-
Posts
38,083 -
Joined
-
Last visited
-
Days Won
1,510
Everything posted by Marcos
-
AV alert pop up does not fade automatically
Marcos replied to edseah24's topic in ESET NOD32 Antivirus
No, this is not possible. Pop-up notifications can be set to disappear in 30 seconds at maximum. If user's intervention is required (e.g when cleaning is disabled, ie. set to No cleaning), the window with action selection shouldn't close automatically. -
That should work provided that the correct IP address was added correctly to the list of addresses excluded from protocol filtering and disabling web protection or protocol filtering solved the issue. Perhaps you could post a screen shot of your list of addresses excluded from protocol filtering as well as a screen shot of the router's setup page with the address bar included.
-
I'd say that most of zero-day threats are detected and blocked by the web scanner utilizing advanced heuristics as well as by Advanced memory scanner. We regularly see almost all zero-day threats detected by ESET's detection mechanisms undetected by most of other famous security software. In case of ESET, recognition of zero-day threats is added swiftly which means such threats would be detected by all products regardless of whether they are run or just go through a server (e.g. mail server, file server, proxy server, gateway, etc.).
-
delete file in quarantine blocked by a password
Marcos replied to kimbo's topic in ESET NOD32 Antivirus
Quarantined files are stored in a safe, encrypted form on a disk and thus not pose any risk whatsoever. It's not necessary to flush the content of quarantine. Administrator privileges are required to permanently delete quarantined files. -
It seems to be the same issues as discussed here. Please continue in that thread so that the discussion is kept at one place. I assume that the problem is with Asus routers not adhering to rfc standards for http communication which may cause issues in conjunction with ESET's http scanner. Providing us with special logs for troubleshooting should help us pinpoint the issue, As a workaround, you may want to exclude the IP address of your router from content filtering.
-
How to disable the "Temporarely disable protection" confirmation
Marcos replied to Martin4517's topic in ESET NOD32 Antivirus
Unfortunately, this option was first removed in v6 if I remember correctly, however, I've already asked the product manager to bring it back in future versions as it was very useful for me, too. -
No, it's a potentially unwanted application, not malware or another kind of threat. You can exclude it from scanning directly from within the yellow notification window.
-
I'd suggest enabling logging of blocked operations in the advanced HIPS setup, reproducing the problem and then checking the HIPS log for detailed information about the rules that caused some blocking. This should show which rules need to be adjusted to allow the blocked operations. We'd appreciate if you could tell us what rule is causing the issue.
-
The number you're referring to probably means the number of files that have gotten through real-time protection but it doesn't necessarily mean they were scanned.
-
Without knowing what is detected and under what name, it's impossible to tell whether the detection is ok or not. Maybe it's a PUA which is detected and in such case it shouldn't be considered FP.
-
Delete zip file attachments containing .exe
Marcos replied to FTL's topic in ESET Products for Windows Servers
Currently it's not possible to delete / quarantine only archives with at least one executable file inside. However, this is a feature that we'd like to have added as soon as possible. -
V6 and v7 have better detection of phishing than other versions. The next generation of Endpoint will utilize the same anti-phishing system.
-
ESET is known for an extremely low number of false positives. If you suspect that ESET is erroneously detecting a legitimate file, please report it as per the instructions here. As for the option for excluding a file from scanning being grayed out, that's because only potentially unwanted and unsafe applications can be excluded directly from within the alert window.
-
Win32/Kryptik.BORN - file encrypted
Marcos replied to Nataku4ca's topic in Malware Finding and Cleaning
Kryptik detections are detections of the packer and doesn't tell anything about the malware itself. I'd suggest submitting a couple of encrypted files along with a file containing instructions how to get the decryption key to ESET to confirm they cannot be decoded. -
I'm getting an error sec_error_inadequate_key_usage, is it the same error as you're getting? I've found the same issue reported by a Kaspersky user here: hxxp://support.mozilla.org/en-US/questions/950736. It seems that connection to google, youtube and maybe some other servers is not allowed by Firefox when a self-signed certificate is used. Tested with Opera and IE, no problem accessing the websites noticed.