NOD32 not detecting malware/viruses

Discussion in 'ESET NOD32 Antivirus' started by not4, Jun 30, 2009.

Thread Status:
Not open for further replies.
  1. not4

    not4 Registered Member

    Joined:
    Mar 20, 2009
    Posts:
    20
    I have the 3rd PC infected with the Malware / Virus called “System Security” in last 2 weeks. All PCs were protected by up to date NOD32. You can find more info about that “System Security” here:
    http://www.2-spyware.com/remove-system-security.html http://www.bleepingcomputer.com/virus-removal/remove-system-security
    This is very painfull virus as it's preventing any program in the system from being run. You cannot lunch even Word:( as you're getting “System Security” message that msword was prevented from being run as it's infected... To remove it I had to plug the HDD to my PC and use Malwarebytes as NOD32 wasn’t detecting anything... BTW Malwarebytes found dozens of spyware infected files including “System Security” which were not detected by NOD32.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Have you followed these instructions?
     
  3. not4

    not4 Registered Member

    Joined:
    Mar 20, 2009
    Posts:
    20
    No, I have deleted the files using Malwarebytes. I am just expecting better protection from paid antivirus than from freeware malwarebytes...
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    As far as I know, MB is targeted at removing malware from already infected machines and it uses a different approach to cleaning malware. Correct me if I'm wrong. Thinking that a particular AV solution will protect you against every single threat is just utopia.
     
  5. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    even if you run Nod32 & MB or any other AV & MB and similar apps it will not be a guarantee that the machine will remain spyware or malware free. What you need is to further enhance the layers of security on your machines, maybe block scripting except for trusted sites, use limited user, make sure comp is fully patched, educate user and use common sense etc.
     
  6. gantz75

    gantz75 Registered Member

    Joined:
    Feb 16, 2009
    Posts:
    9
    I have also had problem with Nod not detecting the System Security virus/trojan/malware. Previously also with the XP Antivirus wich to me looks simmilar.
    What I´m intrested in is how it infects and why it is so difficoult to detect. If I have understood it correctly you have to actually press "install" or "OK" to get the virus but shouldt the http scanner catch it?
    I do not think this is just NOD32 having this problem I have seen Pc´s whith Norman that has been infected as well.
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,376
    Yep, that would be best and expected. However, you should take into account that rogue AVs are nothing but business and they can afford paying programmers to contweak the code until it's undetected by AV programs they focus at and just after that they release it. That's why it's important to use common sense and also not to browse under an admin account. AV programs just minimize the chance of getting infected, they won't protect you completely against every single, even not yet created threat.
     
  8. ASpace

    ASpace Guest


    Isn't this not what ESET advertises?
    Of course not "every single file" but let's say most , the maximum possible.
     
  9. gantz75

    gantz75 Registered Member

    Joined:
    Feb 16, 2009
    Posts:
    9
    Marcos, how about this System Security Virus. How does it work from your point when it is reported that it is not detecting?
    Do you at ESET have some more info concerning this specific? If I remember correctly I think that XP Antivirus and now System security is the only infections I have seen at my customers in the last six month(of course some other but they have been detected).

    Regards
    Micke
     
  10. twl845

    twl845 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    4,186
    Location:
    USA
    Browse using Shadow Defender or Returnil in a virtual state. Then if you get hit all you have to do is re-boot.:ninja:
     
  11. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    that is assuming the user realises that it got hit
     
Thread Status:
Not open for further replies.