SweX

hxxp://blog.emsisoft.com/2015/04/10/popular-chrome-extension-turns-out-to-be-spyware/

It is indeed a big deal if the product is not meant to use more than 100-120MB like ESS/NOD32. If it uses 300MB then it means there is a problem. And if there is a leak, chance is it wouldn't stop at 300MB but continue to increase all the time if allowed, even to GB size in some cases. "Memory usage is not what determine if an AV is light or not" That's correct, and can actually not be said enough. But the size of the program and databases ESS/NOD32 vs heavy lifters like KIS, BIS, could be reflected on the RAM usage if they are loaded in RAM like ESET. ESS is a tiny tight package compared to them. If KIS would use 250MB it would be quite normal (unless things have changed) But if ESS would use that much, it indicates that there is a problem. Avast on the other hand flushes the ram by design so it will rarely go above the 5MB mark. (unless things have changed) So there is more than one thing that can be connected to the RAM usage of a product.

Occasionally ? I thought you checked Wilders more or less everyday. At least I see you online more often that what I would call occasionally And I sent you the PM on Wilders since that's where the thread is located. Well I checked the send date to be sure, and the PM was indeed sent on Mars 11. That's great to hear. Yeah I know it was the driver that was detected as Unsafe (optional). But I also know that SurfRight would like to get it fixed ASAP as they don't want their software to be associated with PUA detections in any way.

Great job BALTAGY. Fingers crossed they'll be able to find a problem and fix it ASAP

Well, slim is very slim and has nothing in it either, and is offered as a download too.

foneil, great job! Thank you

Still, it would be good if ESET replied back when other vendors make contact don't you think? Zero response doesn't sound good. https://www.wilderssecurity.com/threads/hitmanpro-alert-support-and-discussion-thread.324841/page-199#post-2479163 I also sent the following link in a PM to you on Wilders on Mars 11 to let you know, but you didn't reply to my PM or made a reply in the thread: https://www.wilderssecurity.com/threads/hitmanpro-alert-support-and-discussion-thread.324841/page-175#post-2468397

They talk way too much about V9 people will start thinking there's something wrong with the quiet clam

Thank you, foneil

@rugk, I couldn't have answered the root cert question as I haven't used the tool, so good that dom1da could chime in on that. Yeah, I also think it would be great to have their own tool included in their own KB article.

https://www.mrg-effitas.com/mrg-effitas-real-world-exploit-prevention-test-march-2015/ It's a test so remember the famous grouse pinch of salt. And don't only check the results, also read a bit to better understand the results

https://forum.eset.com/topic/76-rules-of-the-eset-security-forum/ And with the announcement comes the changelog: https://forum.eset.com/topic/4614-eset-nod32-antivirus-80312-released/

Yeah very good...

Yes it should be listed. Your link goes to the .com/us/... tech site. For the sake of it I checked the .com/int/...tech site (link in my signature) and NOD32 is not listed under Anti-Phi there either. hxxp://www.eset.com/int/about/technology/

I search yesterday and I searched now again, but I just can't find the article, blog post, or whatever it was that I read a few days ago where it was nicely explained that the ESET tool would literally find everything connected to Superfish. So you just have to believe me...this tool rocks.

I don't believe the notification in your screenshot in post #8 is an ESET detection notification, at least it doesn't look like it. It seems to be from the browser itself. Firefox uses "malware data" provided by Google, so if it is blocked in Chrome there is a chance that it is blocked in Firefox as well.

Swedish newspaper DN had this story about the Chrome extension "webpage screenshot" today, so I made a rough translation of the important bits from the article..... According to the article it will send data each minute about what websites you have visited to a server in the U.S., even from secure connections. It does not collect content from visited websites or content from emails, but it has capabilities to do that if the "dev" want to. The "dev" says to DN that the purpose with collecting all this is to build up statistics on browsing behaviours and sell it because it has a high commercial value, and he point out that it's not data from individuals that is interesting but browsing behaviours as a whole. The code that makes the spying possible is not present in the extension's source code at first, but gets downloaded from the Internet some time after install, and the spying begins around 1 week after install. Which could be one reason to why the extension passed the security checks. Original: hxxp://www.dn.se/nyheter/sverige/hemlig-kod-spionerar-pa-svenskars-surfvanor/ Translated: https://translate.google.com/translate?sl=sv&tl=en&js=y&prev=_t&hl=sv&ie=UTF-8&u=http%3A%2F%2Fwww.dn.se%2Fnyheter%2Fsverige%2Fhemlig-kod-spionerar-pa-svenskars-surfvanor%2F&edit-text=&act=url The extension at the google store (don't install it): hxxp://mac.softpedia.com/get/Internet-Utilities/Webpage-screenshot-for-Chrome.shtml Edit: The above link doesn't work anymore, but I remember that the Developer name at Softpedia was "Amina" which is beginning of the first name Aminadav Glickshein.

You're welcome, good choice you won't regret it.

You could also try running this tool to see if it finds anything more related to Superfish. hxxp://www.eset.com/int/download/utilities/detail/family/274/

"which will show several notification to encourage users of Windows 7 and Windows 8.1 to upgrade to Windows 10." If we change out the word "notifications" to Ads it sounds so much worse, and wrong. People shouldn't need to be convinced to update, if Win 10 is good enough people will update anyway since it's a Free upgrade after all, providing it actually is better than the OS they currently use, and that remains to be seen. It's up to MS to show their users that they "still got it".

Uninstall IObit Malware Fighter ASAP because you don't need it, and just forget about you ever had this FP. I don't always agree with NR but this time I agree to 100%! hxxp://www.pcmag.com/article2/0,2817,2477847,00.asp

There seems to be an issue at the moment incase it is related, I am not sure exactly what sort of problem TS got with the license or user/pass. hxxp://kb.eset.com/esetkb/index?page=content&id=ALERT44 hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3189

IMO, instead of fiddling around with exclusions and start believing the product is wrong and that it may be a FP each time it detects something(doing its job), simply send in a FP report to ESET and be done with it. hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN141&actp=search&viewlocale=en_US&searchid=1428166173832 If it really is a FP they will take care of it, if not then the detection will stay, and if you're still not happy after that then you can use exclusions provided you know about the risks. "I never saw one stopping a download without expressly asking me if I want to continue or not." And if the user takes the wrong decision and end up infected they would blame the product, and the vendor would blame the user for taking the wrong decision. Therefore, no questions asked is best for the majority of users. But when it comes to user optional detections like Unsafe/Unwanted the choice is totally yours.

Even if the text should get saved automatically (which it usually does just fine), I have made a habit to always copy the whole post before I click the post button, just in case something goes wrong.

did you happen to notice that my post was almost 5 months ago before you replied? Hello, I believe Destarah responded to the post by "hash" that was made yesterday : https://forum.eset.com/topic/3605-need-to-reinstall-smart-security-after-reformat/?p=26223