Jump to content

Financial Malware/Banking Mode

LabVIEW707

By LabVIEW707
in ESET NOD32 Antivirus

 Share

Recommended Posts

LabVIEW707

LabVIEW707 13

Posted
Posted

I have tried everything out there. WSA is a favorite to me. Its identity protection is top notch but its detection rate is pathetic. I downloaded a malware sample pack. WSA detected 7/31. Eset detected 31/31. F-Secure has a banking mode which prevents outside communication from entering your browser session. Bitdefender has safe pay. Both of those are nice features but suck the day lights out of your pc. My 3 favorite antiviruses are Avast,WSA and Eset. I am sticking with Eset. But my question is this. What does Eset do to watch over your financial translations? Sure its has one of the highest detection rates around but is there some sort of banking protection built in? Also most antiviruses has a browser plug in. Why doesn't Eset? Thanks. 

Link to comment
Share on other sites
LabVIEW707

LabVIEW707 13

Posted
  • Author
Posted (edited)

No it is not a gimmick. I guess you never used Bitdefenders Safe pay. It is a virtual environment browser. Avast also has a similar feature. Eset does have great phishing protection. Eset failed most of the banking tests from MRG Effitas. I am not talking about catching malware or phishing web sites through HTTP scanning. Using Linux is a great alternative.

Protecting your identity is extremely important in today's world. Keeping your browser sessions free from keylogger and hacking attacks is crucial. So again what is Eset's approach towards this? 

Edited by LabVIEW707
Link to comment
Share on other sites
Super_Spartan

Super_Spartan 56

Posted
Posted (edited)

No it is not a gimmick. I guess you never used Bitdefenders Safe pay. It is a virtual environment browser. Avast also has a similar feature. Eset does have great phishing protection. Eset failed most of the banking tests from MRG Effitas. I am not talking about catching malware or phishing web sites through HTTP scanning. Using Linux is a great alternative.

Protecting your identity is extremely important in today's world. Keeping your browser sessions free from keylogger and hacking attacks is crucial. So again what is Eset's approach towards this? 

Think of it, if you already have NOD32 installed, HIPS active, and your system is clean, what keylogger would come into play none! thus, making the banking mode just an extra bit of unncesary security. Been using NOD32 for 10 years with non of this banking mode bloat and never had a problem or any unknown transaction on my account or credit cards. just my 2 cents. Ill wait for some of staff here take over

 

I also use LastPass, thus, I never type a password

Edited by Tweak Arena
Link to comment
Share on other sites
LabVIEW707

LabVIEW707 13

Posted
  • Author
Posted (edited)

I use Chrome with Adguard,DoNotTrackMe and LastPass. Do you have HIPS in auto mode? Added MalwareBytes Anti-Exploit now that its out of beta. 

Edited by LabVIEW707
Link to comment
Share on other sites
Super_Spartan

Super_Spartan 56

Posted
Posted

I use Chrome with Adguard,DoNotTrackMe and LastPass. Do you have HIPS in auto mode? 

 

you are very well protected using those add-ons. HIPS is in Auto Mode yes you're right.

Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted (edited)

Hello, i would like to expand into this link when we had a discussion a while back regarding Kaspersky's Safe Money Environment:

https://forum.eset.com/topic/51-future-changes-to-eset-smart-security/page-6#entry10746

 

In addition this thread discusses Keyloggers:
https://forum.eset.com/topic/965-eset-and-keyloggers/?hl=%2Bwin32+%2Bkeylogger#entry8728

Aryeh mentions " ESET's software detects keyloggers using both conventional signatures (which detect many as part of the Win32\Keylogger family) and technologies like heuristics and HIPS. "

 

Having a virtual environment changes nothing. You will still be sending and receiving traffic on the same http port 80 or secure traffic port 443 inside your virtual environment.

 

Also as an added bonus, ESET detects exploits already. Check out this link for all the features of ESET :

hxxp://www.eset.com/int/about/technology/

 

Adding Quote :

 

 

Exploit Blocker is designed to fortify often exploited application types on users’ systems, such as web browsers, PDF readers, email client or MS office components. It adds another layer of protection by using a completely different technology, compared to techniques focusing on detection of malicious files themselves...

Instead, it monitors behavior of processes and watches for suspicious activities that are typical for exploits. When triggered, the suspicious behavior is analyzed and the threat might be blocked immediately on the machine. Certain suspicious activities are processed further in our cloud systems, which gives Exploit Blocker the potential to protect users against targeted attacks and previously unknown exploits, so called zero-day attacks.

 

Therefore, having Malwarebytes exploit application is redundant and may also cause application errors !!!

 

Regarding browser plug ins, those fall under the category of "potentially unwanted programs" ESET detects and removes bloatware like that. The only purpose they serve is to bloat.

 

Thanks for reading, good discussion LabVIEW707 !!!!

Edited by Arakasi
Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted

Also most antiviruses has a browser plug in. Why doesn't Eset? Thanks. 

Simply because they don't need to, ESET uses a better approach so the web protection works in all browsers. I actually avoid AV's using browser extentions or plug-ins for various reasons. The reason why ESET don't use them is one of the many reasons why I like it so much.

Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted

 

Also most antiviruses has a browser plug in. Why doesn't Eset? Thanks. 

Simply because they don't need to, ESET uses a better approach so the web protection works in all browsers. I actually avoid AV's using browser extentions or plug-ins for various reasons. The reason why ESET don't use them is one of the many reasons why I like it so much.

 

 

They're bloatware Swex lol !! :rolleyes:

Link to comment
Share on other sites
LabVIEW707

LabVIEW707 13

Posted
  • Author
Posted (edited)

I was speaking more along the lines of a web site reputation browser add-on. Something like WOT. I will uninstall MalwareBytes Anti-Exploit. I did not see any exploit setting under advanced settings. Hitman Pro.Alert is also very good. I cannot remove anything but a "alerts" you when your browser has been comprised. Malware has evolved. Its not all about destroying your pc. Now a days its all about how much info can we steal from you. I was a huge fan of Webroot cause a lot of banks recommend it. But it fails it most testing. It seems to not detect 70% of malware. But if you ask Webrrot experts they say "WSA works differently then traditional av's". Well I do not feel safe using it anymore. No I am not bashing WSA. I actually still prefer it. I used Eset way back in the day but not until lately have I given it another try. F-Secure runs 8 processes adding up to a whopping 400MB. Thats absurd. Right now Eset is using roughly around 102MB. Thanks for the replies. I guess I could just add Sandboxie. But I hate running too many things. I was more concerned about identity protection more then anything. I am fully aware that WSA is made to run along side any antivirus. But I try to stay clear of things like that. Anyone else running WSA and Eset together?

Edited by LabVIEW707
Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted

Sure if you like services like WOT then just install their add-on in your browser. I personally don't want any of that in the product.

Yes you could also use Sandboxie if you want, you could use that as your "banking mode" as well.

 

My PC is clean from malware including keyloggers and I connect to the bank via HTTPS that's all I need to know.

 

Now, I am not bashing Kaspersky, but here is very good example why I dislike browser extentions, plugins, add-ons or whatever so much in an AV.

 

https://www.wilderssecurity.com/threads/firefox-30-kaspersky-add-ons.364970/

Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted

 

 

Also most antiviruses has a browser plug in. Why doesn't Eset? Thanks. 

Simply because they don't need to, ESET uses a better approach so the web protection works in all browsers. I actually avoid AV's using browser extentions or plug-ins for various reasons. The reason why ESET don't use them is one of the many reasons why I like it so much.

 

 

They're bloatware Swex lol !! :rolleyes:

 

Agreed  ;)

Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted (edited)

What about Hitman Pro.Alert? 

Yes it should work fine.

 

I don't use it myself, but i've seen a few ESET users that uses it without problems, so you should be able to use it together with ESET just fine if you like. If you get incompatibility problems then it's best to contact SurfRight about it to let them know so they can fix it as it's supposed to be compatible with all AV's. "Compatible with all antivirus programs and runs alongside any other security software."

Edited by SweX
Link to comment
Share on other sites
GreyGhost

GreyGhost 9

Posted
Posted

Hello, i would like to expand into this link when we had a discussion a while back regarding Kaspersky's Safe Money Environment:

https://forum.eset.com/topic/51-future-changes-to-eset-smart-security/page-6#entry10746

 

In addition this thread discusses Keyloggers:

https://forum.eset.com/topic/965-eset-and-keyloggers/?hl=%2Bwin32+%2Bkeylogger#entry8728

Aryeh mentions " ESET's software detects keyloggers using both conventional signatures (which detect many as part of the Win32\Keylogger family) and technologies like heuristics and HIPS. "

 

Having a virtual environment changes nothing. You will still be sending and receiving traffic on the same http port 80 or secure traffic port 443 inside your virtual environment.

 

Also as an added bonus, ESET detects exploits already. Check out this link for all the features of ESET :

hxxp://www.eset.com/int/about/technology/

 

Adding Quote :

 

 

Exploit Blocker is designed to fortify often exploited application types on users’ systems, such as web browsers, PDF readers, email client or MS office components. It adds another layer of protection by using a completely different technology, compared to techniques focusing on detection of malicious files themselves...

Instead, it monitors behavior of processes and watches for suspicious activities that are typical for exploits. When triggered, the suspicious behavior is analyzed and the threat might be blocked immediately on the machine. Certain suspicious activities are processed further in our cloud systems, which gives Exploit Blocker the potential to protect users against targeted attacks and previously unknown exploits, so called zero-day attacks.

 

Therefore, having Malwarebytes exploit application is redundant and may also cause application errors !!!

 

Regarding browser plug ins, those fall under the category of "potentially unwanted programs" ESET detects and removes bloatware like that. The only purpose they serve is to bloat.

 

Thanks for reading, good discussion LabVIEW707 !!!!

Eset's exploit protection is not that great.  See:  www.av-test.org/fileadmin/pdf/reports/AV-TEST_XP_Exploit_Test_April_2014.pdf

Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted (edited)

 

Hello, i would like to expand into this link when we had a discussion a while back regarding Kaspersky's Safe Money Environment:

https://forum.eset.com/topic/51-future-changes-to-eset-smart-security/page-6#entry10746

 

In addition this thread discusses Keyloggers:

https://forum.eset.com/topic/965-eset-and-keyloggers/?hl=%2Bwin32+%2Bkeylogger#entry8728

Aryeh mentions " ESET's software detects keyloggers using both conventional signatures (which detect many as part of the Win32\Keylogger family) and technologies like heuristics and HIPS. "

 

Having a virtual environment changes nothing. You will still be sending and receiving traffic on the same http port 80 or secure traffic port 443 inside your virtual environment.

 

Also as an added bonus, ESET detects exploits already. Check out this link for all the features of ESET :

hxxp://www.eset.com/int/about/technology/

 

Adding Quote :

 

 

Exploit Blocker is designed to fortify often exploited application types on users’ systems, such as web browsers, PDF readers, email client or MS office components. It adds another layer of protection by using a completely different technology, compared to techniques focusing on detection of malicious files themselves...

Instead, it monitors behavior of processes and watches for suspicious activities that are typical for exploits. When triggered, the suspicious behavior is analyzed and the threat might be blocked immediately on the machine. Certain suspicious activities are processed further in our cloud systems, which gives Exploit Blocker the potential to protect users against targeted attacks and previously unknown exploits, so called zero-day attacks.

 

Therefore, having Malwarebytes exploit application is redundant and may also cause application errors !!!

 

Regarding browser plug ins, those fall under the category of "potentially unwanted programs" ESET detects and removes bloatware like that. The only purpose they serve is to bloat.

 

Thanks for reading, good discussion LabVIEW707 !!!!

Eset's exploit protection is not that great.  See:  www.av-test.org/fileadmin/pdf/reports/AV-TEST_XP_Exploit_Test_April_2014.pdf

 

 

Sorry Greyghost, but thank you for your reply.

 

Commissioned by Qihhoo 360 ?? They are dunganees.

 

Don't get me started on Testing companies, where money is being thrown in the background to make other companies higher on the list.

I'm not digging around for the last testing company who accepted money to bring companies to the top of their testing. Just know it has happened.

 

Also, a test performed only on Windows XP ? A retired OS that everyone needs to quit using and will no longer receive any credibility?

 

If your concerned about only exploits.

Download and install EMET, not some third party exploit protection.

 

Note: I like Malwarebytes and use their standard product.

Edited by Arakasi
Link to comment
Share on other sites
GreyGhost

GreyGhost 9

Posted
Posted

 

 

Hello, i would like to expand into this link when we had a discussion a while back regarding Kaspersky's Safe Money Environment:

https://forum.eset.com/topic/51-future-changes-to-eset-smart-security/page-6#entry10746

 

In addition this thread discusses Keyloggers:

https://forum.eset.com/topic/965-eset-and-keyloggers/?hl=%2Bwin32+%2Bkeylogger#entry8728

Aryeh mentions " ESET's software detects keyloggers using both conventional signatures (which detect many as part of the Win32\Keylogger family) and technologies like heuristics and HIPS. "

 

Having a virtual environment changes nothing. You will still be sending and receiving traffic on the same http port 80 or secure traffic port 443 inside your virtual environment.

 

Also as an added bonus, ESET detects exploits already. Check out this link for all the features of ESET :

hxxp://www.eset.com/int/about/technology/

 

Adding Quote :

 

 

Exploit Blocker is designed to fortify often exploited application types on users’ systems, such as web browsers, PDF readers, email client or MS office components. It adds another layer of protection by using a completely different technology, compared to techniques focusing on detection of malicious files themselves...

Instead, it monitors behavior of processes and watches for suspicious activities that are typical for exploits. When triggered, the suspicious behavior is analyzed and the threat might be blocked immediately on the machine. Certain suspicious activities are processed further in our cloud systems, which gives Exploit Blocker the potential to protect users against targeted attacks and previously unknown exploits, so called zero-day attacks.

 

Therefore, having Malwarebytes exploit application is redundant and may also cause application errors !!!

 

Regarding browser plug ins, those fall under the category of "potentially unwanted programs" ESET detects and removes bloatware like that. The only purpose they serve is to bloat.

 

Thanks for reading, good discussion LabVIEW707 !!!!

Eset's exploit protection is not that great.  See:  www.av-test.org/fileadmin/pdf/reports/AV-TEST_XP_Exploit_Test_April_2014.pdf

 

 

Sorry Greyghost, but thank you for your reply.

 

Commissioned by Qihhoo 360 ?? They are dunganees.

 

Don't get me started on Testing companies, where money is being thrown in the background to make other companies higher on the list.

I'm not digging around for the last testing company who accepted money to bring companies to the top of their testing. Just know it has happened.

 

Also, a test performed only on Windows XP ? A retired OS that everyone needs to quit using and will no longer receive any credibility?

 

If your concerned about only exploits.

Download and install EMET, not some third party exploit protection.

 

Note: I like Malwarebytes and use their standard product.

 

Don't like the result? Discredit the test and the testing orgainztion.  Standard practice. Other AVs did well.  Why not Eset?

Nothing wrong with XP.  Using XP is a good way to test exploit protection.

Link to comment
Share on other sites
LabVIEW707

LabVIEW707 13

Posted
  • Author
Posted

Using XP for testing is so yesterday. If you are using XP then nothing can save you. EMET has issues with Chromes sandbox. Let's not get out of hand here. My question was about financial malware and identity protection. MalwareBytes Anti-Exploit is a very good program. 

Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted (edited)

I know their beta testing has been going for a while. Which i had enough errors with applications to take it off my computer.

I tested their exploit program months ago.

It is way too new to say its an awesome program. Let's see how it does for the year first.

 

I stand firmly by my first post before the hog wash testing came into play.

" You don't need any other exploit protection if your running ESET software, it does a fine job with Live Grid, heuristics, as well as the exploit signatures implanted "

Live results and scenarios have always ALWAYS trumped testing environments, poised at directing trade and business to vendors.

Edited by Arakasi
Link to comment
Share on other sites
GreyGhost

GreyGhost 9

Posted
Posted (edited)

Malwarebytes Anti-Exploit is a nice program which fills in the holes in Eset's exploit detection.

Edited by GreyGhost
Link to comment
Share on other sites
Arakasi

Arakasi 549

Posted
Posted

Malwarebytes Anti-Exploit is a nice program which fills in the holes in Eset's exploit detection.

 

Well lets just see what kind of holes it fills ? :)

 

Please provide said holes, and i am almost sure ESET will patch and protect these missing "holes" if possible and plausible.

It's okay to post in this thread regarding the weaknesses you find in ESET Security. Moderators read and respond on these exact kind of issues. :wub:

We may be able to add protection to an already proven and trusted security software ! :D

Link to comment
Share on other sites
GreyGhost

GreyGhost 9

Posted
Posted

 

Malwarebytes Anti-Exploit is a nice program which fills in the holes in Eset's exploit detection.

 

Well lets just see what kind of holes it fills ? :)

 

Please provide said holes, and i am almost sure ESET will patch and protect these missing "holes" if possible and plausible.

It's okay to post in this thread regarding the weaknesses you find in ESET Security. Moderators read and respond on these exact kind of issues. :wub:

We may be able to add protection to an already proven and trusted security software ! :D

 

You're right. Eset catches 100% of malware.  Eset makes having a layered approach meaningless. You should also tell users of Eset not to run Malwarebytes Anti-Malware concurrently since Eset catches everything.

Link to comment
Share on other sites
GreyGhost

GreyGhost 9

Posted
Posted (edited)

Wouldn't think of it.  Exploit protection was mentioned several times by multiple members before I responded in this thread.

Edited by GreyGhost
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...