-
Posts
36,520 -
Joined
-
Last visited
-
Days Won
1,453
Posts posted by Marcos
-
-
Try creating a batch file with the following content (e.g. getquar.bat) and run it then:
@echo off
for /r c:\users %%a in (*.n?f) do echo %%a && copy "%%a" c:\quarantine && goto eof
Finally check the content of the c:\quarantine folder to see if it contains some files.
-
I am also seeing the Eset Service take up huge amounts of ram . I wonder if there is a major memory leak ?
Please create a dump of ekrn.exe via the Task manager. Select ekrn.exe and then click the "Create dump file" button.
Compress the dump, upload it to a safe location and pm me the download link.
-
We've found malware that redirects one of the addresses listed in the hosts file to 0.0.0.0 which is the reason why it's detected. We'll make this hosts file undetected.
-
Please submit the hosts file to ESET for further analysis as per the instructions here.
-
ESET's plug-in doesn't touch messages in inbox unless they are accessed and scan on read.
-
Since the OP's question has been answered completely, we'll draw this thread to a close.
-
Please enable creation of complete application memory dumps under Tools -> Diagnostics, reproduce the issue and then check the Diagnostics folder if there are some dumps created.
-
Did you have to click on something on the page to make something download, or did it happen without your doing anything to initiate a download?
I clicked the "Agree and start free download" button.
-
When I tried it, only potentially unwanted applications that don't pose any threat were downloaded
-
If you are able to reproduce the issue at any time, please configure Windows to generate complete memory dumps as per the instructions here. When a freeze occurs, trigger a manual crash as per the instructions in the KB article. After a computer restart, compress the dump, upload it to a safe location and pm me the download link.
-
Please send me the minidump attached to a personal message. If you can reproduce the crash at any time, configure Windows to generate complete memory dumps. When a crash occurs, compress the memory dump, upload it to a safe location and pm me the download link.
-
I'm using the Portable Edition of Thunderbird.
Do your setup indications above for scanning e-mails also apply for the portable edition?
Yes, importing the root certificate into email clients automatically requires an email client to be installed. For portable editions, you'll need to export the ESET root certificate and import it into the email client manually.
-
When you get the error message, run "sc query ekrn" with elevated admin rights and post the output here.
-
I've blocked the website as it downloads a potentially unwanted application.
-
The license was amended by the Australian reseller due to overuse. Please contact the distributor.
-
I was talking about the last malware we received with "HMRC" in the subject so we'd need to compare the hash of our and your file to find out if they are same or different. Regardless of this, it's important to keep in mind that no antivirus protection provides 100% protection and opening unknown files is not safe and may lead to infection.
-
All prefs*.js files that we've received and analyzed had Firefox security features disabled. Please submit your files to ESET as per the instructions here if you think that your files are safe and are detected erroneously. Note that these files are not detected as malware but as PUA (potentially unwanted applications) which is an optional detection.
-
Has ESET ever detected malware in incoming email? What email client do you use? Since you receive email via IMAPS, a plugin for your email client is required to scan email as long as SSL scanning is disabled (which is by default).
-
I cant see the url Marcos
I may be missing something Marcos can see that i dont. Which is ok.
I was looking at LiveGrid data and searched for IP addresses starting with the octets / numbers shown in the screen shot
-
Yes, the file was undetected when you scanned it, that's ok. LiveGrid file reputation is not applied on files scanned by the on-demand or on-access scanner. However, it should have been detected and blocked upon receipt provided that you had LiveGrid enabled. The detection would have looked like as follows;
__________ ESET NOD32 Antivirus warning, version of virus signature database 8953 (20131023) __________
Warning, ESET NOD32 Antivirus found the following threats in the message:
Government Gateway Reg Form.zip - Suspicious Object - deleted
Government Gateway Reg Form.zip > ZIP > Government Gateway Reg Form.exe - Suspicious Object - was a part of the deleted object -
At what time did you receive the threat by email? It was blacklisted today at about 9 AM CET.
-
Are you still experiencing the issue with inability to resize the log columns ?
-
When Outpost firewall is installed on a computer running ESET NOD32 Antivirus, it displays a message asking you to run OF in a compatibility mode. Despite the option selected, we didn't encounter any issues. Did you select to run OF in compatibility mode and experienced the issues though?
-
Please pm me your username so that I can test your license myself.
Temporarily disable protection doesnt work
in ESET Internet Security & ESET Smart Security Premium
Posted
Protection can only be disabled with administrator rights.