Jump to content

SeriousHoax

Members
  • Posts

    201
  • Joined

  • Last visited

  • Days Won

    4

SeriousHoax last won the day on May 11 2020

SeriousHoax had the most liked content!

About SeriousHoax

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Bangladesh

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Yeah, you are right on this I think. LiveGrid will be updated in case of blacklist, but it doesn't seem keep a whitelist of safe files. Not for all files maybe but for many files out there. Like the 7zip example I gave above. It's totally unnecessary to send files like that to LiveGuard. Maybe ESET should keep a hash based whitelist for some similar trusted files to not submit. Those file's activity will still be monitored by other local protection features, so it shouldn't be a problem.
  2. One thing that I don't like about LiveGuard is that it seems to send every new file created on the device to LiveGuard upon execution. Even if it's an old, trusted and safe file. As you soon as I try to execute a new file that wasn't on my device before, ESET sends that to LiveGuard. Eg: If I just extract a newly downloaded 7zip installer from a zip file where the installer exe is trusted by literally every AV, as soon as I execute it, it gets blocked and submitted to LiveGuard for analysis. What's the point of this? A ESET's reputation check shows that the file is old with reputation status being Fine & green and the number of users is also high with a green mark. ESET should feed from this LiveGrid status and determine that the file is trusted, whitelisted and not necessary to submit it to LiveGuard for analysis. This alone would massively reduce the load on LiveGuard's server. This type of unnecessary submission needs to be avoided. Kaspersky and Norton makes use of their cloud reputation appropriately, which is something ESET is not doing here. The LiveGrid reputation should mean something. The LiveGrid and the LiveGuard combo should communicate with each other to determine what needs to be submitted and what not. Otherwise, LiveGuard servers are going to be bombarded with excessive unnecessary submission. Unnecessary submission is going to annoy even expert users.
  3. This is similar to Avast's (and AVG) CyberCapture feature, which is available even in the free version. The difference is that cybercapture is dependent on the Mark of the Web similar to Microsoft's Block at First Sight feature, while it seems with ESET it's for every file that is not known to ESET. So this is a nice feature and a good addition. But I can't really justify the decision to not include it in the Internet Security version. ESSP is ridiculously expensive. LiveGuard should've been made available to both EIS and ESSP.
  4. Is there any image/video demonstration of how this new LiveGrid feature works on ESSP?
  5. AMD says that they'll release an update to fix the issue within this month, so that's good. I've been using Windows 11 since July. It has some annoyances and missing features, but overall it's basically Windows 10, so everything is running fine for me. I did a fresh installation on October 5th of the stable build. I see that VBS is turned off on my device. I'm not sure if any Windows or AMD driver update turned it off or for some reason it wasn't on for me by default. VBS seems to be the main culprit behind AMD's performance drop so happy to have it turned off for now.
  6. Does task manager not show what process is using 99% of the disk?
  7. Yes exactly. They are very sensitive about false positives and this is why they falling behind. Some other products are doing well in this regard while maintaining low false positives.
  8. Still that's not good enough. Maybe we could ignore if it was one or maybe two. But 7 ransomware miss at the time of testing is a huge number. It shows again what the OP suggested that ESET's ransomware shield is very bad and almost not effective at all. ESET needs to improve.
  9. Sadly this has been a known weak point of ESET and hasn't been improved it seems. Even in the last MRG-Effitas test, ESET missed 7 ransomware which is the worst result by far in the test. ESET is very weak against ransomware. https://www.mrg-effitas.com/wp-content/uploads/2021/05/MRG_Effitas_360_2021Q1.pdf
  10. This is not a solution to your problem but I think you should put the allow rule above the block one for Macrium. For firewall, the rules on top gets prioritize over the bottom ones. The same is probably true for HIPS. I'm not sure though so correct me if I'm wrong.
  11. This is common for Windscribe VPN to do this. You have to allow it if you want to keep using Windscribe. They use IKEv2 protocol by default, and it needs to temporarily modify the host file for that reason. It restores to the previous state when you disconnect. Also, this must be new for HIPS smart mode. I have never seen this before. Instead, I had to create my own rule to monitor host file modification. So I don't think this happened cause the VPN was updated recently. It's probably because ESET updated their HIPS Smart mode rule.
  12. You are right, but that didn't happen anymore when I reinstalled again a month later. The error logging issue is still common though for everybody if WMI is scanned. I also saw ESET's initial scan is scanning WMI. It shouldn't do this until something can be done to fix it.
  13. Can't something be done about this WMI error? I have been waiting for a few months for an update for ESET to fix it, but it hasn't happened yet.
  14. Nice one ESET 👍 Well said. I shared this in another forum and used this line.
×
×
  • Create New...