Marcos
-
Posts
37,013 -
Joined
-
Last visited
-
Days Won
1,469
Posts posted by Marcos
-
-
Please submit prefs-1.js to ESET as per the instruction here and with a link to this topic enclosed. Although it's unlikely to be false positive, we'd like to check it out to make sure.
-
If egui.exe is running, couldn't it be that you've recently connected remotely via Remote Desktop or there are more users logged on at a time?
-
You can check the signature database version number in the Update section of the main gui. You can also try running an online scan.
-
I believe this is also a good way to push you guys to improve the Livegrid.
How? Malware running in memory may not exist on the disk.
-
It sounds like the java script is located on a url that you previously blocked access to it and thus the script cannot be loaded. Carry on as follows:
- untick the "Allow access only to URL addresses in the list of allowed addresses" box
- add * to the list of blocked addresses and tick the "Notify when applying address from the list" box
Now if you open the website with the java script blocked, you should get a notification with the url containing the script that was blocked.
-
Did you run a full scan with the most current signature database 8631?
-
Please provide step-by-step instructions how to reproduce the problem. Also provide more information about your oper. system, browser and ESET's modules that are installed.
-
I don't think there's anything secret in that message, this information is also available on ESET's website.
-
I am still having issues with web protection messing up access to my Asus RT-N66U router's admin pages (as reported in the original beta thread). I uninstalled the beta and went back to v6 (again) and all is well. This does not bode well.
--
bc
Please create 2 Wireshark logs, one with http filtering enabled when the issue occurs and the other one with http filtering disabled when your router's admin pages open fine. When done, upload them to a safe location (e.g. Dropbox, Skydrive,...) and PM me the download link.
-
Information from LiveGrid might be misleading in case of malware as they would show for the process malware is injected in, ie. not for the malware itself. That said, a user would see ESET recommending them to allow the action based on the data from LiveGrid but in fact they'd allow malware to perform its action.
-
I've been a user of Nod32 - long the gold standard in AV software - as long as I can remember but this is the first time I feel the product is letting me down. Instead of securing my system, it's making it unstable.
There's no evidence that ESET is causing the freeze. Even if renaming the drivers (ehdrv.sys, eamonm.sys) in safe mode made a difference, it wouldn't necessarily mean ESET is the culprit. If the system freezes, please generate a complete memory dump and convey it to ESET for perusal. Based on the dump, we'll be able to tell if there's a problem with ESET's driver or if it's another driver / sw that you have installed which causes the issue.
-
1. If viewing personal firewall logs and a lot of data is being generated, it constantly jumps to the newest entry. Effectively censoring any entries that are off screen.
This shouldn't normally happen. Make sure you don't have logging of all blocked communications enabled which should only be used with care when troubleshooting connectivity issues.
2. I couldn't find a way to filter 'out' entries in the log with a rule, only filter 'in'. Filter-in is only useful if you know what your looking for. I have a tendency to filter out(ignore) all the irrelevant log entries and examine the important ones. Perhaps a regular expression type filter system would be good.
The filter enables you to filter records according to certain text they contain in specified columns plus you can specify the severity of the records to filter as well as the time period. If you need more advanced filtering, you can export the log to a text file and use other tools to filter the desired records.
-
We would also be interested in knowing more details about the issues you encountered. It may not necessarily be ESET's fault that issues occur in conjunction with 3rd party software installed.
-
ESET uses startup scans to scan objects and files run when a computer starts. This also increases the chance of catching new born malware not detected by signatures yet.
-
Please refer to this KB article. When submitting samples from an infected computer, it's also good to enclose a SysInspector log as well as the threat log from the computer.
-
If importing the root certificate doesn't resolve the issue, we'd need to get further logs for investigation. Let us know about your findings so that I can provide you with further instructions if the advice given doesn't help.
-
There was an unexpected glitch with the update servers that should be resolved now. We apologize for the inconvenience.
-
Yes, there was an unexpected glitch with the updates that escaped our attention. The issue is now resolved and updates work fine. We apologize for the inconvenience.
-
1, As for disabling threat alerts, navigate to User interface -> Alerts and notifications and untick the appropriate box. Don't know why one wouldn't like to be notified about threats, however.
2, in order to disable HIPS, a computer restart is always required.
3, ESET is not quarantining addresses but actual files that contained a threat (malicious script).
-
Make sure to enable SSL scanning if you want to have IMAPS/POP3S scanned.
-
I've played Battlefield 3 with ESS 7.0.104 beta installed and Advanced memory scanner enabled but didn't notice any issues at all. Is anybody else experiencing this issue?
-
The plug-in for Thunderbird supports only older versions of it due to a rapid development cycle and significant changes in each new version. Without the plug-in, only email received via POP3 and IMAP will be scanned for malware, ie. the spam filter in ESET Smart Security won't work.
-
Do you have SSL scanning enabled? Otherwise https websites won't be filtered.
-
There are many potentially unwanted or unsafe applications (besides actual malware) where ESET is the only vendor to detect them. If a file is detected just by one vendor, it doesn't make it a false positive automatically. Likewise, if a file is detected by more than 40 vendors at VirusTotal, it doesn't make it functional malware. The results only rise or lower the level of suspiciousness. Most toolbars meet the criteria of PUA and hence they are detected.
Having said that, we'll draw this topic to a close.
The differences between "Access denied" and "Threat detected"?
in ESET Internet Security & ESET Smart Security Premium
Posted
In a nutshell = to make a long story short.