-
Posts
37,946 -
Joined
-
Last visited
-
Days Won
1,504
Everything posted by Marcos
-
Edit post with tags and/or prefix is not working?
Marcos replied to m4v3r1ck's topic in General Discussion
I've checked permissions and you should be able to edit your content as well as tags. Are you still having problems with it? -
It's not detected as a virus. The domain was blocked due to exploits that were detected on it. Next time please report such possibly incorrect blocks to samples[at]eset.com.
-
I've checked the recent websites in the list and didn't find any reason to block any of them. If you come across undetected malware or domain/url that serves actual malware, report it to samples[at]eset.com. We cannot blindly block everything that appears on various lists published on the web without a good reason. ESET's web access protection is actually very strong. We pay attention to what is blocked to avoid false positives.
-
If you have paid for a license, you should have received an email with registration details, including your license key, to you registration email address. If you cannot find it in the spam folder, contact the seller from whom you purchased the license.
-
There should be a short grace period during which ESET will continue to update. In the event of update problems, the user could activate a trial version for the next few days.
-
I saw this error when attempting to install EFSW on a non-genuine Windows Server system, ie. it was a different OS made to appear as a server OS.
-
I scanned your sample with ESET NOD32 Antivirus 4.0 BE for Linux with the signature database 14611 and the file wasn't detected. My assumption is that you provided me with a newer variant with the same file name that was first covered with the signature db 14612 but on Linux you scanned the older variant detected by 14611. We can verify it after providing a hash of the files you've scanned.
-
It seems that you've scanned different variants of the malware (Win32/Filecoder.MaktubLocker) with the same file name and you uploaded a newer variant to VT while you scanned an older one detected as Win32/GenKryptik.ODA on the Linux system. In the mean time, a detection was added and it's now detected as well: https://www.virustotal.com/en/file/22138bc6dca174bc223b641ca4a79e8472c4a1a5db55c093fd9e2b1c9a1aa59b/analysis/1481834110/ Baidu Win32.Trojan.WisdomEyes.16070401.9500.9990 20161207 CrowdStrike Falcon (ML) malicious_confidence_69% (W) 20161024 ESET-NOD32 Win32/Filecoder.MaktubLocker.B 20161215 Invincea generic.a 20161202 Qihoo-360 HEUR/QVM10.1.0000.Malware.Gen 20161215 It'd be good to note a hash of the file you scan (ideally name it by the hash) to make sure a comparison with other scans or files is correct.
-
You wrote that ESET detected the malware on your Linux system but not on VirusTotal. Well, we are not responsible for VirusTotal. VirusTotal, a subsiadiary of Google and formerly operated by HispaSec is in no way related to ESET except that they use our scanner and scan files with their own settings. Also it's not clear if you uploaded infected file as it might have been an Office document with the macro already cleaned. Although some scanners may detect it, we don't as it's innocuous in such form. Please provide a link with VT scan results so that we can investigate what happened.
-
"Server not found" is most likely reported because Internet connection is not established at the time ESET attempts to update. Hence I suggested to wait 2 hours (because of the default 60-min. interval) to confirm that ESET eventually updates. When using an HTTP proxy, it could happen that another machine has already downloaded particular update files and the proxy server will serve them from its cache.
-
In the advanced update setup there's a setting not to display notifications about successful updates. By default it's enabled, ie. no notifications about updates are shown.
-
Your license entitles you to download any version of the product that you have purchased. With an ESS license, you can download ESET NOD32 Antivirus, ESET Smart Security (even v10) and ESET Internet Security (EIS). Although ESS is not sold in most countries any more (it was replaced by EIS and ESS Premium), current users are entitled to download and use it if they don't want to move to EIS which does not have Anti-Theft.
-
If you update from ESET's servers (e.g. via an HTTP Proxy which is recommended to save the traffic), I'd leave the default update tasks untouched. The regular update task triggers update every 60 minutes. By failing a definition database (engine) update do you mean that an error is logged in the ESET event log? If you leave the computer running for at least 2 hours, doesn't the database update automatically during this period?
-
Have you tried running the Firewall troubleshooting wizard (Main gui -> Setup -> Network) to get a list of recently blocked communications with an option to permit the desired ones with a few clicks?
-
Antivirus constantly deleting normal .exe
Marcos replied to Axel's topic in Malware Finding and Cleaning
You could use a SysRescue CD or USB to scan all your hardrives and other media offline. -
Protocol Filtering - Interfering with Web Browser
Marcos replied to mtchastain's topic in ESET NOD32 Antivirus
If you have v10 installed and the issue also occurs with pre-release updates selected, I'd recommend to carry on as follows: - enable generation of advanced protocol filtering logs in the Diagnostics setup - reproduce the issue - disable logging - collect logs with ESET Log Collector - contact Customer care + pm me a download link to the logs.- 3 replies
-
- Windows 10
- exclusions
-
(and 1 more)
Tagged with: