Jump to content

SeriousHoax

Members
  • Posts

    201
  • Joined

  • Last visited

  • Days Won

    4

Everything posted by SeriousHoax

  1. Yeah, you are right on this I think. LiveGrid will be updated in case of blacklist, but it doesn't seem keep a whitelist of safe files. Not for all files maybe but for many files out there. Like the 7zip example I gave above. It's totally unnecessary to send files like that to LiveGuard. Maybe ESET should keep a hash based whitelist for some similar trusted files to not submit. Those file's activity will still be monitored by other local protection features, so it shouldn't be a problem.
  2. One thing that I don't like about LiveGuard is that it seems to send every new file created on the device to LiveGuard upon execution. Even if it's an old, trusted and safe file. As you soon as I try to execute a new file that wasn't on my device before, ESET sends that to LiveGuard. Eg: If I just extract a newly downloaded 7zip installer from a zip file where the installer exe is trusted by literally every AV, as soon as I execute it, it gets blocked and submitted to LiveGuard for analysis. What's the point of this? A ESET's reputation check shows that the file is old with reputation status being Fine & green and the number of users is also high with a green mark. ESET should feed from this LiveGrid status and determine that the file is trusted, whitelisted and not necessary to submit it to LiveGuard for analysis. This alone would massively reduce the load on LiveGuard's server. This type of unnecessary submission needs to be avoided. Kaspersky and Norton makes use of their cloud reputation appropriately, which is something ESET is not doing here. The LiveGrid reputation should mean something. The LiveGrid and the LiveGuard combo should communicate with each other to determine what needs to be submitted and what not. Otherwise, LiveGuard servers are going to be bombarded with excessive unnecessary submission. Unnecessary submission is going to annoy even expert users.
  3. This is similar to Avast's (and AVG) CyberCapture feature, which is available even in the free version. The difference is that cybercapture is dependent on the Mark of the Web similar to Microsoft's Block at First Sight feature, while it seems with ESET it's for every file that is not known to ESET. So this is a nice feature and a good addition. But I can't really justify the decision to not include it in the Internet Security version. ESSP is ridiculously expensive. LiveGuard should've been made available to both EIS and ESSP.
  4. Is there any image/video demonstration of how this new LiveGrid feature works on ESSP?
  5. AMD says that they'll release an update to fix the issue within this month, so that's good. I've been using Windows 11 since July. It has some annoyances and missing features, but overall it's basically Windows 10, so everything is running fine for me. I did a fresh installation on October 5th of the stable build. I see that VBS is turned off on my device. I'm not sure if any Windows or AMD driver update turned it off or for some reason it wasn't on for me by default. VBS seems to be the main culprit behind AMD's performance drop so happy to have it turned off for now.
  6. Does task manager not show what process is using 99% of the disk?
  7. Yes exactly. They are very sensitive about false positives and this is why they falling behind. Some other products are doing well in this regard while maintaining low false positives.
  8. Still that's not good enough. Maybe we could ignore if it was one or maybe two. But 7 ransomware miss at the time of testing is a huge number. It shows again what the OP suggested that ESET's ransomware shield is very bad and almost not effective at all. ESET needs to improve.
  9. Sadly this has been a known weak point of ESET and hasn't been improved it seems. Even in the last MRG-Effitas test, ESET missed 7 ransomware which is the worst result by far in the test. ESET is very weak against ransomware. https://www.mrg-effitas.com/wp-content/uploads/2021/05/MRG_Effitas_360_2021Q1.pdf
  10. This is not a solution to your problem but I think you should put the allow rule above the block one for Macrium. For firewall, the rules on top gets prioritize over the bottom ones. The same is probably true for HIPS. I'm not sure though so correct me if I'm wrong.
  11. This is common for Windscribe VPN to do this. You have to allow it if you want to keep using Windscribe. They use IKEv2 protocol by default, and it needs to temporarily modify the host file for that reason. It restores to the previous state when you disconnect. Also, this must be new for HIPS smart mode. I have never seen this before. Instead, I had to create my own rule to monitor host file modification. So I don't think this happened cause the VPN was updated recently. It's probably because ESET updated their HIPS Smart mode rule.
  12. You are right, but that didn't happen anymore when I reinstalled again a month later. The error logging issue is still common though for everybody if WMI is scanned. I also saw ESET's initial scan is scanning WMI. It shouldn't do this until something can be done to fix it.
  13. Can't something be done about this WMI error? I have been waiting for a few months for an update for ESET to fix it, but it hasn't happened yet.
  14. Nice one ESET 👍 Well said. I shared this in another forum and used this line.
  15. The forum has an option to enable dark theme? Where is it?
  16. No not this one. I mean ESET Endpoint product has full offline installer (160mb+ in size) containing all the modules till the day the installer was released.
  17. Is there anything wrong with ESET or its servers in general? In virustotal all ESET scans are resulting in "Timeout" https://www.virustotal.com/gui/file/b3f6fbb4f049d0a99d882495ebc6b0086936daffa4275f1d4e36927e6e8dc8c2/detection
  18. I did, but it's downloading the initial update extremely slowly. 3 megabytes in 45 mins, so I had to uninstall again. Maybe something is wrong from my ISP's side. Everything else is running fine though. I don't know what's the problem. This is why I always wanted a full offline installer containing all modules. It would make the initial update smaller. ESET have such installer for business products but not for home.
  19. Hi, sorry I don't have ESET installed at the moment because I was having trouble connecting to internet because of it. As I said, I tried to switch to pre-release channel but the download never started even after restarting the system and triggering a manual update. Maybe @itmancan help.
  20. ESET need to get their act together with the WSC integration. I haven't seen other products who still have this problem but ESET is having issues quite regularly randomly for some users. Every few months we see there's a new WSC integration module update for ESET. Hopefully they finally fix everything.
  21. Well tonight I had a problem. Suddenly I saw WD is also running on the system along with ESET. Windows Security was showing WD as the AV as if I don't have ESET installed. Restarted the system but same. Tried to switch to pre-release channel and the updating windows was showing updating product with the usual animation but the download process never began. Restarted the system but same problem. Tried to download the ESET log application but that wasn't downloading either. No idea why! There were some internet connectivity issue due to WD vs ESET scenario maybe? So couldn't collect log and had to uninstall ESET. While both was active before my first restart, I saw ESET service was constantly using 50-60 kbps of my bandwidth. It wasn't downloading any update so also not sure what was it doing. I should also add when I installed ESET a few days ago, after installing it was not starting the initial module downloading update. It was stuck with the animation and I had to restart the system before it was able to download modules. I never faced any of these problems before.
×
×
  • Create New...