Jump to content

Do Threatsense parameters always scan for dropdowns?


Recommended Posts

You might think it's the same issue but in my question I was told to just leave ESET at the defaults. I am asking this: When we enable runtime packers and boot sectors/UEFI in Eset's threatsense parameters, I'm asking if ESET's threatsense parameters always scan those selected locations without stopping and without background scanning like a real-time file protection system. But you told me to leave it at default. can you help with this issue?

@Peter Randziak @Minimalist

Edited by just
Link to comment
Share on other sites

  • Administrators

Enabling runtime packers may have adverse effect on performance since files that are accessed would be unpacked on each access.  You can try enabling it but be prepared to disable it in case of performance issues.

Enabling boot sector scanning will scan boot sectors on access.

The above explains it all, there's virtually nothing to add.

Link to comment
Share on other sites

1 hour ago, Marcos said:

Enabling runtime packers may have adverse effect on performance since files that are accessed would be unpacked on each access.  You can try enabling it but be prepared to disable it in case of performance issues.

Enabling boot sector scanning will scan boot sectors on access.

The above explains it all, there's virtually nothing to add.

What do you mean by accessing? Doesn't the system and ESET access it every time it's turned on? @Marcos

Link to comment
Share on other sites

  • Most Valued Members
11 hours ago, just said:

What do you mean by accessing? Doesn't the system and ESET access it every time it's turned on? @Marcos

As people have mentioned in every other post boot sectors are scanned when something tries to access it. You scan manually scan them as far as I know but what I presume this means is when not running a manual scan boot sectors will only be scanned when something accesses it

Link to comment
Share on other sites

15 hours ago, peteyt said:

As people have mentioned in every other post boot sectors are scanned when something tries to access it. You scan manually scan them as far as I know but what I presume this means is when not running a manual scan boot sectors will only be scanned when something accesses it

What do you mean when something tries to access it? I installed ESET afterwards and if there is no access after being infected, can't it scan? @peteyt

Link to comment
Share on other sites

1 hour ago, just said:

I installed ESET afterwards and if there is no access after being infected, can't it scan?

How do you know that you are infected with UEFI/boot sector malware?

Link to comment
Share on other sites

42 minutes ago, itman said:

How do you know that you are infected with UEFI/boot sector malware?

I suspect. Is there anything I can be absolutely sure it is infected with or something I can be absolutely sure it is not?

Link to comment
Share on other sites

  • Most Valued Members
2 hours ago, just said:

What do you mean when something tries to access it? I installed ESET afterwards and if there is no access after being infected, can't it scan? @peteyt

What I mean is if something tries to access it eset will see the attempt and scan. It will not constantly scan.

13 minutes ago, just said:

I suspect. Is there anything I can be absolutely sure it is infected with or something I can be absolutely sure it is not?

As I posted every time you posted this, the chances are slim. What makes you think you are infected? 

As I also posted, flash it which will remove any malware if there. If you are that worried why not do this and then you'll know for sure. But the chance is if Eset is not detecting anything then you are fine.

Link to comment
Share on other sites

2 hours ago, just said:

Is there anything I can be absolutely sure it is infected with or something I can be absolutely sure it is not?

No AV product will 100% guaranty that it can detect all malware in existence at any given time.

The above said, refer to this Eset KB article: https://support.eset.com/en/kb6567-you-receive-an-eset-uefi-detection . Next, search the Eset forum using the keyword "Computrace." You will see multiple postings rendered. Bottom line - Eset will detect UEFI/BIOS malware w/o any special interaction on your part if it has a signature for the malware.

Link to comment
Share on other sites

3 hours ago, peteyt said:

What I mean is if something tries to access it eset will see the attempt and scan. It will not constantly scan.

As I posted every time you posted this, the chances are slim. What makes you think you are infected? 

As I also posted, flash it which will remove any malware if there. If you are that worried why not do this and then you'll know for sure. But the chance is if Eset is not detecting anything then you are fine.

Ok but I downloaded ESET after I thought it was infected, so if there was no access later it wouldn't run a scan and continue stealing data before it was found?

1 hour ago, itman said:

No AV product will 100% guaranty that it can detect all malware in existence at any given time.

The above said, refer to this Eset KB article: https://support.eset.com/en/kb6567-you-receive-an-eset-uefi-detection . Next, search the Eset forum using the keyword "Computrace." You will see multiple postings rendered. Bottom line - Eset will detect UEFI/BIOS malware w/o any special interaction on your part if it has a signature for the malware.

Can't Threatsense find viruses in boot partitions/UEFI whose parameters are not in ESET's signature but that do malicious activity? @itman @peteyt

Link to comment
Share on other sites

14 minutes ago, just said:

Can't Threatsense find viruses in boot partitions/UEFI whose parameters are not in ESET's signature but that do malicious activity?

No.

Your primary protection mechanism in Win 10/11 against bootkits that can reside in the BIOS MBR or UEFI is the Win Secure boot option. Additionally, Eset is phasing in firmware based protection for select Intel CPU versions that will further enhance detection of this type of malware: https://support.eset.com/en/kb8336-intel-threat-detection-technology-tdt-supported-processors

Link to comment
Share on other sites

36 minutes ago, itman said:

No.

Your primary protection mechanism in Win 10/11 against bootkits that can reside in the BIOS MBR or UEFI is the Win Secure boot option. Additionally, Eset is phasing in firmware based protection for select Intel CPU versions that will further enhance detection of this type of malware: https://support.eset.com/en/kb8336-intel-threat-detection-technology-tdt-supported-processors

Ok thanks.

Well, it's not about that, but I want to ask a question that I can't find the answer to:

 I would like to say that at first I did not ask this with any malicious intent, but because I was suspicious. When the identity number is stolen, I think it is possible to open a company with the identity number, etc. I know that it can be used in many things, such as when someone's ID number is stolen, can the transactions made with it (such as opening a company again, etc.) be hidden from the owner of the ID number and it can be ensured that the owner of the ID number does not know about this?

I would be glad if you answer. @itman

 

Link to comment
Share on other sites

As far as identity theft monitoring, you would have to subscribe to a service that monitors for fraud activity such as Norton Lifelock: https://www.nortonlifelock.com/us/en/  or one of the vendors  who offer similar services.

In the case of a company security breach where customer PII data is stolen, the company many times will provide free fraud monitoring service for a predetermined period of time.

Link to comment
Share on other sites

29 minutes ago, itman said:

As far as identity theft monitoring, you would have to subscribe to a service that monitors for fraud activity such as Norton Lifelock: https://www.nortonlifelock.com/us/en/  or one of the vendors  who offer similar services.

In the case of a company security breach where customer PII data is stolen, the company many times will provide free fraud monitoring service for a predetermined period of time.

So, when there is no subscription, is it possible to hide the things done with this ID number to the owner of the ID number or to make sure that he does not know about it? @itman

Edited by just
Link to comment
Share on other sites

2 hours ago, just said:

So, when there is no subscription, is it possible to hide the things done with this ID number to the owner of the ID number or to make sure that he does not know about it?

Unfortuately, no. Identify threat is one of your worst nightmares. In the case of a gov. id number compromise, the only solution is to get the old number cancelled and a new one issued to you.

Also this topic is out of scope for this forum. You can search the web on this issue.

Link to comment
Share on other sites

9 hours ago, itman said:

Unfortuately, no. Identify threat is one of your worst nightmares. In the case of a gov. id number compromise, the only solution is to get the old number cancelled and a new one issued to you.

Also this topic is out of scope for this forum. You can search the web on this issue.

When you say no, what is done from the stolen person cannot be hidden, right? I know it doesn't fit in this forum but I've been searching but can't find it @itman

Link to comment
Share on other sites

  • Marcos locked this topic
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...