why is Eset is so easy to kill ?!

Discussion in 'ESET Smart Security' started by ESS_Lover, Aug 10, 2009.

Thread Status:
Not open for further replies.
  1. ESS_Lover

    ESS_Lover Registered Member

    Joined:
    Aug 4, 2009
    Posts:
    29
    Hi everybody
    we all know that when we kill the process "egui.exe" all ESET modules turn off immediately and the machine will be totally unsecured !
    so why is it so easy to kill egui.exe process by the task manager !?

    If you don't believe this , open the task manager by pressing ctrl + shift + Esc
    and then click on " Processes " tab and then right click on egui.exe and choose end process , now the protection is off , to make sure run any malicious file you have , a virus , a trojan or patch and ESET won't detect it because it's not working !

    What do you think about this ?
    ESET must fix this huge bug by protecting the egui.exe process !

    Regards
    ESS Lover
     
    ESS_Lover, Aug 10, 2009
    #1
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,963
    Location:
    Somethingshire
    i would be seriously ~Snip~ if it didn't close when I ask it to. malware doesn't get a chance to do the same because I don't let it run in the first place
     
    Last edited by a moderator: Aug 10, 2009
    Cudni, Aug 10, 2009
    #2
  3. ESS_Lover

    ESS_Lover Registered Member

    Joined:
    Aug 4, 2009
    Posts:
    29
    how would you know if it was malware if ESET didn't detect it in the first place !

    ESET must protect it's process ! or malwares will kill the process as easy as drinking water ! :mad:
     
    ESS_Lover, Aug 10, 2009
    #3
  4. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,963
    Location:
    Somethingshire
    if eset can't detect malware why do you think that undetected malware can't equally defeat any other process protection. If malware can ran without AV doing or knowing anything about it then it is trivial that among other things it can stop the av running
     
    Cudni, Aug 10, 2009
    #4
  5. stimulator32

    stimulator32 Registered Member

    Joined:
    Jan 12, 2009
    Posts:
    104
    Hello my dear ESS_Lover,

    the process that you mentioned pertains to the Graphical User Interface only, so when you kill the process egui.exe, you actually kill only the interface ..

    I did the following:

    killed the process, then tried to run two malicious files (By Sandboxie pro.):

    The first file (Bifrose trojan):

    11-08-2009 07-13-17 AM.jpg

    The second file (sality virus):

    11-08-2009 07-13-48 AM.jpg

    As you notice that the two malwares didn't run, though the egui.exe is killed !

    Cheers ..
     
    stimulator32, Aug 11, 2009
    #5
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,456
    Exactly. There are people who need to have gui disabled. IMHO, I think that one would kill most of other AV software easier than ESET (meaning ekrn.exe which performs antivirus control, not egui.exe which is nothing but the graphical interface).
     
    Marcos, Aug 11, 2009
    #6
  7. ESS_Lover

    ESS_Lover Registered Member

    Joined:
    Aug 4, 2009
    Posts:
    29
    Thank you very much Stimulator32 I never though of it this way
    because you know, when I kill avgnt.exe which Avira AV user interface process , Avira will still show detection notification windows if a virus is detected !

    but when I tried it with ESET ,and killed egui.exe , it didn't show a detection notification !
    of course I didn't try to run :)

    Anyway thanks a lot of explaining :)
     
    ESS_Lover, Aug 11, 2009
    #7
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...