-
Posts
37,874 -
Joined
-
Last visited
-
Days Won
1,502
Everything posted by Marcos
-
You can try v7 but since Windows XP uses legacy drivers and does not support minifilters, it won't make any difference and the issue will occur also with v7. There are basically 2 options: 1, upgrade the operating system to a newer one with support for minifilters 2, make the application open files for writing only in one thread. Making a change preventing the issue from occurring on Windows XP would cause the real-time scanner not to detect malicious files.
-
It's been confirmed by engineers that this issue cannot be fixed in the legacy driver used in Windows XP and older due to technical limitations of the operating system. Issues like this may occur if an application opens files in 2 or more threads for writing and ShareMode read,write. That said, the only solution is to use a newer operating system as keeping real-time protection disabled is not an option. Another solution would be to make the application open files for writing only in one thread in which case the sharing violation wouldn't occur.
-
ESS 7.0.104.0 function not defined
Marcos replied to Faraways's topic in ESET Beta Products for Home Users
Probably it's because I didn't restart after installing v7 beta. Anyway it's not a big deal as long as the Exploit Blocker is functional, which I hope it is, am I right? So this explains the problem. A computer restart is required for the text to be displayed as it was added via a module update so that beta users can test the new feature without making a new beta version. -
I've noticed that sharing violations occur on C:\Database\tempres.bin. Was the Procmon log created with v4, v5 or v6 installed? I assume you're using Windows XP, could you confirm? As for the issue with v7, could you try installing it again, now without importing settings from a previous version? If the problem persists, please create one more Procmon log with v7 installed. In that case, it'd be most likely a known issue of legacy drivers that could only be fixed in the minifilter driver used on Windows Vista and newer.
-
The thing is you're looking at the Web protection settings -> URL address management on the client but in the Configuration editor you have a Web control setup window with rules open. Web access protection and Web control are different features although both allow for blocking URL. While URL address management is a part of Web protection, Web Control is an equivalent to Parental Control in home version.
-
Code emulation is a kind of a task that can only be performed sequentially. It's not that we now have multi-core processors and every single application will benefit from it when performing its tasks. As I wrote, if several scans are run at once (e.g. on mail servers), scanning threads are run by separate cpu cores simultaneously which increases the overall scan performance.
-
ESS 7.0.104.0 function not defined
Marcos replied to Faraways's topic in ESET Beta Products for Home Users
We've been unable to reproduce it. After updating a fresh v7 beta and restarting Windows, the text "Enable Exploit Blocker" is always displayed. -
Updates
Marcos replied to chrlshlmn's topic in ESET Internet Security & ESET Smart Security Premium & ESET Security Ultimate
Regular automatic updates are attempted on an hourly basis by default as long as the computer is turned on. -
If disabling real-time protection actually helps, the only operations performed by real-time protection are those with ekrn.exe process. Other modules do not perform file operations and even network operations are performed by ekrn.exe. I have a long-time experience analyzing Procmon logs and various issues related to ESET products so I'm sure I'm not mistaken
-
ESS 7.0.104.0 function not defined
Marcos replied to Faraways's topic in ESET Beta Products for Home Users
Please refer to my previous post and post information about the modules installed. -
Your policy was properly applied to my Endpoint client after connecting to ERAS v5. Could you please post a screen shot of your Web control rule setup to make sure you're looking at the right setting?
-
Can't use Environement Variable for File Exclusion
Marcos replied to Pierre's topic in ESET Products for Windows Servers
System variables should work, user variables not as they are not available in the local system account. -
It's because you run only one file scan at a time. If you ran 2 scans simultaneously, 2 CPU cores should be utilized, one by each scan.
-
From my personal experience, ESET detects much more PUAs than any other competing products. Even if they start detecting a certain PUA, they remove detection after receiving a complaint from the application's vendor, most likely because further disputes with vendors always require a lot of investigation which is time and resource consuming. Also I'd like to emphasize that unlike some other vendors, ESET only detects files that actually pose a risk, ie. configuration files, images, text files, etc. are not detected and removed. They files are often installed with potentially unwanted applications. Therefore, in order to remove PUAs completely, we always recommend running uninstall via the Control panel -> Add/remove programs rather than deleting exe and dll files only.
-
ESS 7.0.104.0 function not defined
Marcos replied to Faraways's topic in ESET Beta Products for Home Users
Please post information about installed modules from the About window. -
BROWSERS
Marcos replied to chrlshlmn's topic in ESET Internet Security & ESET Smart Security Premium & ESET Security Ultimate
ESET products protect users against malware regardless of what browser is used. -
ESS v7.0.104.0 performance issues
Marcos replied to nickster_uk's topic in ESET Beta Products for Home Users
I see. Your issue with egui crashing is resolved in the next beta which should be made available within a few days.