-
Posts
36,329 -
Joined
-
Last visited
-
Days Won
1,445
Posts posted by Marcos
-
-
Windows Firewall is not supposed to be disabled during installation of ESET Smart Security. However, if you open "Windows Firewall with advanced settings", you should see the message "These settings are being managed by vendor application ESET Smart Security". In order to determine whether prompting for an action by Windows Firewall is a bug or not, please provide step-by-step instructions how to reproduce it on our end.
If you change the ESS firewall integration to "Personal firewall is completely inactive", it will have no effect on the system at all. Also try to change the integration type to "Only scan application protocols" which should disable only the firewall part.
-
The OpenCandy detection is not FP. This application is often bundled with free software and the detection is fully optional.
-
Please submit suspicious undetected files to ESET as per the instructions here instead of posting download links in this forum. ESET's users are basically protected against this quickly changing ransomware even if not detected by the on-demand scanner on VirusTotal.
-
Please submit suspicious undetected files to ESET as per the instructions here instead of posting download links in this forum. ESET's users are basically protected against this quickly changing ransomware even if not detected by the on-demand scanner on VirusTotal.
-
Must add, that after excluding Firefox from protocol filtering downloaded malware (7-zip archive) was not quarantined automatically.
This is pretty expected. You removed Firefox from content filtering, ie. files downloaded via Firefox will not be scanned by Web access protection. As you wrote, malware was detected in either case; it doesn't matter whether a warning is displayed in a bubble or as a web page as long as malware is detected and blocked / removed.
-
1. Advanced memory scanner in action?
2. v6 (rus) → v6 (eng) → now v7.
Yes, AMS detections are currently logged with "unknown" in the Scanner column.
-
there is some bug in Advanced memory scanner when i enable it's detect file which i exclude from scanning
AMS does not scan files on a disk so clearly exceptions for files cannot be applied. Please provide me with more information about the file that you think is detected incorrectly in memory.
-
Self-defence is efficient but I found a exploit-DisallowRun registry CAN stop ekrn and egui.exe from running on Startup and replace .dlls in the ESET folder or overwrite them. When I click to scan something nothing happends. Only exploitable vulnerability soo far.
Please PM me more details as the DisallowRun policy is configured per user and affects only applications started via Explorer.exe which is not the case of ESET (unless you start egui manually).
-
Nobody has ever ignored this wish. It takes more than a year to prepare a version suitable for this purpose. The iso should fit cd so it will be a bit smaller than WAIK/WADK.
-
I agree with Marcos, and we haven't really seen what AMS (advanced memory scanner) goes for yet. But I bet ESET knows how effective it is through their internal testing
I use v7 for testing unrecognized malware from live malicious urls and AMS catches it in most cases. I look forward to seeing results of malware tests with v7
-
Perhaps the following warning applies to WIndows 8 under certain circumstances, too:
Warning:
If you are using the ESET Uninstaller tool to remove ESET Mail Security for Microsoft Exchange Server from Server 2008, you will be required to reinstall your network card drivers.Personally I haven't had a chance to try it on Windows 8 so if somebody has some experience with this, feel free to share. In the mean time, try reinstalling your network card drivers.
-
If ESET cannot be uninstalled from the former computer due to a problem starting and running Windows, you can simply use your U/P to download and install ESET on the new computer.
-
We'd need to get a complete application memory dump of egui.exe from the point it spikes up the cpu. On Windows XP, you can use Procdump (run procdump -ma egui.exe), on newer OS a dump can be created via the Task manager by right-clicking a process and selecting "Create dump file".
You can also try installing the latest v6 from scratch by running this Uninstall tool in safe mode or try v7 beta.
-
If you enabled Parental control, there could be an issue receiving DNS reponses from ESET's servers. Could that be the case?
-
Please continue as follows:
- compress the memory dump created during BSOD in c:\windows\memory.dmp by default
- upload the package to a safe location (if possible, include a SysInspector log as well)
- PM me the download link
-
However, the problem with the quarantine object stays the same. In the "Tools" window I still see at "Quarantine", Number of quarantined objects: 1.
But, no object in Quarantine at both accounts.
Search for *.ndf files under c:\users or c:\documents and settings. Maybe you didn't look into the NetworkService or LocalService folders.
I thought this was an official Eset forum where Eset professionals offering help to solve problems, but in 3 days I've received any response.
This forum is not meant to be a replacement for Customer Care. It's meant for sharing knowledge among ESET users and to provide assistance with issues that can be solved reasonably quickly. For issues where further logs are required and that may require numerous iterations with a support personnel, we strongly recommend contacting Customer Care.
-
V6 is a product for home users, ie. it doesn't contain features used in corporate environment, such as reporting to ERA Server or updating from a local mirror.
-
I think ESET should develop proactive defense system just like SONAR, Deepguard and so on. Although ESET has outstanding detection capability so far, but from my standpoint, signatures and heuristics seems more difficult to deal with latest threats.
Of course, ESET has HIPS system that allows security Geeks edits its own rules to against virus, but most ESET users aren't experts. Besides, the default mode of HIPS is totally useless when a malicious app is running.
Please consider this suggestion.
ESET will only uses protection systems that do not trigger false positives. ESET LiveGrid coupled with Advanced heuristics and HIPS (advanced memory scanner) bring superior protection against zero-day malware.
-
As of v7, active mode is used automatically as needed.
-
Please compress the dump, upload it to a safe location and PM me the download link so that we can analyze the dump.
-
Tried to install along side the free McAfee from my ISP. I'm not sure if this caused the problem, but the install failed silently. I rebooted, and retried the install, and my computer froze. Nothing would run or load, and nothing was in use. RAM wasn't growing. Disk was IDLE. CPU was IDLE. I had to boot into rescue mode and use a restore point. I'm willing to try again some time in the future if this becomes a known issue and a workaround or fix is published, but for now, not pleased.
Which exact McAfee product do you have installed on your pc? In order to prevent issues and clashes, AV programs usually detect an existing security solution and don't allow to continue with installation until the
current AV program is uninstalled completely. This check is also performed by ESET products, including v7.
-
Could you make a video demonstrating how to reproduce the issue?
-
It was reported as a bug so I assume we could get it fixed it in the final v7.
-
Please email samples[at]eset.com and provide all information that make you believe it should be detected, ideally with the appropriate sample or hashes of malicious files.
Windows firewall and ESS firewall both "on"?
in ESET Internet Security & ESET Smart Security Premium
Posted
This is ok and according to MS specification / requirements. Only very specific communications should be handled by Windows Firewall in this configuration.