NOD 32 v.4 completly missed a virus..

Discussion in 'ESET NOD32 Antivirus' started by MichaelG, Jun 16, 2009.

Thread Status:
Not open for further replies.
  1. MichaelG

    MichaelG Registered Member

    Joined:
    Oct 8, 2007
    Posts:
    11
    NOD 32 v.4 completely missed a virus..

    Well its managed to miss Global.exe completely which arrived on a customers flash stick.. I now have a computer thats infected up to the eyeballs and now nod 32 has decided to clean all exe files on the said pc... after infection what use is that o_Oo_Oo_Oo_Oo_O??

    what a mess, ive never had a problem with older versions of this software.. this is going into the bin if i have to reformat the drive.


    regards

    Michael
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Every AV program misses threats, that's a matter of fact. There's no solution that would detect 100% of all threats. Refere here for instructions how to submit unrecognized suspicious files to ESET for analysis.

    As for formatting, it's not inevitable when malware is found running on a computer. Simply remove it either with assistence of ESET's customer care people or using free tools that are available on the Internet.
     
  3. Eagle Creek

    Eagle Creek Global Moderator

    Joined:
    Jul 27, 2004
    Posts:
    734
    Location:
    The Netherlands
    Hi Michael,

    I run NOD32 at my laptop and I got a infected USBstick from a colleague. My NOD32 detected this and prevented my laptop from getting infected.
    Later I scanned the file with Kaspersky at home and it didn't find anything. In fact, when I uploaded it at Virustotal only 50% of the scanners found the virus, altough it really was one (I tested in a VM).

    Like Marcos said; every scanner will miss a threat now and then. This time it was NOD32, previous time it was my Kaspersky.
     
  4. MichaelG

    MichaelG Registered Member

    Joined:
    Oct 8, 2007
    Posts:
    11
    yes nod32 cleans usb autorun files quite well..

    Marcos: Nod32 is supposed to catch all known threats and Global.exe isnt exacly a new threat..

    But its not supposed to miss a well know virus like Global.exe and it decided to try and clean after its connected to the internet and downloaded a load of other infected exes... i had to reformat the drive every time it found an association with Global.exe and its many addons it removed them but the infection replaced itself instantly leaving me with nod32 just going into a loop.... even in safe mode... every program exe file on the pc became infected according to nod32..

    in the bin it goes and paypal to Kaspersky
     
  5. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,852
    How are you quoting a filename as a popular virus? A virus can have any filename under the sun, and nod32 detects all viruses in the wild.
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Global.exe can be anything from adware to a file infecting virus. A file name does not tell anything about what kind of malware it is.
     
  7. kriebly

    kriebly Registered Member

    Joined:
    Dec 22, 2008
    Posts:
    41
    Location:
    Northern California
  8. Echofig

    Echofig Registered Member

    Joined:
    Jun 17, 2009
    Posts:
    10
    You should check you advanced settings. You are able to disable real-time file system protection from Removable media.
     
  9. steve1955

    steve1955 Registered Member

    Joined:
    Feb 7, 2004
    Posts:
    1,384
    Location:
    Sunny(in my dreams)Manchester,England
    NOD 32 v.4 completely missed a virus..
    Is that worse than just "missed a virus":-I would have thought they were both the same!every AV misses things from time to time,its a fact of life and something we've all got to live with!
     
  10. SternMan

    SternMan Registered Member

    Joined:
    Aug 14, 2008
    Posts:
    31
    Yesterday sent to the laboratory file
    ~VirusTotal link removed per forum Policy.~
    , no response so far.

    Help, all system is infected with them :(
     
    Last edited by a moderator: Jun 17, 2009
  11. berryracer

    berryracer Suspended Member

    Joined:
    Jan 24, 2008
    Posts:
    1,640
    Location:
    Dubai, UAE
    have you applied the blackspear settings dude?
     
  12. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Blackspear's settings are not recommended. Default settings provide best balance between protection and performance.
     
  13. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Did you actually send it to samples[at]eset.com per the instructions here?
     
  14. bradtech

    bradtech Guest

    Disabling Autorun is kind of a drastic action much like disabling vbs association back in the day when vbs worms spread.. A sound software restriction policy, non administrator rights, and NOD32 have proven to be very effective against autorun attacks. I am very happy with the detection rates, and prevention I see.. Only thing that has really got past is fake AVs which NOD32 added to their detection list in 48 hours after I submitted..
     
  15. kriebly

    kriebly Registered Member

    Joined:
    Dec 22, 2008
    Posts:
    41
    Location:
    Northern California
    How so? Is having to double-click on a program on the CD-ROM or USB-stick significantly harder than having the program Start menu pop up automatically?

    Apple for its part had ditched autorun by the time OSX came out.

    I don't doubt that, but aren't the first two items you listed more complicated for the average user to implement than turning off autorun?
     
  16. Eagle Creek

    Eagle Creek Global Moderator

    Joined:
    Jul 27, 2004
    Posts:
    734
    Location:
    The Netherlands
    Not sure if you could call Disabling Autorun drastic. I don't like it very much either, but it seems the best advice at the moment. Microsoft even has made several changes in Windows 7 causing USB not to autorun anymore, by default.

    It's always usability vs security..
     
  17. lumpeh

    lumpeh Registered Member

    Joined:
    Sep 26, 2008
    Posts:
    13
    I personally wouldn't have a desktop that has USB sticks going into it from unknown sources, running as admin :eek:
     
  18. piranha

    piranha Registered Member

    Joined:
    Mar 21, 2005
    Posts:
    623
    Location:
    Laval, Qu?bec, Canada
    o_O o_O o_O o_O o_O o_O o_O o_O o_O :cautious: :blink:

    BS tutorial (and settings included) is sticky, it looks very much like as recommended, may be you should add a warning
     
Thread Status:
Not open for further replies.