-
Posts
37,924 -
Joined
-
Last visited
-
Days Won
1,504
Everything posted by Marcos
-
Information from LiveGrid might be misleading in case of malware as they would show for the process malware is injected in, ie. not for the malware itself. That said, a user would see ESET recommending them to allow the action based on the data from LiveGrid but in fact they'd allow malware to perform its action.
-
NOD 32 seems to be causing freeze during boot
Marcos replied to cutting_edgetech's topic in ESET NOD32 Antivirus
There's no evidence that ESET is causing the freeze. Even if renaming the drivers (ehdrv.sys, eamonm.sys) in safe mode made a difference, it wouldn't necessarily mean ESET is the culprit. If the system freezes, please generate a complete memory dump and convey it to ESET for perusal. Based on the dump, we'll be able to tell if there's a problem with ESET's driver or if it's another driver / sw that you have installed which causes the issue. -
This shouldn't normally happen. Make sure you don't have logging of all blocked communications enabled which should only be used with care when troubleshooting connectivity issues. The filter enables you to filter records according to certain text they contain in specified columns plus you can specify the severity of the records to filter as well as the time period. If you need more advanced filtering, you can export the log to a text file and use other tools to filter the desired records.
-
Remote boot time scan with ERA Server
Marcos replied to a topic in ESET PROTECT On-prem (Remote Management)
ESET uses startup scans to scan objects and files run when a computer starts. This also increases the chance of catching new born malware not detected by signatures yet. -
If importing the root certificate doesn't resolve the issue, we'd need to get further logs for investigation. Let us know about your findings so that I can provide you with further instructions if the advice given doesn't help.
-
There was an unexpected glitch with the update servers that should be resolved now. We apologize for the inconvenience.
-
Yes, there was an unexpected glitch with the updates that escaped our attention. The issue is now resolved and updates work fine. We apologize for the inconvenience.
-
1, As for disabling threat alerts, navigate to User interface -> Alerts and notifications and untick the appropriate box. Don't know why one wouldn't like to be notified about threats, however. 2, in order to disable HIPS, a computer restart is always required. 3, ESET is not quarantining addresses but actual files that contained a threat (malicious script).
-
email imap scanner question,it doesn't scan thunderbird
Marcos replied to mantra's topic in ESET NOD32 Antivirus
Make sure to enable SSL scanning if you want to have IMAPS/POP3S scanned. -
Games are not happy with new ESET Smart Security
Marcos replied to VidKo's topic in ESET Beta Products for Home Users
I've played Battlefield 3 with ESS 7.0.104 beta installed and Advanced memory scanner enabled but didn't notice any issues at all. Is anybody else experiencing this issue? -
The plug-in for Thunderbird supports only older versions of it due to a rapid development cycle and significant changes in each new version. Without the plug-in, only email received via POP3 and IMAP will be scanned for malware, ie. the spam filter in ESET Smart Security won't work.
-
There are many potentially unwanted or unsafe applications (besides actual malware) where ESET is the only vendor to detect them. If a file is detected just by one vendor, it doesn't make it a false positive automatically. Likewise, if a file is detected by more than 40 vendors at VirusTotal, it doesn't make it functional malware. The results only rise or lower the level of suspiciousness. Most toolbars meet the criteria of PUA and hence they are detected. Having said that, we'll draw this topic to a close.
-
NOD 32 seems to be causing freeze during boot
Marcos replied to cutting_edgetech's topic in ESET NOD32 Antivirus
Since we don't know whether it's HIPS or Self-defense causing the issue, try disabling each, one at a time. If that doesn't help, disable both. If that doesn't resolve the issue, try renaming the above mentioned driver in safe mode. Note that this needs to be done in order to narrow the issue down, I don't suggest it as a permanent "solution" for the issue. -
Please be more specific about the versions. If you have Firefox 22 or newer installed, you'll need to export the root certificate from ESS and import it to Firefox TRCA certificate store manually for https websites to open properly. If you have Opera 15 installed, just ignore the message for the time being, SSL scanning will work anyway.
-
ESET is actually quite strong when it comes to ransomware detection. Of course, no security software offers 100% detection of malware, however, ESET uses mechanisms so that detection for newly emerging and unrecognized variants is added in the next update. If ransomware has made it to a computer and detection was added afterwards, the following procedure should work to clean it out: - turn off / on the computer or restart it - after Windows starts, wait about 5 minutes so that the latest update is downloaded and a startup scan is run (even if the ransomware is active and blocking the screen and other actions, the process of updating and cleaning will be run in the background) - turn off / on the computer I'd also suggest trying v7 beta which has been running smoothly and only minor issues have been reported. It features Advanced memory scanner which helps to protect against zero-day malware, Vulnerability shield to detect and block attempts to exploit known system vulnerabilities and one more new feature to improve malware detection even more. That said, it will be much stronger than its predecessors v6, v5 or older.
-
You must have made something wrong. If a threat is detected, there will be no problem to delete or clean the file providing that Windows or another application isn't using the file exclusively. Please create a new topic where we can troubleshoot it further. Although there's still room for improvements, ESET products are one of the best in terms of detection and performance.
-
Syntax for Exclusions in RA Policy
Marcos replied to LocknetSSmith's topic in ESET PROTECT On-prem (Remote Management)
Yes, system variables are supported. User variables won't work as they are unknown to the local system account. -
The application was analyzed and the detection is ok, the case is closed.