infection totally missed by ess

had a infection totally missed by eset a trojan. had my credit card web sites passwords stolen and they changed my mailing address' etc.. i always once a week run a scan with malware bytes and hitman. and hitman showed this up. ess scanned right over it.

sadly i guess i have to much faith in ess i still like it and i know its not 100% but eset was one of very few that missed this on virus total. i did submit it to eset but still a bit upset it was missed. i formatted and reinstalled a fresh copy of windows etc. so i no longer have the file and as i said i already submitted it. im going to see what will run and play nice along side eset but this all happened in one day with no notifications and i run scans daily with ess. honestly not sure where it came from either since i dont go to not so nice places and am VERY careful with this system as to what goes on it.

 

Sorry to here that.IMO you may want to consider adding like Sandboxie to your browser sessions and set it to auto delete its contents on browser close,then start a new browser session before any sensitive data transaction or set up different sandboxes for different tasks.Of course as you know this will not prevent infection for anything intentionally installed on the drive.

Also Maybe Malwarebytes real time would suffice along side ESS.

 

Hi zfactor.

Indeed it's sad to hear that you got infected due to a miss by ESS
I mean it's not like you are a high risk user if you know what i'm saying.

And yeah I also think that ESS would have been enough for a user like you but like you said it's not easy to stay clean if you didn't notice from where that malware came from hmmmm... Sounds nasty

 

ya for sure not at all a high risk user. and i am VERY careful what goes on this system, which is what drives me crazy as to how it happened

 

Hi zfactor

I strongly recommend that you use Secunia Personal Software Inspector. Most of these infections came from out of date software, browser plug-ins, not installed Windows Updates, ...

What also can help is enable HIPS in interactive mode in Eset Smart Security. So you can block potential malicious behavior. The only problem you might have is the amount of pop-up's that you will receive to allow or block a certain action. You need also to be very careful what to block or not. So sometimes you need to use a search engine to know what is happening. If you see that a strange executable is trying to put itself in the registry, system folder you can block it. I mean for example a1ce856ddg.exe.

Using a sandbox is also a very good suggestion.

Regards
Niels

 

i update every software to the latest, use no plugins at all on this system as i said this is a system only used for things like purchases etc and windows 7 is 100% up to date.

i am going to give eset's hips a try but until then i am sandboxing my browsers now

 

I dont run any real time Anti Virus on windows but AppGuard and Full time Virtualization with Shadow Defender just in case and HitMan Pro to keep a eye on things with monthly scans.

 

I feel your pain. I really hope Eset will fix this problem very soon so something like this won't happen again

 

Is there actually some security software that guarantees 100% malware detection with no or very few false positives? It is a matter of fact that new malware emerges on a daily basis and that the authors focus on evading detection by tweaking the code until it's undetected by the security vendors they focus on.
Zfactor, please pm me your email address or the subject of the email you used to submit the sample to ESET, or MD5/SHA1 hash of the sample so that I can look it up on files.