Jump to content

Marcos

Administrators
  • Content Count

    16,478
  • Joined

  • Last visited

  • Days Won

    704

Everything posted by Marcos

  1. Try running the Uninstall tool in safe mode, then install the latest version of your ESET product from scratch.
  2. As stated in Please read this before you post Do not report blocked websites After cleaning a website from malware and taking measures to prevent further re-infection, request a re-check as per the instructions in the FAQ. This forum does not serve as a channel for requesting website re-check or disputing blocks or detections. In your case, contact ESET ME for a resolution. For contact information, visit https://www.eset.com/me/about/contact/
  3. I'm sorry but I don't understand what the question is. If you are asking about the TCP connections by ekrn.exe, I assume it would be possible to reduce them by disabling LiveGrid, IPM, streamed updates, etc. mostly at the cost of deteriorating protection capabilities, however, the product would still attempt to communicate with licensing / activation servers.
  4. Thanks for the heads-up peteyt, the user was banned.
  5. Update servers are currently under a heavier load due to a bigger update of the advanced learning machine module. We expect the situation to calm down soon. We continue to work on improvements to prevent high server loads causing download errors.
  6. In this case advanced network protection logging was not enabled in the Diagnostics section:
  7. Currently there's no way to recover files but paying the ransom which we don't recommend if you didn't have a backup. If you want to be protected against ransomware and other malware to the maximum extent: - back up important files on a regular basis - keep the OS and AV up to date - practice safe computing - secure RDP (e.g. use an account lockout policy, use RDP only within LAN and VPN for connections from outside, use 2FA, etc.) - protect ESET's settings with a password - enable detection of potentially unsafe applications - consider using extra HIPS rules as per https://support.eset.com/kb6119/
  8. If you are able to reproduce it, enable advanced network protection logging in the advanced setup -> tools -> diagnostics, reproduce the detection, disable logging, collect logs with ESET Log Collector and upload the generated archive here.
  9. It appears that you've installed a trial version of ESET just recently, ie. most likely after the encryption occurred. Could you confirm? Unfortunately, files encrypted by Filecoder.STOP cannot be decrypted, however, we recommend keeping important files in case that decryption will be possible in the future.
  10. Try running the Uninstall tool in safe mode.
  11. Running the Uninstall tool in safe mode first and then installing v12.2.30 from scratch should work.
  12. See the firewall rules. The name of such rule commences with "Rule created by wizard".
  13. As for Edge, I recall it is not technically possible to inject into it due to sandboxing. Not sure about Opera but it's not as popular as Chrome or Firefox. Since BPP must keep pace with the development of browsers, less popular browsers that are updated on a regular basis cannot be supported.
  14. Did you download and run ESET Log Collector 3.2 ? I'm asking cause wording in ELC 3.2 operational log seems to be different, e.g. [15:18:40.968] === Drivers === [15:18:40.968] Exporting... [15:18:40.968] OK [15:18:40.968] Adding file: E:\DOCUME~1\9335~1\LOCALS~1\Temp\elc81.tmp -> ESET/Config/drivers.txt [15:18:41.000] === QInfo === [15:18:41.000] Exporting... [15:18:44.656] OK [15:18:44.656] Adding file: E:\DOCUME~1\9335~1\LOCALS~1\Temp\elc84.tmp -> ESET/Quarantine/quar_info.txt [15:18:44.656] === QFiles === [15:18:44.656] Exporting...
  15. According to the screen shot you are using Windows 7, are you? Have you tried uninstalling and installing v12.2.30 from scratch to make sure that ESET re-registers to Windows Security Center? After uninstall make sure the warning is gone.
  16. We do not delete any posts unless they are inappropriate, e.g. if they are offending, spam, etc. Posts are archived after 1 month if I remember correctly which prevents them from being searched using the forum search engine, however, they can be found via other search engines, such as Google. This is something we would like to address with the forum service provider since the search function is fundamental for users. Regarding files in the charon folder, it doesn't mean that all files in the folder will ever be submitted. I'd estimate that only a small portion of files be actually submitted and the other refused by LiveGrid servers, e.g. because they were already submitted by another user before. After submitting or rejecting a file, the file is deleted from the charon folder.
  17. It was not encountered before. It is actually very weird that deleting the content of the charon folder fixed it since the size of the files in the folder was quite small and the files would have been deleted automatically after being submitted or refused by ESET's servers.
  18. I'm not sure if a username and password is still included in the registration email but it should be there for legacy products such as NOD32 Antivirus for Linux desktop that require a username and password to update. Wasn't a U/P enclosed in the email?
  19. Please refer to my previous post and provide logs collected with ESET Log Collector.
  20. Please follow the instructions by MartinK at
  21. Marcos

    laptop

    You can install ESET Password Manager from Google Play. Besides that, we have also ESET Mobile Security and ESET Parental Control for Android as separate products for mobile phones.
  22. 1, Only files in the Charon folder may be submitted to ESET's LiveGrid servers, if accepted. 2, Throughout this year we've received about 20 suspicious files from you. Are you able to reproduce the situation when ekrn seems to be sending out a lot of data? If so, please post a screen shot of the Network connections screen with ekrn visible and communication details expanded so that we can see the communication server.
  23. The program should eventually update to v12.2.30 automatically. You can run update manually to get the new version immediately, however.
  24. Please run ESET Log Collector to collect logs and upload the generated archive here for perusal by ESET staff.
  25. Marcos

    laptop

    It depends on what license you purchased. We sell packs for multiple devices and operating systems and also single licenses for a specific OS.
×
×
  • Create New...