Jump to content
Sign in to follow this  
rgs80074

real time protection failure

Recommended Posts

hello everyone

i have super antispyware pro and i've always liked it becasue of the real time protection not that in all my years of computer use i've only had maybe 5 occurrences of viruses or Trojans.

two of those has occurred within this week and teh real time protection has failed to detect or protect from either of these. its been the same virus each time.

about four days ago it the win 7 2011 virus hit me for the first time, (ive worked on other people's pc infected but never my own).

i was not even browsing the web when it happened, i did have firefox open to a website work uses for a paging system to monitor what was being paged and i was working on an excel file then it hit out of no where, the website i was on refreshed automatically every 5 mins but other than that no active surfing was being done.

while i was able to use a few things and get my pc free of the virus it had a lasting effect on changing a setting somewhere that caused my vpn not to work becasue it could not set up ip filtering. after trying to figure that out for a couple of hours i just reformatted my pc and started fresh again.

then today just before this i was actually surfing the web but not to any site that i don't go to on a daily basis anyways so they've all been safe for all this time so i am at a loss on how i got it again so quick after the first time.

but in either of these instances did the sas real time protection stop the virus, it didn't even protect the browsers home page either.

has anyone else had any experiences like this with sas's real time protection failing. to my knowledge this is the only two times it should have done anything (no logs ever on occurrences) and both times it failed so i wonder what i paid for over the free version as the real time protection seems to offer a false sense of security.

if anyone could offer any advise that would be great.

thanks

ryan orlando

Share this post


Link to post
Share on other sites

Yes, that is the Security 2012 trojan, and mine (last Thursday 15th) also dumped a rootkit on me, Rootkit.Win32.ZAccess.aml. Last year I got the 2011 version while running pro with real-time protection, contacted the company and they seemed to feel it was not unusual to get infected while running SASpro. But I'm amazed they fell victim to it again this year. I feel like I'm walking down the street naked, and they haven't even read my trouble ticket yet.

So it was 4 days that I was unable to reply to emails or pay bills online due 15th!

For what it's worth, here's how I cleaned up my machine: http://www.bleepingcomputer.com/forums/topic433286.html

Maybe it could help you.

Share this post


Link to post
Share on other sites

There are new variants of this malware coming out all the time, if we don't have a definition for it at the time of infection, it won't be blocked in real-time. If you update your definitions today and run a complete scan you may find that it will be removed. If not, create a ticket at www.superantispyware.com/csr and I will send you a diagnostic. We do our best to detect and remove every threat. but it is a very uphill battle, not just for us but every anti-malware company. On one day one program will detect something that another does not and the opposite on a different day, which is why we recommend using multiple security applications and stressing that no one solution is ever enough. We stand behind our product and will continue to find ways to improve our detection and removal, but as you have seen sometimes things will slip by (and this is true of all anti-malware solutions.)

Share this post


Link to post
Share on other sites

i understand this but if something is real time shoudln't it catch something that it don't know regardless of if there is a definition. i mean obviously is knows when something isn't normal whenever i update a program and now i can't remember what one it always gives a false positive,

but i assumed it was catching it becasue it was trying to both install and change stuff which this virus has been doing. if it should protect the files and such i'd think it should stop anything if it seems odd and ask for permission.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×