.


    Dave


    edited to remove live virus links - Detox
     
    Last edited by a moderator: Jul 28, 2004
  2. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    It seems to me that you also need a firewall, that would definitely help with all of your trojans, from the sounds of it a hardware and software firewall together should be used. Also the most important of all in the battle for a secure computer, you must secure the USER. No AV software in the world can protect you 100% of the time everytime, (after all even the best software is written by a mistake prone human). Yes I agree NOD is one of the better AV's out there, and improving rapidily here of late, but you still have to practice some safe computing. It's like saying "well I am wearing a bullet proof vest,so I should go to Iraq.", Instead of " well if I have to go to Iraq,I should wear a bullet proof vest"
     
  3. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    What other security are you using on your PC World Citizen? It may be time to see what the people here at Wilders can offer you in advice to setting up your system a little safer...

    Cheers :D

    PS. Nice reply FlyrFan111
     
  4. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    The NOD 32 BETA is the FIRST program to ever address these infiltrations for ME. No other program seems to stop these. Very good work ESET. Am very happy with the new Beta and look forward to the full release of the new version.

    Dave
     
  5. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Here is a starters list of where we begin for a customer:

    Nod32
    ZoneAlarm
    Spyware Guard
    Spyware Blaster
    Spybot Search and Destroy
    AdAware

    Then you should look at something like:

    TDS
    System Safety Monitor
    Mozilla Firefox
    Proxomitron
    etc

    Hope this helps...

    Cheers :D
     
  6. sard

    sard Registered Member

    Joined:
    Apr 18, 2004
    Posts:
    175
    Location:
    UK
    I was having problems with trojans and found some useful advice at http://www.grc.com/default.htm Try the shields up test to make sure all the ports are closed. Especially Netbios ones.

    Otherwise it's only a matter of time before you come up against some malware NOD32 doesn't detect, no AV's perfect.
     
  7. Blackcat

    Blackcat Registered Member

    Joined:
    Nov 22, 2002
    Posts:
    4,010
    Location:
    Christchurch, UK
  8. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
  9. MCT

    MCT Registered Member

    Joined:
    Mar 10, 2004
    Posts:
    300
    for what its worth, here is what i use..

    nod32 latest beta or release
    adaware6
    spybot
    spywareblaster
    opera browser (not free, use firefox if u want something free thats safer then IE)
    kerio personal firewall latest beta or release

    regards
     
  10. worldcitizen

    worldcitizen Registered Member

    Joined:
    May 15, 2003
    Posts:
    530
    Hi Everyone,

    I HAVE to say again - this new http scanner ROCKS!!

    NONE of the trojan downloaders I used to get are getting thru. I repeat NONE. They are ALL being stopped dead in their tracks. IMON kills them and simply stops the connection from loading them!!

    Dave
     
  11. anders

    anders Eset Staff Account

    Joined:
    Oct 25, 2002
    Posts:
    410
    Nice that they are stopped. Though, if NOD32 only detects them heuristically (pe_heur or "possible win32.crypt" or something), you should submit the samples (or URLs to the files) in order to make sure they are properly detected by signatures too.
     
  12. farnsworth

    farnsworth Guest

    I dunno what kind of sites you are visiting, but if you are routinely getting trojan downloaders on your PC I'd be willing to bet you are using internet explorer. Stop. Go to http://www.mozilla.org and get yourself a new browser. Sooner or later a trojan will get past nod32. I havent had one trojandownloader or piece of spyware near my PC since I ditched the bug-ridden nightmare that is IE.
    I seriously think the security holes in IE are the biggest threat to the average home user, i'd sooner run a PC without a firewall and AV than i'd use internet explorer to visit anything other than windows update.
    Also as regards http scanning, isn't it redundant anyway? Any on-access scanner should scan anything that hits the HD before it has a chance to execute, what extra benefit does an http scanner have?
     
  13. sard

    sard Registered Member

    Joined:
    Apr 18, 2004
    Posts:
    175
    Location:
    UK
    I bet he doesn't have a properly configured firewall. I use Firefox almost exclusively but I had my firewall badly setup and managed to contract several Trojans over the course of a week before I went to GRC.com and failed all the shields up tests. You don't even have to browse the internet do contract some nasties, just being connected with all your ports and TCPIP file sharing enabled is enough to hoover them up as I discovered :oops:

    I think Advanced Heuristics only scans stuff downloaded through IMON. Archives are also only examined when created through IMON, and deletion should be easier as the only program using the file containing the malware will be NOD32 if it is downloaded through IMON.
     
    Last edited: Aug 17, 2004
  14. flyrfan111

    flyrfan111 Registered Member

    Joined:
    Jun 1, 2004
    Posts:
    1,224
    If you are using the beta, IMON, AMON and DMON all use AH as well as the on demand scanner.
     
Thread Status:
Not open for further replies.