Virus help

Discussion in 'NOD32 version 2 Forum' started by Ledsr40, Nov 30, 2006.

Thread Status:
Not open for further replies.
  1. Ledsr40

    Ledsr40 Registered Member

    Joined:
    Mar 6, 2006
    Posts:
    52
    Outpost today said that a newer version is available although there is none. It says that it's upgraded to 4.0 but the build is lower than that of the current build so it actually rolled back. Then I clicked update again it keeps downloading this 3mb update but nothing gets updated at all. I had to download the same thing and install and restart many times but it's still not updated at all. I uninstalled the program and re-downloaded the thing and now it works again. I scaned the computer for spyware and viruses with nod32, outpost, windows defender, malicious software remover and the computer is clean through all of the scans.

    Now did I get a virus to trick me to install it so that it disables the firewall?

    I do turn off the security programs when I'm running games, but I do disconnect from the internet when the security software are off. My question is it possible for some hidden virus to activate when the security softwares are off and then disables the software by altering their files so now nod can't detect the virus anymore?

    Thanks in advance.
     
  2. ASpace

    ASpace Guest


    No , you are not infected . It is not possible to have "such a hidden creature " that starts as soon as you disable your security programs . It has been an Outpost bug , may be
     
  3. Ledsr40

    Ledsr40 Registered Member

    Joined:
    Mar 6, 2006
    Posts:
    52
    Thanks, so there isn't a very very smart virus that hides from the IMON when passed into the computer and hides in the temp folder then when you turn off the AV it disables the AV by changing it's files and takes over your PC and when the internet scanners are scanning they also prevent themselves to be scanned thus all reports clean but it's actually infected without you knowing?

    So do security softwares have file protection measures that kind of protects it's files from being all disabled and manipulated?
     
  4. ASpace

    ASpace Guest

    Calm down . If NOD32 is enabled , updated and if on-demand scanners show no malware found , it is less likely to be infected . NOD32's AMON monitors all the files , you cannot have something "so special" that you describe ;)

    There are some nasties , called rootkits , that can hide from Windows (Windows API) and some security softwares cannot detect them . However , NOD32's recent version 2.7 has no such problems , itdetects all kind of files (even the hidden ones) .

    I cannot comment other programs but NOD32 has two files loaded in memory -> one is nodkui.exe (software interface - Control Center) and nodkrn.exe (the protection) . nodkrn.exe is running as a Windows service and without getting into details I can say that that means :
    - NOD32 loades early
    - NOD32's protection is protected . If something attempts to stop it , Windows will immediately load it again and you remain protected ;)
     
  5. Ledsr40

    Ledsr40 Registered Member

    Joined:
    Mar 6, 2006
    Posts:
    52
    So just by disabling AMON you can't disable nodkrn.exe, is that right?

    I just checked I still have Nod version 2.5, is it supposed to self update or do I have to do it manually?

    When I scanned the computer with nod, it does shows a list, although small, of files that it can't access though? It's error number 4, something about access denied or file is being used. I once had a page in the temp internet folder that is somehow locked, I emptied the folder so it's gone.
     
  6. ASpace

    ASpace Guest

    When you disable AMON , you don't disable nodkrn.exe , you just tell NOD "please , don't scan at the moment" . In the future you can try not to disable anything in NOD32 and see how it goes. NOD32 is may be the fastest scanner in the world . I have never heard of any slow downs in games . I'm sure other people here in Wilders can also confirm it :thumb:

    With default settings , yes , NOD32 updates itself automatically . You can check yourself by manually updating , opening Control Center -> Update and pressing Update now .

    Please , read the Sticky thread -> NOD32 Frequently Asked Questions https://www.wilderssecurity.com/showthread.php?t=150856
    The first one is for the Locked files -> nothing to worry about


    About version 2.5 , all ESET NOD32 users will auto-upgrade to version 2.7 in December so that all current clients use the latest version . However , version 2.7 was released in the middle of November . :D
     
  7. Ledsr40

    Ledsr40 Registered Member

    Joined:
    Mar 6, 2006
    Posts:
    52
    Ok, so that it didn't update to 2.7 when I clicked within the updating program is normal because I have to wait to december so so far I can only manually download it and install 2.7 right? So it's not a virus that nod didn't auto-update to 2.7 right?

    I'll download the new version now.
     
  8. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    You can update to 2.7 using NOD32 in a few weeks when the program component is available. But so far nothing has been released.
    And no, it's not a virus preventing NOD32 from updating :) You got the 1894 update right?
     
  9. ASpace

    ASpace Guest

    So far version 2.7 is available only in Elglish and Slovak.
    If you insist on upgrading to NOD32 version 2.7 , visit http://www.eset.com/download/registered_software.php , download the appropriate version , install it over the existing one :thumb:
     
  10. Ledsr40

    Ledsr40 Registered Member

    Joined:
    Mar 6, 2006
    Posts:
    52
    Yes, I do have 1894 today. I see, thanks then. I was worried that my computer has been compromised by some super smart virus that defeated the AV.
     
  11. ASpace

    ASpace Guest

    You are OK . :thumb: :D
     
  12. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    Everything seems to be in order then.
    I do, however, recommend that you get 2.7 for enhanced protection.
     
  13. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    There have been sporadic reports of problems from people who have upgraded early, that is prior to mid December. Perhaps he should wait as there may be a glitch or two to be ironed out.
     
  14. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    Hmm... No problems here, never had a problem with RC1 either.
     
  15. ASpace

    ASpace Guest

    Same here . Excellent built :cool:
     
  16. burf

    burf Registered Member

    Joined:
    May 12, 2005
    Posts:
    58
    For whatever its worth, I upgraded to 2.7 today.
    Quick, smooth, flawless update, over 2.5... no glitches on my end.
    All settings remembered.
    I'd recommend it, especially since you've been spooked lately, and it offers the added protection against rootkits.
     
Thread Status:
Not open for further replies.