Jump to content

Recommended Posts

Hello,
I want to ask, I updated to a new version of Eset Internet Security 13.2.14.0 via update.
After the update, when I check all disks (depth scan), it constantly scans about 2000 files - the same.
I noticed new entries (WMI database and system registry).
I want to ask if the version missed through the update that is not debugged, in which case I should do a clean installation of ESET.
thank you for answer

01.png.afdb90d56a0703acbe4f5afd2f787275.png02.png.d8e6b060d6318e330ab91a3b8b3b6b6b.png

Link to comment
Share on other sites

Interesting.

I didn't notice those two new scan options in ver. 13.2.14. I would have assumed in the past, Eset was scanning the registry and WMI database for malware. Guess not ..........🙄

Edited by itman
Link to comment
Share on other sites

  • Administrators
2 minutes ago, itman said:

Eset was scanning the registry and WMI database for malware. Guess not ..........🙄

Not via the on-demand scanner. The registry and WMI are now part of the on-demand scanner targets setup.

Link to comment
Share on other sites

5 minutes ago, Marcos said:

Not via the on-demand scanner.

This does beg the question about real-time scanning. Attacker modifies registry/WMI database and drops malware there. If it runs prior to an On-Demand scan, are you nailed?

Edited by itman
Link to comment
Share on other sites

  • Administrators

Real-time protection scans only files. Other system areas are protected by other protection modules.

Link to comment
Share on other sites

2 hours ago, ReDy said:

After the update, when I check all disks (depth scan), it constantly scans about 2000 files - the same.
I noticed new entries (WMI database and system registry).

Assumed is the scan counts shown on the On Demand are for stand-alone files. The registry is composed of 4 or 5 "hIve" files and I believe the WMI database is considered one big file physically.

Link to comment
Share on other sites

4 minutes ago, Marcos said:

Other system areas are protected by other protection modules

That leaves the HIPS protecting the registry .............. My existing custom rules there to prevent registry mods. stay in place.

Link to comment
Share on other sites

2 minutes ago, Purpleroses said:

How do we get the new version?

If you don't want to wait, switch to pre-release updates. That's what I am running.

Link to comment
Share on other sites

  • Administrators
3 minutes ago, Purpleroses said:

How do we get the new version?

Currently by switching to the pre-release update channel.

Link to comment
Share on other sites

38 minutes ago, Marcos said:

Currently by switching to the pre-release update channel.

I am on the regular channel and I got the update today.

Is that a bug?

Edited by razorfancy
Link to comment
Share on other sites

So what does this new registry scanner look for? Potential malicious changes made by malwares like Malwarebytes or less effective than that? Will this also be integrated into ESET's removal engine? As of now, ESET's real time protection don't look for registry modifications made by malwares at the time of removal. 

Link to comment
Share on other sites

  • Administrators

We've have a registry scanner incorporated in products for years. Now the registry and WMI have just been added as a target in the on-demand scanner.

Link to comment
Share on other sites

I ran an On Demand scan as Admin using new Registry and WMI databased option. Appears its using both Registry and WMI references to scan associated files. Total files scan was approx. 35K on my Win 10 1909 build. Problem is many of those files are locked by the OS preventing a scan of them.

Edited by itman
Link to comment
Share on other sites

  • Administrators
10 hours ago, itman said:

Total files scan was approx. 35K on my Win 10 1909 build. Problem is many of those files are locked by the OS preventing a scan of them.

We plan to optimize this so that only existing files are scanned.

Link to comment
Share on other sites

  • ESET Insiders

As some are saying that they've got this update even in reguler channel so is this version pre-release or the stable version? Also any installer download link available yet with changelog?

Link to comment
Share on other sites

  • Administrators
2 minutes ago, SM03 said:

As some are saying that they've got this update even in reguler channel so is this version pre-release or the stable version? Also any installer download link available yet with changelog?

V13.2.14 is currently available only from the pre-release update channel (some users with regular updates might have received it as well). It's going to be officially released next week.

Link to comment
Share on other sites

  • ESET Insiders
1 minute ago, Marcos said:

V13.2.14 is currently available only from the pre-release update channel (some users with regular updates might have received it as well). It's going to be officially released next week.

OK, thanks for confirming.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...