Advice Request ESET IS 10 with HMPA and Emsisoft AntiMalware

Please provide comments and solutions that are helpful to the author of this topic.

Status
Not open for further replies.

Rebsat

Level 6
Verified
Well-known
Apr 13, 2014
254
@Lockdown Bro, please note that I don't care about all the features of EIS except its Antispam feature which is rated as the best Antispam among all AVs. I tested Antispam of EIS 10 and it truly catches any spam email coming into my Microsoft Outlook. Could our Emsisoft developers let us know how the Antispam protection is in EAM compare to other AVs? Thanks @Umbra
 
  • Like
Reactions: shukla44
5

509322

Protecting the same program in multiple security softs using similar protection mechanisms is a surefire way to encounter protection conflicts and breakages.

This has been discussed repeatedly but knuckleheads who are intent upon piling softs on top of each other refuse to accept reality.

In the end, it is you guys who are just going to break your own security.

And it is up to the user to test that combos work and protections aren't broken - not the vendors'.
 
D

Deleted member 178

@Lockdown Bro, please note that I don't care about all the features of EIS except its Antispam feature which is rated as the best Antispam among all AVs. I tested Antispam of EIS 10 and it truly catches any spam email coming into my Microsoft Outlook. Could our Emsisoft developers let us know how the Antispam protection is in EAM compare to other AVs? Thanks @Umbra
EIS is no more, so there is nothing much to say :)
 

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
Some users reported issues but i did use it without any problem between them (exclusions set).
Note that i didn't install the latest beta of HMPA which was buggy and created some minor issues on my side (unrelated with EAM).
Im waiting the next beta tomorrow.
I hope we are talking of the same HMPA version

I'm referring to the v3.6.7 not the upcoming v3.7

If you are talking of exclusions between HMPA v3.6.7 and EAM then what exclusions are you referring to? Disabling the ransomware feature in one which is common to both? Like to share the exclusions?

:rolleyes:
 

Rebsat

Level 6
Verified
Well-known
Apr 13, 2014
254
I was wondering, since EAM has no Antispam module. Guess that I just received a spam email and it's in my Outlook inbox. I clicked the malicious link inside the spam email. What is gonna happen? Will EAM BB pop up a window box immediately and asking me to Block it? or there will not be a window box to pop up since EAM doesn't have any Antispam module... Finally, Will my system be compromised right after executing the malicious file or EAM won't let it to run on the system by using different protection components: BB, Anti-Malware Network, Real-time File Guard and Anti-Ransomware. Thank you for answering me
 
Last edited:
D

Deleted member 65228

I was wondering, since EAM has no Antispam module. Guess that I just received a spam email and it's in my Outlook inbox. I clicked the suspicious link inside the spam email. What is gonna happen? Will EAM BB pop up a window box immediately and asking me to Block it? or there will not a window box to pop up since EAM doesn't have any Antispam module... Thank you for answering me
It depends.

#1 - If the link directs you to a malicious host which will be detected by the Surf Protection (if it is enabled), then the connection will be stopped.
#2 - If the link results in a download and you go through with it then the real-time protection (if it is enabled) will intervene if it is detected statically (e.g. signatures, static heuristics, or for another reason).
#3 - If #2 and it is not detected and quarantined, and you run it (e.g. executable), the BB will intervene (if it is enabled) if anything within its monitoring scope is triggered. Dynamic mitigations aren't full-proof though so giving an attacker a chance by allowing malicious code to execute in the first place regardless of what dynamic protection you have is a risk which should be avoided if possible... By just not running anything unless you are certain it is clean and trusted.

It depends on what protection components are enabled, your configuration, and the outcome from the spam content. It might be broken spam, directing you to a dead host, etc. Or, it might redirect you to a malicious host serving a download for malware. You never know.

Just because there is no "Anti-Spam" module doesn't mean that anything originating from the spam content won't be stopped. That doesn't mean everything originated from spam content will be stopped.

The best thing you can do is... Delete the spam e-mail and ignore it. That is the non-click happy and safe thing to do. Instead of risking it pointlessly and potentially becoming infected.
 
Last edited by a moderator:

Rebsat

Level 6
Verified
Well-known
Apr 13, 2014
254
Thanks bro for your explanation with good details @Opcode (y):)

Questions:
1. What is the difference between the content of a malicious link coming from a spam email into Gmail or Outlook and the content of a malicious link coming from a malware hosted sites?
2. Is it correct to say that any malicious links inside any spam emails are redirecting to malware form?
Thank you very much brothers @Umbra @Lockdown @Opcode
 
Last edited:
D

Deleted member 65228

What is the difference between the content of a malicious link coming from a spam email into Gmail or Outlook and the content of a malicious link coming from a malware hosted sites?
I don't really understand what you mean?

A malicious link is a link which is pointed to a malicious website. A website holding downloads to malicious software is a malicious website, and therefore a link pointing to a malicious website which holds downloads to malicious software is a malicious link.

As an example, if you get an email from someone telling you that you need to update your account information for a website you have an account on (the e-mail might even be spoofed to help social engineer you) and it contains a link which directs you to a webpage with fields for you to input information, the submitted information will be forwarded back to the attacker/s. This is called phishing. The link would be malicious, because the intent is malicious (to steal your information through social engineering, trick you into believing that you are handing over information to someone you are not - sensitive and private information). This can lead to someone else signing into your account/s or selling your information, which leads to a wide variety of other outcomes. As well as the link being malicious (you can say the email is too because the intent is malicious altogether), the email is also spam.

Phishing is not actually exclusive to online webpages to steal your information or only spread through e-mail. Phishing can be performed from software-level as well (e.g. via malicious software), but it is a lot less common these days because attackers know that the more steps required (user intervention based) will reduce the chances of them successfully stealing information from someone via phishing. An example of software for phishing would be a program designed to show the user a login for a service the malware author does not own with the hope they will enter their login credentials from the interface of the program, so these credentials can be sent back to the attacker. More often than not, when these phishing attempts (software-based) were a lot more prevalent (usually luring people in who wanted to "hack" games), they were usually developed in a managed language (e.g. C#.NET or VB.NET) and would typically rely on e-mail to send back the attacker the stolen credentials. YouTube used to be a good source of finding new samples for this sort of thing back in the day because attackers would market tools like this as "Free PayPal money hacks" or similar, but I am not sure if such phishing programs are still prevalent that much... I doubt it though.

You could label such tools as a "Password Stealer" instead though. E.g. Trojan.PW or Trojan.PasswordStealer, whatever floats your boat.

To explain it in the most easiest form:
A malicious link is any link which takes you to a malicious website. You can click on a link which will redirect you elsewhere (which happens to be a destination containing malicious content), and that initial link will also be "malicious" in my opinion since it was designed to redirect you to a different place which is malicious. The malicious link may try to steal information from you or provide you malicious downloads... Anything with malicious intent would count.

Spam definition:
Irrelevant or unsolicited messages sent over the Internet, typically to a large number of users, for the purposes of advertising, phishing, spreading malware, etc.
Source: spam | Definition of spam in English by Oxford Dictionaries

Malicious definition:
Source: malicious Meaning in the Cambridge English Dictionary

Using the example I made above, the message sent to me (if I am the person targeted from my example) via e-mail is irrelevant as well as unsolicited, but also has malicious intent due to the malicious link in the spam email which would take me to a malicious web-page so the attacker can try and steal information from me.

I hope this explanation was good enough for you to understand. :)
 
Last edited by a moderator:
F

ForgottenSeer 58943

I want ALL 3 together. The title says very clearly

This is the clearest example of security theater I have seen here yet. No offence, but this is the kind of thing people at Wilders or DSLReports attempt.

Stacking more and more products won't improve security, it will lesson it. In this case, it will probably BREAK the machine.

HMP-A plus 'Any' antivirus is more than sufficient.
 

BigWrench

Level 17
Verified
Top Poster
Well-known
Apr 13, 2014
845
@Lockdown Bro, please note that I don't care about all the features of EIS except its Antispam feature which is rated as the best Antispam among all AVs. I tested Antispam of EIS 10 and it truly catches any spam email coming into my Microsoft Outlook. Could our Emsisoft developers let us know how the Antispam protection is in EAM compare to other AVs? Thanks @Umbra

Yes, you are correct. ESET has a killer antispam module for Outlook. However, my ESET license expired recently and I installed (trial) KTS 18.0.0.405 (d)...THE D PATCH IS IMPORTANT FOR OUTLOOK, and actually like KTS better for antispam.(more tunable) . SpamFighter (recommended by EAM) is also killer!!!(y)
 

HarborFront

Level 71
Thread author
Verified
Top Poster
Content Creator
Oct 9, 2016
6,014
This is the clearest example of security theater I have seen here yet. No offence, but this is the kind of thing people at Wilders or DSLReports attempt.

Stacking more and more products won't improve security, it will lesson it. In this case, it will probably BREAK the machine.

HMP-A plus 'Any' antivirus is more than sufficient.
The important thing is the right compatible software to use. In my case, unfortunately, they don't work out.

Nothing serious. Just experiment with other combo till the right one is found :)
 
  • Like
Reactions: shukla44
D

Deleted member 178

Over-protection using


Less harsh doesn't work. It never has. It takes a lot to get someone's attention. Ask any of the security forum veterans.

It's not personal. It's not derogatory. It's not anything other than "Hey ! You're gonna break your security !!"
I agree, as ex-mod here, sometimes i have to use almost rude replies ( @shmu26 can confirm :p ), at first people felt offended but i think with time they thanks me :)
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top