Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Posts posted by FleischmannTV

  1. ESET is fast for me in that I don't use the HTTP scan feature since I already use adblocks with a malware domain list and such with enough protection to not warrant it.


    Just remember that ESET is going to detect malware better with protocol scanning enabled. It's not just about blocking malicious websites, but malware that passes through the protocol scanner is investigated more thoroughly with additional assistance from LiveGrid. This is an important part in ESET's zero-day detection.

  2. The tool from Malwarebytes doesn't exploit vulnerable applications which ESET's exploit blocker is watching. Hence there are no alerts. I suggest you try the Exploit Test Tool from Surfright. This tool allows you to choose the application which is exploited. From there you can select your browser or pdf reader. Then you should get alerts from ESET.



  3. This test is likely far more relevant to the real world user than the AV-C, AV-Test, Denis Labs etc tests.


    I am sorry to rain on your parade, but this site is as far from real world as it gets.


    Real world means two things in my books. For one thing, it has to be about threats that users are actually facing (prevalence), and not some exotic stuff nobody ever encounters. And for another a product needs to be able to use all of its components in order to protect the user. 


    As for prevalence, I cannot say if CRDF is taking that into account. As for utilizing all of a product's components, they definitely don't. They just use VirusTotal for scanning the samples. This means it's nothing more than a right click scan of a file. Stopping the user from downloading the malware in the first place or any other non signature based methods of protection, like HIPS, behavioral analysis or reputation systems etc? Nope.


    For what it's worth, a product could be at the bottom of that list and still protect you better than the one at the top. In that regard this site is very misleading. In my opinion this CRDF link should never be posted without a clear disclaimer about how it actually works, because every time I see this come up, it's clear that the poster doesn't understand it.

  4. @TJP


    It simply means that Kaspersky Lab and others have recognized the immense ramifications of these test results and therefore they are dedicating time, money and man power in order to detect even those "threats", which have little to no real-world value. People are regularly panicking and changing AVs over detection differences of 0,5 %. This is why companies are wasting resources in order to detect even the most insignificant supposed malware. It is not cheating.

  5. @Maximus


    Could you try to open the AMTSO phishing test page, located here:




    This is just to check if protocol filtering is working at all with Cyberfox. If you are able to open the link located at that page, then protocol filtering isn't working correctly with Cyberfox and that could be the reason why you are no longer experiencing any problems, now that you've switched from Firefox to Cyberfox.

  6. Greetings.


    I know I have already asked this in a somebody else's topic, but since this topic has already been marked as answered I think it would be best to talk about this in a separate topic.


    The reason I am writing this is because I have witnessed weird behavior of ESET in regards to AMTSO's cloudcar.exe file when I try to download it with Google Chrome.


    If I download it with right-click \ save-as, it is detected, no problem. If I initiate the download with left-click, it is not detected. Once on the disk, I guess it won't be detected anymore because LiveGrid only works during download, am I correct? Weirdly, sometimes ESET was able to detect cloudcar.exe upon a left-click download as well, though I am not able to reproduce the latter consistently. 

  7. I have just done further tests. I can download the cloudcar.exe with Chrome (32 and 64-bit), but it is blocked in Firefox and IE. Chrome protocol filtering is working though because the phishing page, EICAR and PUA downloads are blocked.




    When I try to save the cloudcar.exe in Chrome with right-click and "save as", ESET blocks the download in Chrome as well. When I try to save it by left-clicking the download link, it doesn't.

  8. Application dependent Gamer-Mode


    ESS and Nod32 already have a gamer-mode, but it is triggered by full-screen applications. Yet there are many full-screen applications which use so few resources that this would be the ideal time for ESET to perform background tasks. Hence I would like to suggest the addition of a application dependent gamer-mode, so we can disable full-screen gamer-mode and still have it activated when it counts.

  9. I cherish ESET for not having something like this. Further, in order to rate search results the AV has to know whether they are safe or not and if it knows they are malicious, it will block access to them anyway. In addition to the database of known malicious websites the web-av part of ESET scans the contents of websites as well. So you are covered very well with ESET. Just a closing thought regarding site advisors, how do you know if a link is safe when you see it in a forum or an e-mail? Those site-advisors don't work there but the web-av protects you regardless.

  10. After a default installation "Advanced heuristics on file executions" is enabled by default. However, when you click on "Default" in the lower right corner of the corresponding window and reset to default, it will be disabled again, no matter if you reset only the "Advanced setup" or all settings. So there must be a discrepancy between a default installation and resetting to default settings.


    It would be nice to know if anybody else can reproduce this. 

  • Create New...