just 1 Posted February 5, 2023 Share Posted February 5, 2023 (edited) You might think it's the same issue but in my question I was told to just leave ESET at the defaults. I am asking this: When we enable runtime packers and boot sectors/UEFI in Eset's threatsense parameters, I'm asking if ESET's threatsense parameters always scan those selected locations without stopping and without background scanning like a real-time file protection system. But you told me to leave it at default. can you help with this issue? @Peter Randziak @Minimalist Edited February 5, 2023 by just Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted February 5, 2023 Administrators Share Posted February 5, 2023 Enabling runtime packers may have adverse effect on performance since files that are accessed would be unpacked on each access. You can try enabling it but be prepared to disable it in case of performance issues. Enabling boot sector scanning will scan boot sectors on access. The above explains it all, there's virtually nothing to add. Link to comment Share on other sites More sharing options...
just 1 Posted February 5, 2023 Author Share Posted February 5, 2023 1 hour ago, Marcos said: Enabling runtime packers may have adverse effect on performance since files that are accessed would be unpacked on each access. You can try enabling it but be prepared to disable it in case of performance issues. Enabling boot sector scanning will scan boot sectors on access. The above explains it all, there's virtually nothing to add. What do you mean by accessing? Doesn't the system and ESET access it every time it's turned on? @Marcos Link to comment Share on other sites More sharing options...
just 1 Posted February 5, 2023 Author Share Posted February 5, 2023 Can you help me please? @Marcos Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 396 Posted February 5, 2023 Most Valued Members Share Posted February 5, 2023 11 hours ago, just said: What do you mean by accessing? Doesn't the system and ESET access it every time it's turned on? @Marcos As people have mentioned in every other post boot sectors are scanned when something tries to access it. You scan manually scan them as far as I know but what I presume this means is when not running a manual scan boot sectors will only be scanned when something accesses it Link to comment Share on other sites More sharing options...
just 1 Posted February 6, 2023 Author Share Posted February 6, 2023 15 hours ago, peteyt said: As people have mentioned in every other post boot sectors are scanned when something tries to access it. You scan manually scan them as far as I know but what I presume this means is when not running a manual scan boot sectors will only be scanned when something accesses it What do you mean when something tries to access it? I installed ESET afterwards and if there is no access after being infected, can't it scan? @peteyt Link to comment Share on other sites More sharing options...
itman 1,754 Posted February 6, 2023 Share Posted February 6, 2023 1 hour ago, just said: I installed ESET afterwards and if there is no access after being infected, can't it scan? How do you know that you are infected with UEFI/boot sector malware? Link to comment Share on other sites More sharing options...
just 1 Posted February 6, 2023 Author Share Posted February 6, 2023 42 minutes ago, itman said: How do you know that you are infected with UEFI/boot sector malware? I suspect. Is there anything I can be absolutely sure it is infected with or something I can be absolutely sure it is not? Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 396 Posted February 6, 2023 Most Valued Members Share Posted February 6, 2023 2 hours ago, just said: What do you mean when something tries to access it? I installed ESET afterwards and if there is no access after being infected, can't it scan? @peteyt What I mean is if something tries to access it eset will see the attempt and scan. It will not constantly scan. 13 minutes ago, just said: I suspect. Is there anything I can be absolutely sure it is infected with or something I can be absolutely sure it is not? As I posted every time you posted this, the chances are slim. What makes you think you are infected? As I also posted, flash it which will remove any malware if there. If you are that worried why not do this and then you'll know for sure. But the chance is if Eset is not detecting anything then you are fine. LesRMed 1 Link to comment Share on other sites More sharing options...
itman 1,754 Posted February 6, 2023 Share Posted February 6, 2023 2 hours ago, just said: Is there anything I can be absolutely sure it is infected with or something I can be absolutely sure it is not? No AV product will 100% guaranty that it can detect all malware in existence at any given time. The above said, refer to this Eset KB article: https://support.eset.com/en/kb6567-you-receive-an-eset-uefi-detection . Next, search the Eset forum using the keyword "Computrace." You will see multiple postings rendered. Bottom line - Eset will detect UEFI/BIOS malware w/o any special interaction on your part if it has a signature for the malware. Link to comment Share on other sites More sharing options...
just 1 Posted February 6, 2023 Author Share Posted February 6, 2023 3 hours ago, peteyt said: What I mean is if something tries to access it eset will see the attempt and scan. It will not constantly scan. As I posted every time you posted this, the chances are slim. What makes you think you are infected? As I also posted, flash it which will remove any malware if there. If you are that worried why not do this and then you'll know for sure. But the chance is if Eset is not detecting anything then you are fine. Ok but I downloaded ESET after I thought it was infected, so if there was no access later it wouldn't run a scan and continue stealing data before it was found? 1 hour ago, itman said: No AV product will 100% guaranty that it can detect all malware in existence at any given time. The above said, refer to this Eset KB article: https://support.eset.com/en/kb6567-you-receive-an-eset-uefi-detection . Next, search the Eset forum using the keyword "Computrace." You will see multiple postings rendered. Bottom line - Eset will detect UEFI/BIOS malware w/o any special interaction on your part if it has a signature for the malware. Can't Threatsense find viruses in boot partitions/UEFI whose parameters are not in ESET's signature but that do malicious activity? @itman @peteyt Link to comment Share on other sites More sharing options...
LesRMed 23 Posted February 6, 2023 Share Posted February 6, 2023 As has been said multiple times...flash your BIOS if you're that concerned about it. Link to comment Share on other sites More sharing options...
itman 1,754 Posted February 6, 2023 Share Posted February 6, 2023 14 minutes ago, just said: Can't Threatsense find viruses in boot partitions/UEFI whose parameters are not in ESET's signature but that do malicious activity? No. Your primary protection mechanism in Win 10/11 against bootkits that can reside in the BIOS MBR or UEFI is the Win Secure boot option. Additionally, Eset is phasing in firmware based protection for select Intel CPU versions that will further enhance detection of this type of malware: https://support.eset.com/en/kb8336-intel-threat-detection-technology-tdt-supported-processors Link to comment Share on other sites More sharing options...
just 1 Posted February 6, 2023 Author Share Posted February 6, 2023 36 minutes ago, itman said: No. Your primary protection mechanism in Win 10/11 against bootkits that can reside in the BIOS MBR or UEFI is the Win Secure boot option. Additionally, Eset is phasing in firmware based protection for select Intel CPU versions that will further enhance detection of this type of malware: https://support.eset.com/en/kb8336-intel-threat-detection-technology-tdt-supported-processors Ok thanks. Well, it's not about that, but I want to ask a question that I can't find the answer to: I would like to say that at first I did not ask this with any malicious intent, but because I was suspicious. When the identity number is stolen, I think it is possible to open a company with the identity number, etc. I know that it can be used in many things, such as when someone's ID number is stolen, can the transactions made with it (such as opening a company again, etc.) be hidden from the owner of the ID number and it can be ensured that the owner of the ID number does not know about this? I would be glad if you answer. @itman Link to comment Share on other sites More sharing options...
itman 1,754 Posted February 6, 2023 Share Posted February 6, 2023 As far as identity theft monitoring, you would have to subscribe to a service that monitors for fraud activity such as Norton Lifelock: https://www.nortonlifelock.com/us/en/ or one of the vendors who offer similar services. In the case of a company security breach where customer PII data is stolen, the company many times will provide free fraud monitoring service for a predetermined period of time. Link to comment Share on other sites More sharing options...
just 1 Posted February 6, 2023 Author Share Posted February 6, 2023 (edited) 29 minutes ago, itman said: As far as identity theft monitoring, you would have to subscribe to a service that monitors for fraud activity such as Norton Lifelock: https://www.nortonlifelock.com/us/en/ or one of the vendors who offer similar services. In the case of a company security breach where customer PII data is stolen, the company many times will provide free fraud monitoring service for a predetermined period of time. So, when there is no subscription, is it possible to hide the things done with this ID number to the owner of the ID number or to make sure that he does not know about it? @itman Edited February 6, 2023 by just Link to comment Share on other sites More sharing options...
itman 1,754 Posted February 7, 2023 Share Posted February 7, 2023 2 hours ago, just said: So, when there is no subscription, is it possible to hide the things done with this ID number to the owner of the ID number or to make sure that he does not know about it? Unfortuately, no. Identify threat is one of your worst nightmares. In the case of a gov. id number compromise, the only solution is to get the old number cancelled and a new one issued to you. Also this topic is out of scope for this forum. You can search the web on this issue. Link to comment Share on other sites More sharing options...
just 1 Posted February 7, 2023 Author Share Posted February 7, 2023 9 hours ago, itman said: Unfortuately, no. Identify threat is one of your worst nightmares. In the case of a gov. id number compromise, the only solution is to get the old number cancelled and a new one issued to you. Also this topic is out of scope for this forum. You can search the web on this issue. When you say no, what is done from the stolen person cannot be hidden, right? I know it doesn't fit in this forum but I've been searching but can't find it @itman Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted February 7, 2023 Administrators Share Posted February 7, 2023 Since everything on boot sector scanning has been said and the discussion has gone off-topic, we'll draw it to a close. LesRMed 1 Link to comment Share on other sites More sharing options...
Recommended Posts