peteyt
-
Posts
2,147 -
Joined
-
Last visited
-
Days Won
41
Posts posted by peteyt
-
-
4 hours ago, Marcos said:
What issues are you having with Smart mode? It's in fact interactive mode which prompts only if a suspicious operation is being performed. It's a purpose of this mode to not ask the user a lot.
I have hips set into interactive mode and no plan at the moment to change that. Just curious what smart mode does then as if interactive prompts about suspicious activity and automatic does everything for you, what is the purpose of smart mode?
-
On 17/01/2018 at 12:57 PM, galaxy said:
Leider wieder mit Ransomware befallen
Es scheitert oft mit Ransomware
What do you say to that?
As many have brought up there are many issues with the video. For example, the video shows it is version 11, but I couldn't see the actual version, e.g. 11.1, 11.2 etc. Also the user didn't run an update and the video is a few months old.
The big problem as I have mentioned when things like this is brought up by other specific users, is that these tests can be easily rigged. No security program is perfect and I've seen people run test videos where one AV misses some viruses so they run another one to remove the leftovers and often another one and so on because no AV is perfect. I could easily make a video showing one AV to be great at protecting from ransomware by using samples I know will be detected while at the same time are not detect by another one, so that other one ends up looking bad - however I could then turn it around and find one that would now make the bad one look good and the good one look bad.
As mentioned it does not help that these tests seen on youtube often do not represent real usage - for example no one should be downloading multiple malware samples and then turning off settings to make sure they don't originally get caught. As Marcos has mentioned, the fact the settings had to be disabled shows that actually the test is not showing all protection parts. Eset will always try and block users from downloading malware from the first place. Disabling protection layers will always put you at risk.
-
3 hours ago, pygocentrus said:
I activated my subscription december 24 so i missed this one. More than two weeks now for this release and still no notification.
In fact, normally Cybersecurity notify me and I just have to accept the update. And this is what it didnt do for a while, it is not normal for me and i dont accept your explanation. So thanks for the link but i know how to find them because of that.
Cybersecurity must have a button to check manually product update, NOD32 have it. If it have one, I didnt find it in Cybersecurity.
The general update checks for product updates as well as defenitions but eset slowly roll out versions. As i mentioned i think this could be partly to avoid everyone installing at once then a big bug is discovered. You can always manually update by downloading the latest version yourself
-
Interestingly I read the latest version of the Opera browser comes with an option to block coin miners
-
11 hours ago, Hydro said:
Even when creating the rule within 1 of 2 seconds (selecting option “Create rule and remember permanently” and then pressing the Deny button), the initial connection is never blocked (TcpTestSucceeded result is always True).
The issue occurs regardless of the user timing, regardless of the network adapter (ethernet or wifi, docked or not) and regardless of the application. It also occurs with a clean install of EIS, with default settings (except for the firewall filtering mode, which is set to Interactive mode).
Might be best to open a support ticket
-
8 hours ago, Jack said:
1-4-2018
Tonight I followed your Icon to do a monthly update of windows 7 pro 64-bit.
Then Microsoft said there was a compatibility error with Sandboxie. Therefor
I will NEVER do another update of windows. The flag should be taken out of
your icon. They have no right to tell me how to run my computer.
Normally sandboxie will release a newer version to address the issue. Not installing updates will put you at risk just as Marcos mentioned. Many companies and general users would not have been hit by the ransomware WannaCry if they had patched their systems
-
3 hours ago, Marcos said:
Information about available Windows updates is gathered from the operating system.
From which part. Sometimes it will find updates that windows update or nowhere else seems to find but it must be getting it from.somewhere
-
17 hours ago, pygocentrus said:
still no notification for 6.5.600 version released december 21.....
As mentioned they might be delayed for a while. If you want the latest version you can update manually
-
4 hours ago, John Alex said:
Either you do not understand or you pretend not to understand; nobody "hand picked" samples to make ESET look bad , while some other samples were used for the rest of the tested antiviruses , just to make them look good.
When a test is being performed by a specialized entity , THE SAME SAMPLES are used for all players involved.
I agree that the samples could be limited in number, but this is a fact of life: for example, in order to pass some exam you need to solve a limited number of questions in a limited amount of time; if you do it, you pass.
If don't, complaining that is no a real life situation and that you are known as a "good guy" in the neighborhood is not going to help you to get admitted.
It is simple like that!
I wasn't saying the samples are hand picked my point is if you Google different test results you will see there can be big differences e.g. one test one is high and another low or at least lower. My point is that different testers will use different malware samples and so will show different results so people should avoid basing their points on specific test results.
My point of real life situations is very important. Test results only show one part of the story. In real life situations most users are not going to download thousands of malware samples for example.
-
24 minutes ago, Azure Phoenix said:
My point was that, it is perfectly reasonable for a user to discuss a test if that was the point of the topic. In the end that means that people will compare the results among each vendors, because well that was the point of the test, wasn't it?
The issue isn't really with the tests themselves. People seem to keep posting regularly comparing and complaining about eset if it does scores less than another AV.
The point is there's no such thing as 100% protection so I'd be very wary if a test shows an AV with 100%. Also The problem is these tests use limited malware samples. You will see multiple tests from different testers with multiple results because of this. I could do a test myself let's say and hand pick samples that some AVs find and one doesn't to make that AV look bad. Yet at the same time I could do the opposite and make the same AV look good.
For this reason these tests should always be taken with a pinch of salt. If you go by test results as a way to choose an AV you would have to repeatedly change your AV. As has been stated on here it's important to note these tests are not realistic. A user is never going to for example intentionally download multiple samples. I would rather go by user experience over these tests and my own experience with using multiple AVs in the past led me to and keep me using eset.
-
4 hours ago, John Alex said:
Why?
Why not?
-
24 minutes ago, John Alex said:
Nice "speech", unfortunately lacks substance:
It is rather common sense than a philosophy. All AV companies have the same.
Microsoft used the same justification when they had a low detection rate (years ago) and everybody laugh in their face.
Bitdefender, with 99.9% detection rate and 3FP offers a free version ($0 per license);Kaspersky, 99.7% detection rate and 2FP has a free version
So, it is possible, without any "philosophy"...
Hope you do not take it personally.
Happy New Year!
And bitdefender used to crash all the time when i used it, closing itself. Granted i haven't used it for years but that and another issue have made me have a bad image of it just the same way most people have a bad image of norton.
The thing is no one is saying people cant post results of tests but no point posting posts every time another program appears to do better.
-
Happy new year all
-
3 hours ago, Marcos said:
I'm sure you meant Emsisoft
If we add a behavior blocker, it will have to be unobtrusive and work automatically, utilizing smart heuristics and information from other protection modules to avoid asking the user for action selection (at least in default automatic mode).
Is that a hint that something is in the works?
-
4 hours ago, Marcos said:
Please continue as follows:
- configure Windows to generate complete memory dumps as per https://support.eset.com/kb380/
- restart Windows and reproduce BSOD
- after a restart, compress the memory dump, upload it to a safe location (e.g. Dropbox, OneDrive, etc.)
- collect logs with ELC and upload the generated archive
- drop me a message with both download links.I had the same issue although reinstalling eset after removing it via the uninstaller in safe mode seemed to fix it. I couldnt actually boot in normal mode. Have yet to recieve a BSOD yet but occasionaly have to reboot computer after login as it will just freeze. Will send any logs if i do get another BSOD. Should add mine is with em008k 64.dll
-
11 hours ago, vampyren said:
Thank you for the quick response. I'm actually using v10.1.235.0. I go to update and it dont find anything new. Maybe i need to update manually?
Will get the offline installer now .........
New updates are rolled out slowly to users so they won't be found via the program update for some time. I believe this is done in case there is a bug and everyone updates at once, plus it may also avoid issues with everyone downloading at once. I can see however you have manually updated now. There's a newsletter that you can sign up that will alert you as soon as Eset launches a new product https://support.eset.com/kb6241/
-
18 minutes ago, John Alex said:
Sir,
Pretending that you do not understand the issue , doesn't help anyone.
The guy coded a keylogger, created a HIPS rule , and expected detection from the newly created HIPS rule, but nothing happened.
For a HIPS rule to work, you do not need "updates".
I complained 100 times so far , that in my years of using NOD32 , I never got an alert from HIPS, but you told me that is "normal"
Well, somebody smarter than me, proved otherwise....
Is hips in automatic?
-
1 hour ago, John Alex said:
Sir,
After a successful "clean" , I will have a cleaned file in the original location and an original one, infected, in "Quarantine"
Both of them will have the same name, there is no OLD or NEW one.
Well, I manage several family computers and , every month I use to see how they work and if anything has been detected; this is the time to search the quarantine.
At this time I will find a file , let's say test.exe , removed from C / Program files / test.exe, but at the same time, the file (cleaned) is still there.
That can create confusions: has the file really been removed??? the file is persistent and restored by itself? ESET restored the file after figured out is a FP???
Just delete the quarantined file if the program appears okay now. Maybe to avoid any confusion eset could simply mention a bit more information? e.g. having the fact it was cleaned, the reason why and the fact this is the original or something etc.
-
1 hour ago, John Alex said:
I would prefer to know what exactly happened when I press "Clean" ; the information should be somewhere present to tell the user if:
1. file was deleted from original location and placed in Quarantine
2. file was cleaned , the "clean" file is in the original location and the infected one is in Quarantine
This info should be accessible when somebody would interrogate the "Quarantine" in ESET.
I persume the filename would be different so just delete the old one once you know everything works okay
-
1 hour ago, John Alex said:
I have an "on again off again" relationship with ESET.
I reinstall it every time there is a new version, but somehow I end up being unhappy and I go back to MSE+MBAM
For example, in the latest version :
"If I have an infected file, let's say "C / Program files / infected.exe" , and ESET is able to disinfect it.
Now , being disinfected, will be left in the same location as "C / Program files / infected.exe" . At the same time , the original file will be moved to Quarantine , as "C / Program files / infected.exe "
I will end up having 2 identical files, one "disinfected" in original location and one "infected" in Quarantine. Will be hard to say , after a while, why the same file is in 2 locations ."
"But why this complicated approach????
When I press "Clean" I should be informed what exactly happened with that file: has been cleaned, has been deleted, has been quarantined.
An user shouldn't be forced to navigate to the original location to see if the file has been cleaned or deleted.
Why is so difficult to implement????"
MSE has a very elegant solution to this: in History , you have three distinct categories: "detected items" , "quarantined items" and "restored" items
SmartScreenFilter offers adequate protection in IE11, in my opinion.
I dont understand what you mean. When a file is placed in quarantine you do not see that file in the original location. If something has been quarantined i never see it anymore until i restore. If a file is cleaned as Marcos states having a quarantined file is good for if the clean caused issues. If the clean went okay just delete the file in quarantine
-
10 hours ago, pygocentrus said:
no, I dont use the Pro version
3 hours ago, jose luis said:Ok,in the next update I´ll be more patient
Regards!
The reason you probably didn't receive a notification is Eset rolls the updates out slowly, in a kind of staggered approach. I've seen a lot of programs do this, including Malwarebytes. It can avoid network issues with everyone downloading at once but I think it's also designed as a safety feature. While a lot of these updates go through internal testings and sometimes consumer beta's often bugs get discovered after once released. These bugs may be software conflicts that they didn't see - while they can try and test for everything, sometimes unique scenarios will only be discovered by users e.g. a set of programs together cause an issue. That way rolling it out slowly means if there is a bug less people will be affected.
If you want to stay up to date with Eset and know when new versions are released Eset has a newsletter which sends alerts to users via email when new versions are released. That way even if the program doesn't find an update you can download manually https://support.eset.com/kb6241/
-
20 hours ago, John Alex said:
Could be, however I do not have any noticeable browsing lag using MBAM+MSE+PCTools firewall ( Web protection off in MBAM) compared with NOD32 v11.
Browsing is the main factor, as I am not concerned about download/install speed.
Didn't PCTools close many years ago. If so the Firewall hasn't been updated for many years. While a Firewall doesn't receive definitions with new signatures daily like AVs, I'd be reluctant myself to use a security product that is out of date. With many bugs, backdoors etc. often found in products, there is always the risk that something will have a flaw. The issue is that flaws for PCTools Firewall may exist but not be documented, known yet etc. and being unsupported now they will not be fixed.
Which brings me on to another question. Are you an Eset user? I've seen quite a few posts where you have claimed you no longer use Eset e.g. too slow, not good enough but then some posts with questions regarding Eset e.g. quarantine etc. If you don't use it, I just wonder why you seem to regularly post about what you consider bad Eset results.
Also as I mentioned in a previous post, if you do ever come across an issue with Eset e.g. using too much resources, it is recommended that you open a support ticket, submit logs etc. There are many possibilities, possible conflicts and so on. Sometimes these issues can be unique for example a user a few months back had problems with Eset being very slow at startup but it turned out it was due to another program conflicting with Eset. As there are many possibilities due to there being numerous programs available, logs are recommended otherwise the Eset team cannot identify the issue.
-
16 minutes ago, John Alex said:
V 10 is fully supported and not a "defunct version"
But 11 is the latest. You wouldn't trust a protection test if it was based on an old version. Newer versions fix things. What this shows is eset is always making improvements to make it's product better
-
2 hours ago, Teah said:
I can understand a precent. On an elevated account i cant open any even running in administrator mode:
As mentioned by Marcos some may not get scanned even when scanning as an administrator. They could be in use, windows protected files, password protect or damaged. This article may explain it a little more https://support.eset.com/kb2155/?locale=en_US
If we add a behavior blocker, it will have to be unobtrusive and work automatically, utilizing smart heuristics and information from other protection modules to avoid asking the user for action selection (at least in default automatic mode).
CCleaner latest update
in Malware Finding and Cleaning
Posted
It has gotten more reliable