tibot 0 Posted July 7, 2017 Share Posted July 7, 2017 just a quick question should "enable detection of potentially unsafe applications be turned on or off"? seems the default is off. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted July 7, 2017 Administrators Share Posted July 7, 2017 It's up to you. Potentially unsafe applications cover legitimate tools that can be misused in the wrong hands for malicious purposes. They may cover remote admin tools, serial key finders, coin miners, etc. Link to comment Share on other sites More sharing options...
TomFace 539 Posted July 7, 2017 Share Posted July 7, 2017 (edited) I do believe that if you have PUA detection enabled, you'll receive a notification window upon detection so you can either disconnect or ignore. http://support.eset.com/kb2629/ Edited July 7, 2017 by TomFace Link to comment Share on other sites More sharing options...
COStark26 10 Posted July 8, 2017 Share Posted July 8, 2017 17 hours ago, TomFace said: I do believe that if you have PUA detection enabled, you'll receive a notification window upon detection so you can either disconnect or ignore. hxxp://support.eset.com/kb2629/ The dilemma for non-experts is to recognize a Popup Warning String for what it really is / means. I have recently seen a popup about "Windows Firewall has prevented (a String) from Logitech. Allow / Deny?" Win's Firewall is NOT active, so I wonder if this is an OK to Track every keystroke I make via the Logitech Keyboard I have. I should have copied and Google'd the String, but having just activated BOTH UnWanted and UnSafe, I suspect it will get so complicated with decisions above my pay grade that I go back to Default Off. Link to comment Share on other sites More sharing options...
TomFace 539 Posted July 9, 2017 Share Posted July 9, 2017 Is the pop up window from ESET ESS or from windows? Can you get a screen shot of it? I just about never get a ESET pop up notice about PUAs. Can really recall the last one I got. Link to comment Share on other sites More sharing options...
Most Valued Members SCR 195 Posted July 9, 2017 Most Valued Members Share Posted July 9, 2017 1 hour ago, TomFace said: Is the pop up window from ESET ESS or from windows? Can you get a screen shot of it? I just about never get a ESET pop up notice about PUAs. Can really recall the last one I got. You can receive PUA warnings if the download contains an additional install of something along with the intended program even if is possible to decline the additional software when the install is run. For example CCleaner is an excellent and safe program. However the free edition includes a tool bar so Eset kindly informs me with a PUA alert when I attempt to download it. You can ignore the alert or disconnect. You will again receive a PUA when you run the install. I should also add the the author of CCLeaner kindly offers free edition without the tool bar refereed to as the "Slim Edition" a week or so after the latest version release. Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 393 Posted July 9, 2017 Most Valued Members Share Posted July 9, 2017 On 08/07/2017 at 11:21 AM, COStark26 said: The dilemma for non-experts is to recognize a Popup Warning String for what it really is / means. I have recently seen a popup about "Windows Firewall has prevented (a String) from Logitech. Allow / Deny?" Win's Firewall is NOT active, so I wonder if this is an OK to Track every keystroke I make via the Logitech Keyboard I have. I should have copied and Google'd the String, but having just activated BOTH UnWanted and UnSafe, I suspect it will get so complicated with decisions above my pay grade that I go back to Default Off. While slightly off topic I've noticed occasionally certificate alerts asking to block or deny when browsing. This could confuse users who might be unsure which to pick. Link to comment Share on other sites More sharing options...
TomFace 539 Posted July 9, 2017 Share Posted July 9, 2017 (edited) 2 hours ago, SCR said: You can receive PUA warnings if the download contains an additional install of something along with the intended program even if is possible to decline the additional software when the install is run. For example CCleaner is an excellent and safe program. However the free edition includes a tool bar so Eset kindly informs me with a PUA alert when I attempt to download it. You can ignore the alert or disconnect. You will again receive a PUA when you run the install. I should also add the the author of CCLeaner kindly offers free edition without the tool bar refereed to as the "Slim Edition" a week or so after the latest version release. Yes I know all about "slim", been using it for years...I understand the PUA notifications, I don't see them because I am careful with what I do with my machine (downloads/programs)....... I am still confused what COStark26 is talking about.... And yes peteyt, I too have seen a few more certificate notifications, must be the time of year (July expirations and renewals). Edited July 9, 2017 by TomFace Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 393 Posted July 9, 2017 Most Valued Members Share Posted July 9, 2017 24 minutes ago, TomFace said: And yes peteyt, I too have seen a few more certificate notifications, must be the time of year (July expirations and renewals). Is there an automatic setting for this or would it cause too much confusion e.g. blocking the good and possibly allowing the bad? Link to comment Share on other sites More sharing options...
Most Valued Members SCR 195 Posted July 9, 2017 Most Valued Members Share Posted July 9, 2017 (edited) 41 minutes ago, TomFace said: Yes I know all about "slim", been using it for years...I understand the PUA notifications, I don't see them because I am careful with what I do with my machine (downloads/programs)....... I am still confused what COStark26 is talking about.... And yes peteyt, I too have seen a few more certificate notifications, must be the time of year (July expirations and renewals). I am quite careful as well and rarely see a PUA. From your post I incorrectly assumed you hadn't seen one and didn't want you feeling left out I am confused as well about the comment. by COStark26 As far as certificate notifications, I have not been seeing many of them yet. Lucky I guess. I've had occasions where one would pop up I just close the browser and find whatever I'm looking for some place else. Edited July 9, 2017 by SCR Sentence structure correction. Link to comment Share on other sites More sharing options...
TomFace 539 Posted July 10, 2017 Share Posted July 10, 2017 (edited) No problem SCR (we're good!).... I appreciate someone/anyone looking out for me. peteyt, as far as I know, there is no setting for questionable certificates and I (for one) would not want one. As you implied, we need to separate the good from the bad. Edited July 10, 2017 by TomFace Link to comment Share on other sites More sharing options...
COStark26 10 Posted July 13, 2017 Share Posted July 13, 2017 On 7/9/2017 at 0:52 PM, TomFace said: Is the pop up window from ESET ESS or from windows? Can you get a screen shot of it? I just about never get a ESET pop up notice about PUAs. Can really recall the last one I got. Sorry I disappeared. I usually Snip Tool save them but didn't in this case. No recall Of ESET appearing in the popup, so the Unknown Author would be my Main Security Concern. I'll hope for the best. The below just appeared in a current Scan still running & typifies the dilemma of amateurs interpreting PUA popups. Nero 10 is a Day 1 app in the computer I haven't seen an update for in years, so I'm sure it's OK. As predicted earlier, I'll probably UN-Chk PUA and PUSafe as it's so Very rare I ever have issues. Couldn't be Cleaned appears in Popup............. C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Gateway Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application Clean Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted July 13, 2017 Administrators Share Posted July 13, 2017 The detection is ok. I assume the toolbar is detected as a potentially unsafe application which you've had disabled until recently. Link to comment Share on other sites More sharing options...
itman 1,659 Posted July 13, 2017 Share Posted July 13, 2017 1 hour ago, COStark26 said: Couldn't be Cleaned appears in Popup............. C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Gateway Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application Clean If you click on "Action for listed threats" and select "Clean," Eset will removed the ask.com toolbar and leave the rest of the application alone. This is what I would recommend. Link to comment Share on other sites More sharing options...
COStark26 10 Posted July 14, 2017 Share Posted July 14, 2017 (edited) 16 hours ago, itman said: If you click on "Action for listed threats" and select "Clean," Eset will removed the ask.com toolbar and leave the rest of the application alone. This is what I would recommend. Thanks for the Replies. I didn't "absorb" the difference in "Couldn't Be Automatically Cleaned" and Clk'ing Clean myself, so I chk'd Allow or the equivalent. 2nd Scan showed Nothing per Allow prior. ESET rarely presents an issue so I have little practice in knowing what to do. During Scan ....MBAM 3 gave a Popup for the Same String offering to Quarantine it. Clk'd Ignore Once and presume I shouldn't Quarantine IF I ever want to use Nero someday, although I can't recall using Nero in years. Appreciate the feedback. Lesson learned. Edited July 14, 2017 by COStark26 Link to comment Share on other sites More sharing options...
Recommended Posts