ESET is not detecting the my security shield

Discussion in 'ESET NOD32 Antivirus' started by majortom1981, Sep 13, 2010.

Thread Status:
Not open for further replies.
  1. majortom1981

    majortom1981 Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    4
    I am having a problem with eset not detecting in real time the my security shield trojan . ESET lets the program install itself and will only remove after its been installed. The only thing that actually protected these machines is that they are public machines and are not running as admins.

    This is getting very annoying. we are paying for this software and its not doing its job.
     
  2. Rmuffler

    Rmuffler Former Eset Moderator

    Joined:
    Jun 26, 2008
    Posts:
    995
    Location:
    San Diego, CA USA
  3. majortom1981

    majortom1981 Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    4
    Next time iget one i will send it in . I deleted all the files .
     
  4. ramirez1

    ramirez1 Registered Member

    Joined:
    Sep 15, 2010
    Posts:
    30
    One of our system got hit by this as well. I had to go into safe mode and use various tools to remove it. I submitted the files to ESET. Our signature files is 5453

    Thanks.
     
  5. RyanW

    RyanW Registered Member

    Joined:
    Nov 9, 2009
    Posts:
    77
    I just got blasted with this today too. Sigs 5456.
     
  6. rcdailey

    rcdailey Registered Member

    Joined:
    Dec 25, 2009
    Posts:
    233
    It seems that the best plan to avoid this is to disable pop-ups and disable javascript in the browser. The user can still override this, but it can help.
     
  7. RyanW

    RyanW Registered Member

    Joined:
    Nov 9, 2009
    Posts:
    77
    Yeah my user said she was looking for a picture of "Charo" and when she clicked one of the pics she got this thing near instantaneously. ugh.
     
  8. rcdailey

    rcdailey Registered Member

    Joined:
    Dec 25, 2009
    Posts:
    233
    That's the rub. So much stuff that people want to look at requires javascript and they just have to look at it. Even if they have javascript disabled, they may temporarily allow javascript for that purpose. Then they get hit. Social engineering still works, unfortunately.
     
  9. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Your Oprating System is ? | Your default Browser is ? | What security software do you have installed, if any ? |
     
  10. toxinon12345

    toxinon12345 Registered Member

    Joined:
    Sep 8, 2010
    Posts:
    1,200
    Location:
    Managua, Nicaragua
    Not necessarily during installation
    The detection is triggered when viewed harmful files.
     
  11. Zyrtec

    Zyrtec Registered Member

    Joined:
    Mar 4, 2008
    Posts:
    534
    Location:
    USA

    Hey,

    Like some of the posters have pointed out, start using a different browser from IE. If you have to stick using IE [ be it version 7, 8 or else ] disable JAVA SCRIPT. Unfortunately Java Script is a necessary evil when you browse the Internet. Even here, at Wilders if you don't allow the use of Java Script in your browser you can't sign in to post.

    By using Firefox 3.6.10 alongside with NoScript extension I have been able to browse the Net without seeing a single fake pop-up falsely stating that “My Computer is Infected”.

    I have tested this combination [ Firefox + NoScript ] against the evilly famous: Eleonore, Phoenix, Siberia, Fargus, CrimePack, Seo exploit KITS [which happen to exploit simultaneously Adobe Reader, Java Runtime and Adobe Flash ] without any adverse results unless, of course, I right click on the page and instruct NoScript to allow those pages to run Java Scripts in my browser. Otherwise they are not able to exploit any vulnerabilities and deliver their playload [ A Trojan, like Zeus , a Fake AV or the Rootkit TDSS ].

    I would suggest you to give it a go [ FF + NoScript ] alongside with Sandboxie.


    Regards,


    Carlos
     
Thread Status:
Not open for further replies.