Problem with AMON.

Discussion in 'NOD32 version 2 Forum' started by Disme, Oct 27, 2003.

Thread Status:
Not open for further replies.
  1. Disme

    Disme Registered Member

    Joined:
    Oct 27, 2003
    Posts:
    4
    Dear forum members,

    I am runnig NOD32 v.2 for a week or so and yesterday I did a scan that detected the "Win32/Gatehell.14.dropper" in a RAR-file that was on my hard-drive for quite some time but never detected.
    But the strange thing is that it was only detected when I performed a 'OnDemand Scan' and not with the AMON or IMON module. Even when I extracted the file in question and select it or even run it (yes I know, that's one, if not the most stupid thing you can do but I did it) my NOD32 doesn't react nor my Ad-Watch module. Evehn when I mail it to my hotmail account I don't get a warning, not from NOD32 nor from hotmail that claims all attachments are scanned with McAfee.

    When I ran a new manual scan afterwards it detected the, by now, two trojans (one in the RAR and the one I extracted) but it can not clean, quarentine or delete it. I had to remove it manually.

    Did I not setup NOD32 properly or is there something I do wrong.
    Can anyone tell me what to do now, I found some info about the trojan here:
    <link removed, anyone interested can contact me by PM, Pieter>

    Thanks in advance for your help.
     
  2. 4NodAu

    4NodAu Registered Member

    Joined:
    Oct 27, 2003
    Posts:
    6
    Hi,
    This may HELP look at the following Post / Thread :

    ( type this line below in to your browser URL window )

    http://www.wilderssecurity.com/showthread.php?t=15481;start=0#lastPost

    Then lokk at the following posted reply to:

    Re:EMON
    « Reply #6 on: Today at 01:04:59pm »

    FOLLOW THROUGH PLACING A CHECK ON THE OPTIONS SUGGESTED.

    Hope this helps
    Regards
    4NodAu
     
  3. Disme

    Disme Registered Member

    Joined:
    Oct 27, 2003
    Posts:
    4
    Thanks for your taking the time to reply 4NodAu, but the problem is already solved. It seems that when I scan the same files now, there doesn`t seem to be anything suspisious. That`s not because Nod32 quarantined it since one of the `infected files wa a rar file and is still in the same directory> I also scanned with 5 different online Av and anti-trojan scanners and they didn`t come up with the reported Gatehell.14 trojan. My guess is that it has to do with the recent addition to the virus updat database and Nod32 flipping on it.

    Can happen to the best and I am glad that I am not infected. Next time I won`t open anything that seems supicious, that`s for sure. :blink:

    The mods can close this thread I guess. Problem solved.
     
Thread Status:
Not open for further replies.