-
Posts
357 -
Joined
-
Last visited
-
Days Won
10
Everything posted by SeriousHoax
-
So people now also can't run their browser in Sandboxie I guess because ESET itself is making the browser run sandboxed all the time. I don't know if it's really a good idea to run browsers 24x7 is a sandbox by the AV. Improvement in security maybe, but could break things in future browser updates. Browser vendors already don't like security software meddling with their browser. https://www.wilderssecurity.com/threads/eis-update-do-not-allow-ff-to-run-sandboxed.448495/
-
Wireless Network Watcher Detection
SeriousHoax replied to SeriousHoax's topic in Malware Finding and Cleaning
Another AV added many of NirSoft's tools to their PUP detection database a few months ago (not this one yet). Probably for similar reasons. Okay, marking this solved. -
Wondering why ESET suddenly added a PUA detection for NirSoft's, Wireless Network Watcher? https://www.virustotal.com/gui/file/5516ad3025bbb362953932825e18f6e59f14b3c15516b8834757398be80afe90/detection
-
ESET 16 now has this green frame around the browser, indicating that the secure browser mode is always active on supported browsers. But even after disabling it, it still shows for a few seconds when I open my browser. I find it unnecessary and distracting. It's fine to show a notification instead on first run of a browser after installing version 16 to let users know about this protection feature. It shouldn't be there always. Hope ESET disables it in a future update.
-
Smart App Control is not usable at its current state. It's very strict. The app as well as all the DLLs need to be signed in order for them to not get blocked by SAC. Also, you can't enable/disable it once you choose one. Mine was in evaluation mode after installation, but got turned itself off after a day as it deemed my device not suitable for SAC. It's not worth it at the moment.
-
Scheduled Scans
SeriousHoax replied to Aryeh Goretsky's topic in ESET Internet Security & ESET Smart Security Premium
Description: An easier way to copy only the hash of a detected sample from the log. Details: Currently it's not possible to copy only the hash of a detected file. In order to copy the hash we need to copy the whole detection log of a sample. But sometimes users just want to quickly copy the hash and check on Virustotal to get a second opinion about the detected sample. -
Scheduled Scans
SeriousHoax replied to Aryeh Goretsky's topic in ESET Internet Security & ESET Smart Security Premium
Description: Allow an option to import and export user made HIPS rules only. Details: Currently it's possible to export full product settings, which ESET users highly appreciate, but a setting to import and export HIPS rules only will be very helpful too. -
Some samples submitted but not processed
SeriousHoax replied to AnthonyQ's topic in Malware Finding and Cleaning
Yeah, it needs to be analyzed manually. I don't need replies as long as submitted samples get added to the database. Well, I have waited 2 weeks which is long enough. Too long I would say. -
Some samples submitted but not processed
SeriousHoax replied to AnthonyQ's topic in Malware Finding and Cleaning
I can only say what I experience myself. Talking about malware submission experience, I sent this sample to ESET more than 2 weeks ago on 12 August but neither I have heard back nor a signature has been created yet. LiveGuard gave it a safe verdict, but it's not safe. If possible, please improve the processing of samples submitted by users. VT link of the sample: VirusTotal - File - d468b56da07173c69423973b706924187e134d0baea07e2ef8e7b49afcd5aacd -
Some samples submitted but not processed
SeriousHoax replied to AnthonyQ's topic in Malware Finding and Cleaning
He submitted samples many times before and got responses too, more or less, so I'm sure he knows how to send. I don't submit a lot, but even in my experience, it has been extremely bad for a while. I've tried different emails too a few times, but it didn't improve the experience much. Besides, I don't remember ESET ever adding phishing sites to their database that I submitted via that dedicated website. I've stopped submitting samples to ESET to not waste my time. Nowadays, the main way to make ESET add detection is to share VT links here on the forum. -
Based on personal experience of @AnthonyQand myself on LiveGuard's not so stellar performance, it seems our home users LiveGuard only performs Level 1 analysis in the cloud that's described here: https://help.eset.com/elga/en-US/how_detection_layers_work.html Is this correct? I also had the chance to try out of ESET Endpoint, where the Level 2 or Level 4 (or both, I forgot which one) option was locked for license with more seats.
-
Eset Update!
SeriousHoax replied to New_Style_xd's topic in ESET Internet Security & ESET Smart Security Premium
This is different, I think. Pico aka streaming update is different. For example, Avast's protection update is entirely based on tiny streaming updates, and they push a full signature update once or twice per day. ESET small signature size is probably related to its finely optimized engine. Someone official from ESET like Marcos or someone else might be able to give an accurate answer. But to answer OP's question, it's not related to the amount of signature. ESET's small signature size doesn't mean it detects less malware. -
As itman said, no AV might be able to remove this UEFI threat since it's part of the hardware firmware. But I'm curious to know what other products actually consider this a malware. AVs that I'm sure has UEFI malware scanning capabilities are Microsoft Defender, Avast, Bitdefender and Kaspersky. Can you share the hash of the detected sample? It should be in the detection log.
-
This is what ESET says about it: https://support.eset.com/en/kb6567-you-receive-an-eset-uefi-detection