mar122999 1 Posted February 3, 2014 Share Posted February 3, 2014 (edited) First, I like the strong stance on PUAs. Being in the computer repair business, this is what I clean up %90 of the time on PCs. But I would like to know where I can find an option in ESET AV to automatically block or quarantine an object seen as a PUA. I noticed that even though ESET marked the file (ex: Utorrent) as a PUA, it allowed the program to run and it gives the user an option to "clean" or "no action". I find these options sort of vague to the standard 'click happy' user and they may end up installing a PUA without thought. Can I setup ESET to automatically block installations and quarantine them on spot? Note: I understand that Utorrent may not be considered a PUA in itself, but the bundled toolbars/programs are. I used Utorrent as an example in this this situation because I know it is heavily bloated with toolbars/programs and tries to install them in confusing ways (ex: I agree, disagree buttons instead of check marks). How can I auto-decided on programs like this or other ones that may be strictly PUAs? Edited February 3, 2014 by mar122999 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,082 Posted February 3, 2014 Administrators Share Posted February 3, 2014 Perhaps if you choose strict cleaning, you will no longer be asked for an action. However, with strict cleaning any detected files will be removed automatically, be it patched or infected system files or archives containing also clean files besides malware. Link to comment Share on other sites More sharing options...
Arakasi 549 Posted February 3, 2014 Share Posted February 3, 2014 As Marcos stated, IF your clients are downloading legitimate programs that are bundled with PUA's. The entire package, including legitimate software, will be deleted. If you take steps to No Action on the web catch, then run the installer, ESET can be used to block the install of PUA using the Real-time module, but allow the legitimate, similar to a filter. Thanks mar Link to comment Share on other sites More sharing options...
mar122999 1 Posted February 4, 2014 Author Share Posted February 4, 2014 Sounds great! Thanks for the replies! Link to comment Share on other sites More sharing options...
siljaline 57 Posted February 10, 2014 Share Posted February 10, 2014 It's the bloat in your new Torrenting software that is causing the PUA flags.If you must Torrent, use an older less bloated versionUnderstand the impact and holes the software allows through your firewall. Link to comment Share on other sites More sharing options...
siljaline 57 Posted February 10, 2014 Share Posted February 10, 2014 Restore your Firewall settings to defaults once done. Link to comment Share on other sites More sharing options...
jadinolf 131 Posted February 10, 2014 Share Posted February 10, 2014 First, I like the strong stance on PUAs It does a wonderful job. Another reason for choosing NOD32 Antivirus. Link to comment Share on other sites More sharing options...
siljaline 57 Posted February 11, 2014 Share Posted February 11, 2014 What is OpenCandy and why does it trigger a threat warning Applications know to use OpenCandy Link to comment Share on other sites More sharing options...
mar122999 1 Posted February 13, 2014 Author Share Posted February 13, 2014 (edited) I've tested some AV's over the past month fairly extensively for non-critical w/ some critical PUAs w/ PUA detection on in respective software: Low, Medium, High scale for PUA detection: Bitdefender IS: Low Lavasoft AV Free: Low Bitdefender Free: Low Webroot WSA: Low Norton IS: Low Kaspersky IS: Low, Medium Trend Micro IS: Low Avast Free: Low, Medium AVG Free: Low Baudi AV Free: Low Quihoo 360: Low Avira Free and IS: Low NOD32 AV and IS: High I did not treat these tests as a lab experiment (recording findings...etc). I only performed a test for myself so I could choose the best PUA detection AV software for me and my clients. I downloaded 30 or so known PUA wrapped software + known critical PUA links during these tests (web block test + download/install). These tests are geared towards detecting PUAs. Not malware. Overall, it seems many manufacturers shy away from flagging many PUAs. I'm not sure exactly why. I really appreciate ESET's strong stance against PUAs. PUAs are a hugh problem nowdays and ESET did a wonderful job detecting these AND filtering them when needed. Great Job ESET! I understand FREE software does need to have an income to support the devs work, but most of the PUAs have gone too far. Not only that, but adware/PUAs cannot be classified similar to the Android OS (someone else made this comparison in another board/article). The majority of Android adware does not do nearly as much damage (if any) as PC adware/PUA does (change homepages, use CPU usage, add toolbars, ...and the list goes on). Edited February 13, 2014 by mar122999 Link to comment Share on other sites More sharing options...
Arakasi 549 Posted February 13, 2014 Share Posted February 13, 2014 Emsisoft has a high if not equal stand against PUA's but as always, i prefer ESET. Link to comment Share on other sites More sharing options...
mar122999 1 Posted February 13, 2014 Author Share Posted February 13, 2014 Emsisoft has a high if not equal stand against PUA's but as always, i prefer ESET. I didn't test Emsisoft. I forgot about that one . I would rather go with ESET though due to cheaper prices found across the web + their name recognition. Link to comment Share on other sites More sharing options...
Recommended Posts