Potentially Unwanted Programs?

I just downloaded and installed the latest version of NOD32 tonight (version 4.2.64.12)

During the initial setup....I was asked if I wanted to enable ThreatSense.Net Early Warning System, which I did. It also asked if I wanted to tickmark the option to check for "potentially unwanted applications"...which I did.

BUT....I notice when looking a little closer....there is an option to tickmark the option to check for "potentially unsafe applications". Should this one be checked as well?

I added password protection, and scheduled a weekly scan of the C Drive...but other than that, is everything set up for optimal protection "out of the box"?

 

Hello JRCATES,

Potentially unwanted applications are programs that may not be intentionally malicious, but can negatively affect the performance and reliability of the system or send information to third parties.

Potentially unsafe applications, such as keyloggers and password-cracking tools, can have legitimate uses but can also be components of malware.

You can adjust these settings to your preference. For more information please see our Knowledgebase article:
http://kb.eset.com/esetkb/index?page=content&id=SOLN2198

Thank you,
Richard

 

Thanks, Rmuffler

I realize it's just an optional descriptive tutorial of sorts.....but I noticed from the link you provided that "Potentially unsafe applications" was NOT checked in either of the screenshots...but that "Advanced heuristics" was checked in the first screenshot, but not in the second.

In your honest opinion...how would you set these options (unsafe applications and advanced heuristics)...for optimal protection without causing system lag?

 

PUA detection is a default setting, I would leave it as is and no, there is no system performance issue with this option enabled.

ESET has one of the smallest footprints than most commercial AV's.

What ESET's ThreatSense® early warning system does for you.

 

My current configuration is exactly the same as what is shown in the screenshots of the (same) link that you and Rmuffler provided...so I guess I'm going to leave it as is (in regards to Potentially unsafe apps being unchecked in both, but the Advanced Heurisitics being checked in the first screenshot, but not in the second one).

Thanks, to both of you, for your help

 

Under every ThreatSense® parameter setup, under options, ensure PUA is enabled.

 

To put this right, detection of Potentially Unwanted Applications is enabled for all modules providing that you enable it during installation. It is a mandatory installation step to select whether you want this type of applications detected or not. I'd also add that this group encompasses detection of highly suspicious packers mainly (but not necessarily) exploited by malware authors.

On the contrary, detection of Potentially Unsafe Applications is disabled for all modules by default as this group usually covers commercial software for remote administration.

 

Thank you, Marcos. That was what I was looking for. That explains why Potentially UNWANTED Applications WAS selected (checked) on all of the tabs, while Potentially UNSAFE Applications was NOT.

Just one more quick question:

Why is it, that when I go to "Setup", and then "Enter entire advanced setup tree..." when Antivirus and antispyware is highlighted and I select "Setup" next to Threatsense engine parameter setup located under Automatic startup file check.....under "Options", Advanced Heuristics IS checkmarked...

BUT...

On the Setup interface tab, just below Antivirus and antispyware....if I highlight Real-time file system protection...and then select "Setup" located next to ThreatSense engine parameter setup....under "Options" Advanced Heuristics is NOT checked?

Is that how the default setting SHOULD be?

 

That's because real-time protection continually scans files that are accessed / open so scanning them always with maximum settings (ie. advanced heuristics and runtime packers enabled) might have adverse effect on system performance. For this reason, these two options are enabled by default only for newly created and modified files.
The very first ThreatSense setup options belong to the startup scanner which should scan files with maximum settings as startup scans are run only after a system startup or a successful update.

 

Ahhh, that makes perfect sense. Thank you for the detailed explanation