Jump to content

virus detection settings


Recommended Posts

just a quick question should "enable detection of potentially unsafe applications be turned on or off"? seems the default is off.

Link to comment
Share on other sites

  • Administrators

It's up to you. Potentially unsafe applications cover legitimate tools that can be misused in the wrong hands for malicious purposes.

They may cover remote admin tools, serial key finders, coin miners, etc.

Link to comment
Share on other sites

17 hours ago, TomFace said:

I do believe that if you have PUA detection enabled, you'll receive a notification window upon detection so you can either disconnect or ignore.

hxxp://support.eset.com/kb2629/

The dilemma for non-experts is to recognize a Popup Warning String for what it really is / means. I have recently seen a popup about "Windows Firewall has prevented (a String) from Logitech. Allow / Deny?"

Win's Firewall is NOT active, so I wonder if this is an OK to Track every keystroke I make via the Logitech Keyboard I have. I should have copied and Google'd the String, but having just activated BOTH UnWanted and UnSafe, I suspect it will get so complicated with decisions above my pay grade that I go back to Default Off.

Link to comment
Share on other sites

Is the pop up window from ESET ESS or from windows? Can you get a screen shot of it?

I just about never get a ESET pop up notice about PUAs. Can really recall the last one I got.

Link to comment
Share on other sites

  • Most Valued Members
1 hour ago, TomFace said:

Is the pop up window from ESET ESS or from windows? Can you get a screen shot of it?

I just about never get a ESET pop up notice about PUAs. Can really recall the last one I got.

 

You can receive PUA warnings if the download contains an additional install of something along with the intended program even if is possible to decline the additional software when the install is run. 

For example CCleaner is an excellent and safe program. However the free edition includes a tool bar so Eset kindly informs me with a PUA alert when I attempt to download it. You can ignore the alert or disconnect. You will again receive a PUA when you run the install.

I should also add the the author of CCLeaner kindly offers free edition without the tool bar refereed to as the "Slim Edition" a week or so after the latest version release.

PUA.png

Link to comment
Share on other sites

  • Most Valued Members
On 08/07/2017 at 11:21 AM, COStark26 said:

The dilemma for non-experts is to recognize a Popup Warning String for what it really is / means. I have recently seen a popup about "Windows Firewall has prevented (a String) from Logitech. Allow / Deny?"

Win's Firewall is NOT active, so I wonder if this is an OK to Track every keystroke I make via the Logitech Keyboard I have. I should have copied and Google'd the String, but having just activated BOTH UnWanted and UnSafe, I suspect it will get so complicated with decisions above my pay grade that I go back to Default Off.

While slightly off topic I've noticed occasionally certificate alerts asking to block or deny when browsing. This could confuse users who might be unsure which to pick.

Link to comment
Share on other sites

2 hours ago, SCR said:

 

You can receive PUA warnings if the download contains an additional install of something along with the intended program even if is possible to decline the additional software when the install is run. 

For example CCleaner is an excellent and safe program. However the free edition includes a tool bar so Eset kindly informs me with a PUA alert when I attempt to download it. You can ignore the alert or disconnect. You will again receive a PUA when you run the install.

I should also add the the author of CCLeaner kindly offers free edition without the tool bar refereed to as the "Slim Edition" a week or so after the latest version release.

PUA.png

Yes I know all about "slim", been using it for years...I understand the PUA notifications:mellow:, I don't see them because I am careful with what I do with my machine (downloads/programs);).......

I am still confused what COStark26 is talking about....:unsure:

 

And yes peteyt, I too have seen a few more certificate notifications, must be the time of year (July expirations and renewals).

Edited by TomFace
Link to comment
Share on other sites

  • Most Valued Members
24 minutes ago, TomFace said:

And yes peteyt, I too have seen a few more certificate notifications, must be the time of year (July expirations and renewals).

Is there an automatic setting for this or would it cause too much confusion e.g. blocking the good and possibly allowing the bad?

Link to comment
Share on other sites

  • Most Valued Members
41 minutes ago, TomFace said:

Yes I know all about "slim", been using it for years...I understand the PUA notifications:mellow:, I don't see them because I am careful with what I do with my machine (downloads/programs);).......

I am still confused what COStark26 is talking about....:unsure:

 

And yes peteyt, I too have seen a few more certificate notifications, must be the time of year (July expirations and renewals).

I am quite careful as well and rarely see a PUA.

From your post I incorrectly assumed you hadn't seen one and didn't want you feeling left out ;)

I am confused as well about the comment. by COStark26

As far as certificate notifications, I have not been seeing  many of them yet. Lucky I guess. I've had occasions where one would pop up I just close the browser and find whatever I'm looking for some place else.

 

Edited by SCR
Sentence structure correction.
Link to comment
Share on other sites

No problem SCR (we're good!).... I appreciate someone/anyone looking out for me.;)

peteyt, as far as I know, there is no setting for questionable certificates and I (for one) would not want one. As you implied, we need to separate the good from the bad. 

Edited by TomFace
Link to comment
Share on other sites

On 7/9/2017 at 0:52 PM, TomFace said:

Is the pop up window from ESET ESS or from windows? Can you get a screen shot of it?

I just about never get a ESET pop up notice about PUAs. Can really recall the last one I got.

Sorry I disappeared. I usually Snip Tool save them but didn't in this case. No recall Of ESET appearing in the popup, so the Unknown Author would be my Main Security Concern. I'll hope for the best.

The below just appeared in a current Scan still running & typifies the dilemma of amateurs interpreting PUA popups. Nero 10 is a Day 1 app in the computer I haven't seen an update for in years, so I'm sure it's OK. As predicted earlier, I'll probably UN-Chk PUA and PUSafe as it's so Very rare I ever have issues.

Couldn't be Cleaned appears in Popup.............

C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Gateway Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe     a variant of Win32/Bundled.Toolbar.Ask    potentially unsafe application       Clean

7-13-17 NERO 10 POPUP.JPG

Link to comment
Share on other sites

  • Administrators

The detection is ok. I assume the toolbar is detected as a potentially unsafe application which you've had disabled until recently.

Link to comment
Share on other sites

1 hour ago, COStark26 said:

Couldn't be Cleaned appears in Popup.............

C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Gateway Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe     a variant of Win32/Bundled.Toolbar.Ask    potentially unsafe application       Clean

If you click on "Action for listed threats" and select "Clean," Eset will removed the ask.com toolbar and leave the rest of the application alone. This is what I would recommend.

Link to comment
Share on other sites

16 hours ago, itman said:

If you click on "Action for listed threats" and select "Clean," Eset will removed the ask.com toolbar and leave the rest of the application alone. This is what I would recommend.

Thanks for the Replies. I didn't "absorb" the difference in "Couldn't Be Automatically Cleaned" and Clk'ing Clean myself, so I chk'd Allow or the equivalent. 2nd Scan showed Nothing per Allow prior. ESET rarely presents an issue so I have little practice in knowing what to do.

During Scan ....MBAM 3 gave a Popup for the Same String offering to Quarantine it. Clk'd Ignore Once and presume I shouldn't Quarantine IF I ever want to use Nero someday, although I can't recall using Nero in years.

Appreciate the feedback. Lesson learned.

 

 

Edited by COStark26
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...