Just a thought about being hit by malware

Today was my laptop hit by malware, no big deal. Thousands are hit every day, so no pity for me. I have Ess 4.2.64.12. I was surfing the net to find a Canon camera a gift to myself when I was hit by, Trojan: Win 32/Meredrop.
Eset didn't not catch it so it slipped by the defense . I have had Eset for a couple of years now and have always been and still are a satisfied user whit ESS 4. I found the malware in the task manager laughing of me. My ESS configuration is always on max settings. I did by the way. manage to block the Trojan from getting out, because I have Interactive firewall settings. After a deep scan it found nothing . So I downloaed Malwarebytes and MSE, both found the Trojan. I really think that that Ess need an extra layer of defense. Yes it could be A host intrusion prevention system (HIPS). But with that come a million popups. Another solution could bee that any files that Ess do not know (by a whitelist) is classified untrusted, and and put it in a secure folder. The idea is not mine, but is coming from Kaspersky. I just think that Ess really really need a extra layer of protection, when the Virus definitions is not enough. And Yes I do know that, nothing is 100 procent bulletproof all the time.
Best Regards to all

 

May I suggest the extra layer that I use. IObit 360 (free version) works perfectly with Eset Smart Security. 360 offers live protection and it works with little or no signs of drag.
KOR-

 

For best protection against malware/viruses or what-not, I believe we should have layering. Good thing you've setup your ESS Personal Firewall on Interactive mode.

 

You can also install/enable Windows Defender. It has detection of Meredrop family + others. It will serve as second opinion security scanner.

 

Hi,
Your post has interested me, I went to the IObit website with thoughts of getting that program.

Could I get it, no way. I was sent to Major Geeks but the file does not show,
I tried it in my 3 browsers, Opera, Firefox and Windows Explorer. I must have spent about 30 minutes to try to get it but I had to give up.

I have ESET Smart Security and SUPERantispyware, would that do the job or would IObit360 be better ? There are that many of these programs its hard to know which is the best for a purpose.

 

It's rare to see "Got a malware attack - Fix-it" posts that do not mention both SuperAntiSpyware And MalwareBytes Anti-Malware.

I use both in Paid versions with ESS and have no complications amongst the three.

 

Hi cosmos,
Although I did not mention it I also have Malwarebytes.
I removed it as I had thought it would be overkill.

I really do like those 3 programs, I'll maybe think again of Malwarebytes and install it.

ESS
SAS
Malwarebytes
The perfect combination ?

I would have liked to get the IObits 360 (free version) program, but its not to be.

 

Thank you to all for the good advices . But it is somewhat fustrating to paid for a product that should cover nowadays threats, and then have to download a freeware. Yes I no maybe I am naive.
So many Eset Users have been giving a tons of Ideas, but no feedback on the Ideas, on what way Eset will go. Most people agree that even a Super top-tuned virus/malware database and algorithms is not always enough.
Yes I do know that Eset cannot give feedback on every good suggestion, but just a little feedback instead of one way communication, would be so nice. Which Ideas can Eset user from its supporters.

Best Regards to all.

 

Unfortunately that is the case for all the AV software currently in use as none can protect the user @ 100%
It is the user that becomes the critical link and buck stops there. Keeping the computer updated, blocking scripting for all sites except Trusted ones, and keeping abreast of dangers on the net and how to negate is what matters and makes the difference.

 

Hi, if you don't mind ...

1. Do you use the WOT extension with your browser or do you use surfcanyon for your search?
2. Does the DNS you use claim to safeguard against malware?

 

It looks as if MajorGeeks have some kind of a glitch showing all of there downloads. Check them out later today and let them fix their display problem.
KOR-

 

Actually these extensions has become increasingly necessary for safe navigation, here I use the WOT + McAfee SiteAdvisor + Norton DNS. Guaranteed protection and without any impact on the Internet nor system.

 

http://majorgeeks.com/downloadget.php?id=6088&file=15&evp=5918647a8ed413bd6c60abd240a68891

http://majorgeeks.com/downloadget.php?id=6088&file=9&evp=5918647a8ed413bd6c60abd240a68891

http://majorgeeks.com/downloadget.php?id=6088&file=14&evp=5918647a8ed413bd6c60abd240a68891

I copied 3 mirrors for iobits 360 from majorgeeks... Hope it helps you.

 

I would personally stay away from Iobit and go with MBAM + Windows Defender with maximum protection via SpyNet set at advance and all options on high.

 

The Iobit stole the database of MBAM, do not trust this company.

Best Regards.

 

I wouldn't trust them just because I have never heard of them

 

I vaguely recall IO taking that from MBytes.

Having had no success with dloading IO I remembered that I had the paid for version of Malware Bytes so I installed it.

I had a lot of problems with my PC and eventually got it sorted, I had forgotten about MBytes.

I have got the download of IO, I will take a look at it of course.
Seems there was a problem with Major Geeks yesterday.

Many thanks to all of you.

 

Perhaps you'd like to consider a near foolproof but somewhat more complex setup that I have found to be quite useful- these days I would regard antivirus software as a deterrent, not even a defense against rapid releases of malware and polymorphic variants.

1. You can run an OS virtualization tool such as Windows Steadystate (free for Windows XP/Windows Vista). Basically what this tool would do is to create a layer of isolation between your OS installation and your operating environment. It does not cause any noticeable lag.

2. Depending on how you configure it (discard on reboot/discard on schedule), all changes can be flushed (deleted) from the C: Drive automatically.

3. You can save your data to another unprotected drive location such as D: or an external drive.

4. If you get hit by malware, all you need to do is to preform a discard of changes from C: drive. You OS is completely unaffected. You only need to perform a scan of your data drive using NOD32 to remove any other traces of malware.

5. You don't really have to run any other antivirus software (maybe just NOD32 as a defense layer). Remember for every protection software that you add, (even DNS malware protection) - it adds some delay; your requests have to be checked against a blacklist/whitelist.

Caveats:
- You can only use Windows SteadyState for free if you have a genuine version of Windows XP/Windows Vista. If you're running any other version of Windows (including Windows 7) or you fail validation, you won't be able to use Windows Steadystate.
- All changes to the OS (including desktop icon settings/program installations) will be discarded when you choose to discard changes. This is not suitable for you if you frequently change settings/install programs.
- It will not protect you from a virus that is designed to corrupt your data. Unless you have backups, the virus will be able to do un-repairable damage to your data (since it is unprotected).

 

Hey Hollowstriker
Its a interesting approach to a alternative protection of a system
It will be something I will consider. .... My platform is Windows 7 and all of my programs is Genuine, so on that front I am a little bit Conservative.
Thank you advice/idea.

Best Regards to you Hollowstriker.

 

Is that much protection really needed?

 

Hello Tonpumper
With ESS 4 I think your quite safe the 99%of the time. My point in my earlier post was also that I thought that Ess 4 was missing a ekstra layer of protection, for malware there not yet had been detected. Beside that it always a good idea to have a second opinion for a suspected malware attack.
It could be Hitmanpro or malwarebytes. Another suggestion to a alternative protection of a system could be shadow defender a little neet program.

Best Regards to you

 

Another suggestion as a "Layer" of protection would be Sandboxie.

http://www.sandboxie.com/