Spyware Protect 2009: Why isn't NOD32 killing it?

Discussion in 'ESET NOD32 Antivirus' started by Batus, Apr 27, 2009.

Thread Status:
Not open for further replies.
  1. Batus

    Batus Registered Member

    Joined:
    Aug 10, 2008
    Posts:
    19
    I'm getting fake spyware alerts from this bogus program all over the place. NOD32 says it's removing and quarantining it, but the thing keeps coming right back every time I boot up. How do I get rid of this pest? Thanks for any info.
     
  2. bradtech

    bradtech Guest

    If NOD32 isn't killing it make sure to get the parasite, zip it up, and email it to ESET.. Then get a Malware cleaner like Malware Bytes to assist you.
     
  3. Batus

    Batus Registered Member

    Joined:
    Aug 10, 2008
    Posts:
    19
    I just ran a full scan with SuperAntiSpyware, but it didn't detect or remove it. I'm just now going to install and run Malwarebyte.

    On start-up, NOD32 identified the malware and tells me it's been removed and quarantined.....but it's still there. This looks like something new to me. I've never seen anything yet that either NOD32 or SuperAntiSpyware couldn't nail. I'm getting constant Spyware Protect 2009 alerts and popups. Real annoying!

    Is the "parasite" file located wherever NOD32 quarantines stuff? I don't even know if NOD32 is doing anything. It thinks it is, but the malware doesn't seem a bit fazed.

    BTW, my OS is XP SP2 and NOD32 is v. 3.0.642.0 Virus signature base was updated when I started up this AM.
     
  4. bradtech

    bradtech Guest

    Yes it should show the location of where the file is located that is being detected.. However I'd recommend trying to update to Version 4.0.424, and getting a Sysinspector log, along with a hijackthis log file for ESET To look at.. I ran into a fake anti virus called General Anti Virus that got past NOD32 last week. I had to zip it up, password protect it, and email it to their labs then they added a definition for it within 48 hours and sent it out. Malwarebytes, and Spyware Doctor killed it off for me.






     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    This could be the problem. V3 is not as good at cleaning resistant threats as v4. V4 also allows you to create a snapshot of your system status using SysInspector which you can subsequently analyse or send it to customer care for perusal.
     
  6. Batus

    Batus Registered Member

    Joined:
    Aug 10, 2008
    Posts:
    19
    I'll keep that in mind. Malware Bytes ID'ed and removed a bunch of trojans/security disablers, etc., and I'm no longer getting the Antispyware 2009 warnings. So hopefully the problem is solved.
     
  7. bradtech

    bradtech Guest

    You may still invest the time in going up to the newest 4.0.424 build, and checking out the Sysinspector to look at it, and make sure you are clean. I think NOD32 is a great Anti Virus first, but malware like these fake AV variants are signature based. I have a copy of Spyware Doctor I bought, and use the free scanners. What ESET does not find I send in to them to help the fight and help improve NOD32. Threatsense does a good job sending data back to their labs a lot..
     
  8. Batus

    Batus Registered Member

    Joined:
    Aug 10, 2008
    Posts:
    19
    I'm a little confused about v. 4...which I was unaware of till yesterday. I thought that NOD32 automatically updated me to the latest version, but I guess this isn't the case. When I renewed my license last month, I downloaded NOD32 again (was given this option), but didn't re-install it because I thought I already had the latest version. Was this v. 4? I assume v. 4 is free to any licensee. I'm going to follow your suggestion about Systinspector. Sounds like a good idea. Thanks for the input.
     
  9. bradtech

    bradtech Guest

    There are new clients that come out often with fixes to things people send in to eset to fix. If you highlight your mouse cursor over the Eset icon in the system tray in the far lower right it will give you your Client Version (4.0.424) and version of the virus definition. It's best to look in from time to time to see if they have released any new client versions.


     
  10. Batus

    Batus Registered Member

    Joined:
    Aug 10, 2008
    Posts:
    19
    My client version is 3.0.642.0. I found the ESET download location for v. 4.0.424. It asks for licensee username and password...but I get the following warning:

    "The server download.eset.com at ESET NOD32 Antivirus requires a username and password.

    Warning: This server is requesting that your username and password be sent in an insecure manner (basic authentication without a secure connection)."

    Is this something I should be worried about; I don't want to compromise my username and pw.
     
  11. bradtech

    bradtech Guest

    No, it is normal to have to enter it there in order to download it, and then enter it again for updates.
     
Thread Status:
Not open for further replies.