Jump to content

Operating memory in Startup scan


Recommended Posts

If I turn off working memory in startup scan, what will not be detected?
For example, fileless malware, powershell scripting, DLL injection, etc.

setting.jpg.1b891ed049092379e20c30452bfb

Edited by rockman61
Link to comment
Share on other sites

  • Administrators

ESET can detect any kind of malware either on pre-execution or post-execution, e.g. via the registry scanner, Advanced memory scanner, script scanner, Deep Behavior Inspection, etc.

Link to comment
Share on other sites

I'm sorry, I didn't communicate well.
I understand that any malware in memory won't be detected when I turn off the operating memory in startup scan.

However, I would like to know more about the effect of turning off the operating memory in startup scan.
For example, ESET can not detect suspicious Powershell Scripting when turning off the operating memory in startup scan.

Please tell me more about the effect of turning off the operating memory.

Edited by rockman61
Link to comment
Share on other sites

  • Administrators

Probably it depends on a particular malware how it works. However, with other pre and post-execution protection modules enabled it's unlikely that malware would be running in memory. Still, we don't recommend disabling memory scanning. It should be quick and virtually unnoticeable.

Link to comment
Share on other sites

Examples of malware Eset can detect during the startup memory scan are MBR and UEFI based malware. Whereas these might be detected and execution blocked by Eset, they must be manually removed.

Edited by itman
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...