Azure Phoenix
-
Posts
50 -
Joined
-
Last visited
Posts posted by Azure Phoenix
-
-
Quick question since I was curious.
@senna What is your opinion about http scanning? Since I feel the argument you have made can in part apply to it as well.
-
Were you able to resolve the issue? There was a report of BSOD at the Adguard forum.
The poster stated to also use ESET.
-
Do you use Adguard alongside ESET?
-
3 hours ago, BALTAGY said:
I think it's a good idea to give an option to turn off the alert since some users use another programs to do that part
Also AdGuard have a windows version that check HTTPS too
Btw, AdGuard should be compatible with ESET’s HTTPS scanning
From AdGuard version history
version 6.1.331.1732
[Fixed] Compatibility with KIS/ESET #1565
Adguard used to have compatibility issues with such antivirus software like Kaspersky and ESET. Users had to seek for compromises: disabling SSL scanning in antivirus, disabling WFP driver or even HTTPS filtering in Adguard. The core of the problem was the WFP network driver incompatibility, and we had had plans to develop a new driver for what now seems like an eternity.
We'd already claimed to have this fixed in the previous releases, but things turned out to be more complicated. We've come through countless iterations, test builds, and driver updates, and now we are confident enough to say that this time the problem is fixed for real. No more BSODs and other funny stuff when you run Adguard alongside with KIS or ESET.
-
@MarcosSo, no one know for certain if it can?
-
1- https://www.infosecurity-magazine.com/news/security-of-html5-may-not-live-up/
"One of the most problematic characteristics of the way in which HTML5 malware is delivered, Olson said, is that it is taking advantage of “obfuscated code” populating HTML5 ads. This obfuscation, he said, is “like a kind of encryption,” used by many legitimate developers to keep their software tricks from competitors.
But that “makes it extremely difficult to understand” and to find the delivery mechanisms used to carry the malware."
-
You can do the following:
Setup > advanced setup > firewall > advanced > IDS and advanced options > allowed services > Allow Metro applications
-
Would the following be applicable in this case? Exporting settings before reinstalling or is it not recommended to do so?
-
Windscribe
-Free for Windows OS and iOS. Unlimited devices
-Free offers 10gb which resets every month.
-You can find vouchers on giveaways to increase it to 50-60 gb
- You can also find good deals for a lifetime license.
- They also offer an extension with adblocking and tracker blocking
Here you can see comparisons between Windscribe and other well-known VPNs
https://windscribe.com/promo/compare
Which one I wouldn't use?
- Hotspot Shield
-
20 hours ago, cyberhash said:
70/100 on one and 0/68 on the other , makes no sense
Both services work differently, according to the developer.
https://malwaretips.com/threads/are-hybrid-analysis-reports-trustworthy.45002/#post-385766
-
My point was that, it is perfectly reasonable for a user to discuss a test if that was the point of the topic. In the end that means that people will compare the results among each vendors, because well that was the point of the test, wasn't it?
-
2 hours ago, itman said:
In regards to @TomFace posting about forum rules:
I believe this rule pretty much covers these never ending Eset vs. MSE/WD AV Lab test results postings.
If one wants to complain about Eset's ranking in a lab test - fine. Leave other products tested in the comparative out of the discussion.
If an user isn't allowed to discuss ESET's results then moderators might as well remove every single AV testing thread. Be it professionally, like AV-test, or not like YouTube testers. That would be fair.
Guys, do remember that not all criticism is bad. I can understand you all like ESET and believe those people do so as well. They want ESET to be the best it can be.
Internet trolls do exist. But just because someone says something you don't agree with doesn't make them a troll.
-
9 hours ago, John Alex said:
whose first post?
From this thread
https://forum.eset.com/topic/14195-hips-doesnt-block-unknown-keyloggers/
-
2 hours ago, John Alex said:
No, in "Smart Mode".
The first post says "I am amused that Smart Security didn't block it. I've set HIPS mode to interactive"
-
Improve compatibility with SUA accounts.
Discussion (And how reproduce issue): https://forum.eset.com/topic/12197-is-eset-compatible-with-standard-user-accounts/?do=findComment&comment=61708
Thanks
-
On 6/17/2017 at 2:35 PM, itman said:
I don't have a SUA setup, so can't test.
I do run as local admin with UAC set to max. level. As such if Eset was triggering an UAC alert, I should be receiving one and never have on rules creation of any kind.
Believe the following setting is what is causing your issue when a SUA is used. Set it off and see if the UAC alert goes away. By definition, a SUA account shouldn't be modifying ESET settings in most environment's:
I don't have ESET installed so I can't test properly right now. However when I had ESET installed, I did disabled that setting to see if it helped. It didn't.
-
On 6/5/2017 at 7:15 PM, itman said:
For starters, Eset alerts have nothing to do with the built-in Windows UAC feature.
The problem you are having is that you are using Eset's "interactive" modes where applicable. These modes are designed to alert for any event that hasn't previously been detected and require user interaction to:
1. Allow or block the activity without creating a rule to remember the selected action.
2. Allow or block the activity and create a rule to remember the selected action. This will result in no subsequent alerts for the same activity.
Both the firewall and HIPS can be switched to a learning mode that will create corresponding allow rules for all activity for a predetermined learning period. After the learning period has lapsed, one can switch to interactive mode which will only alert for new activity.
Alternatively and recommended is to use Eset's default settings which are designed to minimize user alerts to only critical events that require immediate user attention.
Can you or anyone else do the following? Might be best to test on Windows 10 x64 Latest version to be sure.
1. Go to a SUA account
2. Make sure UAC is at default (Which should be "Always notify", the highest setting)
3. Get an alert from ESET either HIPS or Firewall
4. Click Yes on the alert, and make sure rules are created.
5. You should get an UAC prompt at that time. Click "No".
If I recall in this scenario, ESET states rules couldn't be created or something similar.
-
Currently, I'm not using ESET, but wanted to know the answer to this question. Is it possible to use ESET on a SUA account without UAC prompts?
Other security softwares, like Emsisoft, have no problem with configurations and rules on SUA accounts. However ESET (in interactive modes) constantly prompts UAC.
-
On 1/27/2017 at 10:30 AM, itman said:
Here's the original blog post: hxxp://robert.ocallahan.org/2017/01/disable-your-antivirus-software-except.html
My advice to Eset and the other major AV vendors is to start "reading the tea leaves" being dropped by Microsoft, Google, and Mozilla and realize you have become their "whipping boy" for all the defects in their products.
There is a solution to this. This solution will also greatly reduce your costs in the log run and generate considerable revenue. It will most importantly result in a more secure solution for the end user. The solution? Develop your own secure browser tightly intergrated with your particular security software. Then tell Google and Mozilla "to kiss your you know what ........"
Other AV vendors have already developed their own browser. Qihoo, though theirs is more aim at the chinese userbase. And Avira, which developed Avira Scout based on Chromium. Don't recall any others.
-
On 1/31/2017 at 7:42 PM, Nonadex said:
Just wanted to post an update, I have solved my problem. I use another software called Adguard, I had not realized that this blocked ads on HTTPS websites with its own filtering. Once I have disabled this feature, it works fine now.
Sorry for wasting people's time on this.
In case you weren't aware. A beta version of Adguard was released that apparently fixed the issue with ESET
https://www.wilderssecurity.com/threads/adguard-ad-blocker.342850/page-81#post-2648358
Though now users have to wait until it is deemed stable.
-
15 hours ago, itman said:
Please post a "sticky" in this forum and the NOD32 one that Eset's SSL Protocol scanning feature is not compatible with any other security software that does the same and list examples of such software e.g.
Ad-Aware Web Filtering
Adguard install version
NetNanny
etc..
The wording should state that either the software must be uninstalled or the HTTPS scanning option in the software disabled.
Also add such verbage to Eset's help documentation.
This will help in resolved issues with SSL protocol scanning in the Forums.
A beta version of Adguard was released that fixed the compatibility issue with ESET.
https://www.wilderssecurity.com/threads/adguard-ad-blocker.342850/page-81#post-2648358
" [Improved] WFP driver was updated to fix compatibility issues with KIS and ESET #1497
Previously, it was not unusual at all that Adguard would have compatibility issues with some antiviruses, and KIS and ESET being the most common ones. The workarounds existed but were far from ideal - you had had to sacrifice some parts of functionality on either Adguard or antivirus side. With updated WFP driver these conflicts will be no more, allowing users to run Adguard alongside with KIS and ESET. " -
New setting for firewall
Smart mode: Allows all connections from processes that LiveGrid determines as safe or fine. And prompts for those that LiveGrid considers unknown
Malware would easily avoid this by injecting into legitimate processes, such as svchost.exe.
But isn't automatic mode(default) also vulnerable to that?
-
New setting for firewall
Smart mode: Allows all connections from processes that LiveGrid determines as safe or fine. And prompts for those that LiveGrid considers unknown
-
I noticed that on my admin account if a disable the setting at setup > advanced setup > user interface > access setup > require full administrator rights for limited administrator accounts. Then I don't get UAC prompts if I change settings.
What I want to know is. Is it possible to make that setting work for Standard User Accounts on Windows 10? Cause even when that setting disabled I get UAC prompts when attepmting to change some settings
Note: UAC is at max in both accounts
Win64/Egguard.M Trojan
in Malware Finding and Cleaning
Posted
>Malwarebytes Anti-exploit premium
You mean the beta or the full suite?