Marcos
-
Posts
36,983 -
Joined
-
Last visited
-
Days Won
1,467
Posts posted by Marcos
-
-
MacOS Catalyna is to be released in the fall. We officially support only final versions of operating systems, not betas since a lot can be changed under the hood before the new MacOS is released which could break ESET's functionality. At the time of the official release of the new MacOS, we should have a compatible version of ESET CyberSecurity and ESET CyberSecurity Pro at your disposal.
-
Are you able to reproduce it with a Gmail account? What IMAP server do you download your emails from?
-
How many active licenses for consumer products do you have? Could you please provide a public license ID of such license?
-
Honestly, it surprises me that you don't want to be notified about errors but want to be notified about threats. The thing is almost all the above mentioned errors may indicate an issue with protection and as a result the machine can get infected. Hence the question why not to be notified in advance about potential issues to prevent infection.
If you want to be notified about unresolved threats and not get any notifications about errors, change the minimum verbosity (well, actually it's rather severity) to critical.
-
Before making any conclusions, please contact samples[at]eset.com and provide the following stuff from the affected machine:
- logs collected with ESET Log Collector (ESET must be installed and activated beforehand if it's not)
- a handful of encrypted files (ideally Office documents)
- the ransomware note (payment instructions).If the files were encrypted by a 100% legitimate tool, such as PGP, it's not obviously possible to detect such. An attacker might have hacked in via RDP and use it to encrypt files. If that's the case, what failed was not the AV but the security of the system which should have prevented remote attacks via RDP. However, without logs we can now only speculate what happened but the requested logs may shed more light.
-
You can pause protection, e.g. via the right-click tray icon menu.
-
I think it was because your previous license expired about 2 weeks prior to renewing the license. In such case, it takes a little bit until license information is updated on servers. Had it been renewed on time, the product would have continued to work seamlessly after the renewal.
-
Please provide you public license ID or logs gathered with ESET Log Collector.
-
1 hour ago, Azure Phoenix said:
Does this mean features like banking don't work on Edge? I remember the feature always worked with Chrome despite enabling appcontainer in it.
Though, I wonder if the banking feature was changing the Chrome process to untrusted.
When using Edge, Internet Explorer will be used as a secure browser.
-
It's enough to re-enable self-defense, reboot the computer, enable logging of blocked operations in the HIPS setup, reproduce the issue, disable logging and then collect logs with ELC.
-
You can temporarily enable logging of blocked operations in the advanced setup, reproduce the issue and then disable logging. Next collect logs with ESET Log Collector and provide the generated archive.
-
10 hours ago, Nono said:
So, going back to my original question : What could make it works on one computer and not another ?
You can provide me with ELC logs from the machine where it doesn't work and describe what you would like to achieve.
-
With a CD key you'll need to turn to the seller from whom you received it. Unfortunately you don't have location set in your profile so we have no clue where you are from and cannot recommend the appropriate contact information.
-
Please refer to https://support.eset.com/kb332/ and make sure port 53535 is open for the addresses in the table below:
Are the notifications coming from machines with Endpoint v6 or v7 installed?
-
What kind of notifications do you mean?
-
-
PUAs are not malware. For general information on what PUAs are, you can read https://support.eset.com/kb2629/.
-
The detection of hYEBnFBwH.dll included in the installation package is detected correctly as a PUA.
-
It's not officially supported but it works, however.
-
I assume the application is detection as potentially unwanted. The detection is correct then. If you think that benefits of using the application outweigh possible risks (e.g. installation of toolbars, displaying ads or whatever PUAs can do), you can exclude it from detection by the detection name as follows:
-
It depends on how many files you have on the disk and on the type and size of the files. For instance, if you have a big number of iso images that are several GB in size, it will take ages to unpack them all and scan all files inside. Try running a scan with archives disabled and see how big difference it makes. Also make sure that you have LiveGrid reputation system as well as Smart optimization enabled which by default is.
-
HIPS currently doesn't support wildcards in file paths. By blocking a very few suspicious names that malware may use won't make your system safer given that in more than 99% of cases malware would use a different name than those above.
ESET protects you regardless of what file names malware use. Plus there is also lot of fileless malware that resides in the registry, WMI, UEFI. For a list of technologies that protect our users at various layers in the system, please read https://www.eset.com/int/about/technology/.
If you have a real use case that you try to resolve, please provide more details on it.
-
Are you not behind a router with NAT and your IP address is public?
-
Never seen such issue reported by our users. We don't write to the registry a lot; basically it's only information about modules and settings written to the registry, if changed. Are you reproduce it by manually triggering backups several times in a row? If so, then you could try temporarily uninstalling ESET and see if the issue occurs even without ESET.
Nod32 blocks IMAP protocol on Thunderbird
in ESET NOD32 Antivirus
Posted
Please carry on as follows:
- enable advanced logging under Help and support -> Details for customer care
- run the command-line console and type ([Enter] means to press Enter):
set NSPR_LOG_MODULES=SMTP:4,IMAP:4 [Enter]
set NSPR_LOG_FILE=%HOMEDRIVE%%HOMEPATH%\Desktop\tbird_log.txt [Enter]
start thunderbird [Enter]
- reproduce the issue
- close Thunderbird
- stop advanced logging
- collect logs with ESET Log Collector
- provide me with the archive generated by ELC and "%HOMEDRIVE%%HOMEPATH%\Desktop\tbird_log.txt"
I would also recommend opening a ticket for your local customer care and providing them with the logs so that the case it tracked properly and timely response is ensured.