Jump to content

illumination

Members
  • Content Count

    24
  • Joined

  • Last visited

Everything posted by illumination

  1. Just came in this morning and broke the scanning and detection of connected home.. I uninstalled, restarted the device and reinstalled and it fixed it, but wanted to bring this to your attention, as there are those that will not think of this, and will be disappointed that it is not detecting their devices. Other then, keep up the good work Eset, love the mobile version.
  2. One of you users will need to do as Marcos asked and generate a zip archive, upload it to a safe place and send it to him via PM so they can "confirm" if it is a false positive or not.
  3. If you are looking in quarantine and finding items, and then seeing the original files still intact on the system, those files have been disinfected. With Eset, i have yet to find a false positive, but one can usually tell if they find an entry in quarantine and the application it belongs to is now broken/corrupted, will not launch ect. The user can always upload the file to Virus Total to cross check its validity, or they may if they wish to pursue it further, upload it to an automated sandbox malware analysis site to analyze it further. Unless you find something broken on the system, it is s
  4. What they are trying to state here is, that when Eset disinfects/deletes the original file, it places a copy of the file in quarantine, so if the original file disinfected or deleted turns out to be a false positive, it can be restored from quarantine. Not only can it be restored from quarantine but the options are there to restore/restore and exclude from further scans/ and to delete it from quarantine. If the file is not a false positive the user can simply delete it from quarantine and move on.
  5. The above underlined, is exactly what "interactive mode" in hips is for, to allow the user to pick/define the rules. As for the average users, most of them could care less about how their product works, and will not spend the time to learn it. This goes for all products. Most of them will not even attempt a manual scan, or update, they just want to use their computers with no inconvenience. None of the top name AV's hit 100% with zero days, as they simply can not. New samples/modifications come out daily in large amounts, they need to be seen in the wild before the AV indus
  6. @ Neil Tsakatsa First i would like to state you should edit this post of yours and remove your email address from it, it is never a good idea to publicly post your personal credentials... Secondly, a "PM" is a "Personal Message". Click on Marcos name, and it will take you to his profile, then click "message".
  7. To rely on signatures is a very serious mistake. None of the AV's on the market can keep up with zero days and signatures, submitting a few here and there on a daily basis helps, but it is barely scratching the surface when it comes to amount of new/modified files showing up daily. To be concerned if whether they are added the first day or 5th day they are in the wild and so forth, is a waste of energy. This is why most suites/AV's have extra modules. As pointed out earlier in this thread, if the HIPS is configured correctly, it will stop this file. Also most of us have removed and or stopped
  8. Your on the right track, there is more to Eset then just signatures.
  9. The only way to narrow this down, as obviously Eset is not causing everyone's systems to be slow or this thread would be full, is to as stated above, send the requested logs so the Developers and support of Eset can look and establish the issue. This could be anything from a corrupt OS/ 3rd party software/left over files from a previous installation. One thing that stands out when users mention running Eset, is how light n fast it is, so to have this issue no matter version you are running, tells everyone, there is an underlying issue.
  10. Thank you for the reply. I was wondering actually if there was a more transparent changelog available, such as what "various internal bugs" were fixed ect.
  11. Version 11.0.149.0 updated via internal updater this morning, required a restart. Update was smooth as could be, no issues to report, but was wondering if a more transparent change log is available.
  12. 1. I have put EIS through the ringer for months on end in a Virtual machine, do I trust it, Yes, Yes I do. 2. As of right now, still on the fence with this question, but time will tell.
  13. As of now, I run Appguard combined with EIS just for this very reason. The vulnerable services are disabled by AG on my system via wildcards. It would be nice to not have to use multiple products to do this.
  14. By my mentioning verifying samples as I suggested above a few times, providing hashes is one method. For these amateur "tests" the tester can use free tools such as PeStudio which will provide "File Indicators" among other information per sample as well which can be done in the video with a simple screen shot of each file, of course like the hashes, will take a little time if they are trying to push through 200 to 300 samples or better of clustered sample packs. Vendors not only need access to samples to verify, but samples missed need submitted to be analyzed and processed as well.
  15. This is why I mentioned having an actual real email account to test emails from, and or leaving realtime enabled while downloading samples from various sites, as these methods are how malware are realistically introduced to the system and of course test products how they are actually designed to function. While I'm not a professional tester by any means myself, methods can be used to simulate realistic scenarios. Samples executed from the desktop, still have their place, at least as far as removal media is concerned. Testing statically is pointless with old samples. Using older, wider variety
  16. 1) I did not say you were banned, I said you left after being told you could not advertise there any more. Do you deny spamming the forum with profile statuses and post asking how to quickly build your youtube channel with followers? Do you deny asking the other youtubers how to get built up quickly, do you deny discussing with a staff member possibilities of making money from the channel that you learned of from another youtuber. Do keep in mind, I was a staff member there when all this took place. 2) Both Malshare and Hybrid analysis only provide single samples not sample packs of 300
  17. Thank you for the warm welcome. I am glad to be here.
  18. This is one I have not looked into, but have book marked it and will look into it later tonight, thank you for sharing it.
  19. Hello everyone, I am known as illumination through out the internet. I am a security enthusiast that has logged many hours in a VM testing malware/Betas over the last few years. I have for the most part slowed down doing so, generally testing for my own personal needs now. I have come to this forum as I want to keep up on changes/issues with Eset. After all my testing of different products, it has become my favorite security suite and one that now guards the entry to my Network and all my devices on a permanent basis.
  20. Exactly, and even these professional testing centers have disclaimers to take their results with a grain of salt as they may or may not be exactly accurate. Real world testing that includes the "mark of the web" ect is definitely a more accurate painting of the whole picture. When testing for example, I have 3 email accounts, one for personal, one for product licensing and forums, and one strictly for spam collecting for testing. What happens when you open that email that has one link titled "Website" and an invitation to click it while running Eset, once clicked, Eset jumps
  21. 1) You used to be a member of a security forum, that you were spamming and asking how you could gain many followers quickly on youtube. You left said forum because you were stopped from advertising. You connected with other youtube members and were discussing revenue from youtube. 2) I do test security products and have for a very long time, I use multiple resources to do so, and recognize those packs from Virussign you have been using, as I have used some myself, and from doing so, I know they are not fresh samples, just a wider variety of, which is why I use them sometimes myself perso
  22. That is a good question, as I do not ever use scheduled scans, but run on demand scans when my system has down time to do so. Upon looking, I see no option to do so.
  23. I would not take this tester above seriously in any way shape or form. He is concerned with YouTube traffic and not testing correctly. First I should mention, he likes to claim the use of zero days, anyone with any experience testing will know instantly, that these samples are far from this. They are collected from Virussign in sample packs, file extension renamed, and normally he renames the files themselves. He does not vet the samples for working/broken or legitimacy nor does he vet the samples for age and detection. He does not take the time to learn the product, how it functions and works
×
×
  • Create New...