ESET is not detecting the my security shield

I am having a problem with eset not detecting in real time the my security shield trojan . ESET lets the program install itself and will only remove after its been installed. The only thing that actually protected these machines is that they are public machines and are not running as admins.

This is getting very annoying. we are paying for this software and its not doing its job.

 

Hello majortom1981,

Can you please submit the sample to the ESET virus lab?
http://kb.eset.com/esetkb/index?page=content&id=SOLN141

Thank you,
Richard

 

Next time iget one i will send it in . I deleted all the files .

 

One of our system got hit by this as well. I had to go into safe mode and use various tools to remove it. I submitted the files to ESET. Our signature files is 5453

Thanks.

 

I just got blasted with this today too. Sigs 5456.

 

It seems that the best plan to avoid this is to disable pop-ups and disable javascript in the browser. The user can still override this, but it can help.

 

Yeah my user said she was looking for a picture of "Charo" and when she clicked one of the pics she got this thing near instantaneously. ugh.

 

That's the rub. So much stuff that people want to look at requires javascript and they just have to look at it. Even if they have javascript disabled, they may temporarily allow javascript for that purpose. Then they get hit. Social engineering still works, unfortunately.

 

Your Oprating System is ? | Your default Browser is ? | What security software do you have installed, if any ? |

 

Not necessarily during installation
The detection is triggered when viewed harmful files.

 

Hey,

Like some of the posters have pointed out, start using a different browser from IE. If you have to stick using IE [ be it version 7, 8 or else ] disable JAVA SCRIPT. Unfortunately Java Script is a necessary evil when you browse the Internet. Even here, at Wilders if you don't allow the use of Java Script in your browser you can't sign in to post.

By using Firefox 3.6.10 alongside with NoScript extension I have been able to browse the Net without seeing a single fake pop-up falsely stating that “My Computer is Infected”.

I have tested this combination [ Firefox + NoScript ] against the evilly famous: Eleonore, Phoenix, Siberia, Fargus, CrimePack, Seo exploit KITS [which happen to exploit simultaneously Adobe Reader, Java Runtime and Adobe Flash ] without any adverse results unless, of course, I right click on the page and instruct NoScript to allow those pages to run Java Scripts in my browser. Otherwise they are not able to exploit any vulnerabilities and deliver their playload [ A Trojan, like Zeus , a Fake AV or the Rootkit TDSS ].

I would suggest you to give it a go [ FF + NoScript ] alongside with Sandboxie.


Regards,


Carlos