rugk

@klv12gcn Nice test. I assume you have tested (some of) the AVs where AV-Test "claims" that it is better than ESET. Just for completeness: How many GBs of RAM had your test PC? Interesting speculation, but I think it would be more useful to adapt this based on the system performance. (e.g. when a computer has many RAM and it isn't used actually so much, it could temporarily use a bit more RAM, but if the computer has not so many RAM then it could use less)

OK. Thanks for your reply. So just conclude... Q1 (& Q3): No, it makes no sense to submit it and won't improve the spam protection at this time. Q2: Okay, nearly the same you can read in the software documentation: But this is said very generally. And why isn't it activated by default?

Okay... Just remember that there is a new Smart mode in the 8th version of the ESET software. This will only ask you at suspicious actions.

Yes also interesting is this twitter post from AV-test: https://twitter.com/avtestorg/status/517386006296018945 Has somebody said something else?

If you'd like to get it - no problem. Here you can change the HIPS mode: More information (how to change) the HIPS mode(s) you can find here: Host-based Intrusion Prevention System (HIPS) - Advanced setup And more information about HIPS generally are here: What is HIPS in ESET Smart Security/NOD32 Antivirus?

Yes, it's a great idea. But it was already suggested by @TGW with some very nice mockups.

"Antivirus is dead" In May Symantec stated that Antivirus is dead. And of course this statement was immediately discussed. Jerome Segura, a researcher at Malwarebytes called it "quite [...] bold" and added: hxxp://www.ibtimes.com/antivirus-really-dead-security-professionals-symantecs-declaration-1580308 Also Kaspersky disagrees: Kaspersky rubbishes Symantec VP's claim that antivirus is 'dead', calls it marketing stunt More information also in this article: No, anti-virus software isn't dead (yet) It isn't a 'moneymaker' anymore Ibtimes.com concludes that Also ZDNet reported this: Symantec discontinued Norton Antivirus And today a German publisher has published that Symantec will discontinue the development for Norton Antivirus. As a new customer you can't buy it anymore! Symantecs stated on its own website: hxxp://www.symantec.com/endpoint-protection Time to change?! But I'm sure that some user want a light protection that only protects against malware. (maybe because they want to use a different firewall or something else) So maybe it's time for you to change your malware protection software. I can recommend the brand-new ESET NOD32 Antivirus in the 2015 edition (that's version 8). But why ESET? It has many great technologies, e.g. a system that monitors the system events (HIPS) and that could also be controlled by the user or an exploit blocker that is specialized for blocking exploits in PDF readers, Java, Browsers and more. In the new version this exploit blocker was enhanced amongst other things. BTW: Of course ESET also has a complete protection suite, called ESET Smart Security (with a firewall and many other features). If you want to use it you can also do this - but nobody forces you to do so.

Yes but module updates aren't something special. And yes maybe I will submit my findings later.

Yes it's quite strange. Here an overview with ESET, Kaspersky (the Russian AV mentioned above) and AhnLab (as a bad example) from a few tests: hxxp://www.av-test.org/en/?avtest%5Btype%5D=3&avtest%5Bprods%5D=11,15,29&avtest%5Bplatforms%5D=3,10-7,5-4-1&avtest%5Bseries%5D=5-4-1:1406851200.2,5-4-1:1391252400.2,10-7:1396310400.2,10-7:1385899200.2,3:1401580800.2,2:1291201200.3 PS: Also interesting that they didn't tested the cooperate solution from ESET. @SweX Yes 10 sec. was e.g. average performance inpact in 2012. See the test of ESS in this year. And there they had "repair" instead of "performance".

Yes it was really very short. Also only one BETA built was released. And I found some errors (in the BETA) and haven't published it until now...

No! The beta is over, ESET has released the final version! So you of course can download it from the official website. More information here: https://forum.eset.com/index.php?showtopic=3327 And here: https://forum.eset.com/index.php?showtopic=3328

Hello @kllwk1, welcome to ESET and to this forum. For security tips I can strongly recommend you WeLiveSecurity. And if you need support in the future you can of course ask us at this forum, but another great thing were you can look (before) is the ESET knowledgebase. And of course there are even more things from ESET you may like. So just look a bit around (e.g. look at the signatures of some users).

Yes, ok maybe Thunderbird searches for updates. But doesn't it do this in the background? And if you are a business user then you can surely do it - like you said - with ERA. But if so you are at the wrong section...

AFAIK it is this way: If you bought the download version (e.g. from the ESET online shop) and got a license mail with username/password the "count-down" begins directly after buying. If you bought a physically disk (and only a physically disk!), don't received any license mail and only have an activation code (not a username/password!) then the count-down begins when you entered your activation code (where it will "converted" into a username/password). This can happen if you e.g. bought it in a physical store. Edit: Here a screenshot of the activation window, where you will see the differences too:

No, I'm just a user. And maybe I have to say that you could manually remove it - but you would have to do it in a very aggressive and extraordinary way and so I can't guarantee that ESET and Thunderbird are still working after this. You do this at your own risk! The files for the add-on are saved in %programfiles%\ESET\ESET Smart Security\Mozilla Thunderbird or %programfiles%\ESET\ESET NOD32\Mozilla Thunderbird. So is is possible to deactivate self-protection of ESET and delete this files. But it is really not recommend! Just let the few bytes there. They aren't disturbing and so I see no reason to delete them.

On that's the answer to question 3 I think. And what about the other questions?

Yeah you're welcome. Now there is also a complete Wikipedia article about it: https://en.wikipedia.org/wiki/Shellshock_%28software_bug%29

You can do like you prefer and you can of course also switch it back at any time you want.

Question 1 I think this is the simplest question, but I found no explicit answer to it so I'm asking it now. You give instructions how to submit a phishing mail or website that the anti-phishing module misses. But my question is, should I also submit spam mails to samples @ eset.com? Should I add "spam mail" in this case to the subject? Related: How to submit a malware or a website? Question 2 I simply saw a strange setting in ESS (v7 and higher) and so I'd like to ask what this is... What does this "advanced anti-spam feature" and why isn't it enabled by default? Question 3 This may be also a suggestion, but take it as you like. I'm talking about the outlook addon (from the anti-spam protection) which filters spam and phishing mails. At first it is a bit confusing (especially for new ESET users) what is the difference between your spam and your phishing protection. I will say it here shortly - If I'm wrong then please correct me: The phishing protection is a kind of websites filter that protects you against phishing and scam websites. The spam protection is an email-filter. It needs the automatic installed add-on for your email-client to work. It filters spam and phishing mails. Maybe you should rename the spam protection to mail protection (or something like this), because it also protects against phishing mails, but what I want to ask is something different. Why not make a button "Mark as spam/phishing and submit to ESET" or an option to automatically submit the mails if they are marked as spam/phishing from the user, so you can improve the detection. Maybe this could be integrated into ESET LiveGrid...?

Okay, there also are some threats that seems to exploit ShellShock. https://twitter.com/avtestorg/status/515880094360170498 According to AV-Test ESET detects this trojan as Linux_DDoS.M.

Ok thanks for your replies. So ads and the transmission of the user data play a role... But could someone specify this a bit? I think there are at least some differences between computer-PUA and mobile-PUA (I tried to indicate some of them in my start post).

OK, if this installer contains/is PUA then I would submit it to ESET. Have you done this, SweX?

What to do about Shellshock Bash bug on Mac OS X, web servers, routers, and more - WeLiveSecurity What is Shellshock and does ESET protect me from it? - ESET knowledgebase

Just FYI now there is also the "normal" report from AV-test about this test online: hxxp://www.av-test.org/en/news/news-single-view/mac-os-x-in-the-crosshairs-18-malware-scanners-put-to-the-test/

Mhh... as I see it is detected "a variant of OSX/Adware.Spigot.A application" it is a bit modified from the originally OSX/Adware.Spigot.A, so I would suggest you to submit this to ESET. The same with the Windows version. And another thing... Shouldn't there be the "potentially unwanted application" at the end if it is such a thing? But - no - as I see it is "adware", so it may be "more bad" than a PUA. And if so it is also be detected when PUA detection is disabled, isn't it?