-
Posts
36,580 -
Joined
-
Last visited
-
Days Won
1,455
Everything posted by Marcos
-
How to understand which app executes "trojan url"
Marcos replied to Yevhen Sychov's topic in Malware Finding and Cleaning
I assume you didn't intentionally open bartzmovie.com, did you? It seems to be a parked domain for sale. -
On-demand scanner logs typically contain a lot of entries which do not only include threat detections but also errors (e.g. errors opening files, scanning password protected files, damaged archives, etc.). It's been designed this way since NOD32 v1 dozens of years ago and I assume 99% if not 100% of AVs log detections just like that. Moreover, on-demand scans should not normally detect anything if an initial scan was run, all protection modules have been active and modules have been kept up to date.
-
How to understand which app executes "trojan url"
Marcos replied to Yevhen Sychov's topic in Malware Finding and Cleaning
It's typically a browser that opens a malicious or compromised website. Since I don't have a Mac computer at disposal at the moment, I can only show how it looks like under Windows where application is logged. I assume it should be like that on Mac too: -
EIS scan results UI after update
Marcos replied to PassingBy's topic in ESET Internet Security & ESET Smart Security Premium
Currently we can only suggest filtering our errors and diagnostic records which should reduce the log to show only detections. -
You can use a 3rd party firewall with ESET NOD32 Antivirus without creating any exceptions since they can't interfere with each other.
-
Is Firefox Quantum installed on the machine? Ie. it's not a portable version, correct? Is the ESET root CA certificate imported in the Mozilla's trusted root CA certificate store? If so, close Firefox and any other browsers that might be running, disable SSL/TLS filtering in the advanced setup, click OK, re-enable SSL/TLS filtering and try again. Check if the ESET root CA certificate was imported alright.
-
Do you mean excluding IE from protocol filtering? Does the issue occur with any https website? Does it occur with Firefox as well which uses its own trusted root CA certificate store? At any rate, I would suggest raising a support ticket for customer care so that the case is properly handled and tracked.
-
I don't recall ever seeing a full path to the file if malware was detected in a running process. There is PID displayed / logged so if the process is still running the full path can be determined. Logging is subject to overhaul so that will be a good opportunity to add it in a separate column.
-
Security Report Bug In Ver. 12.1.31?
Marcos replied to itman's topic in ESET Internet Security & ESET Smart Security Premium
So it should be reproducible by downloading email with Thunderbird, e.g. from a Gmail account? -
Please provide the public ID of your license so that we can check its status.
-
TCP SYN Flood Attack - Router IP
Marcos replied to bbenz's topic in ESET Internet Security & ESET Smart Security Premium
I would suggest: - enabling advanced logging under Help and support -> Details for customer care - rebooting the machine - reproducing the issue - disabling advanced logging - gathering logs with ESET Log Collector, raising a support ticket for customer care and providing them with the generated archive. -
Scheduled Scans
Marcos replied to Aryeh Goretsky's topic in ESET Internet Security & ESET Smart Security Premium
I'm not sure if this is possible from technical point of view. Anyways, this topic is monitored by people responsible for making decisions about future features so it will be noted. -
It may not be a legit Flashplayer but malware disguised under that name
-
Please gather logs with ESET Log Collector and provide the generated archive.
-
1803 to 1809 & ESET
Marcos replied to COStark26's topic in ESET Internet Security & ESET Smart Security Premium
ESET and MBAM Pro generally may not play nicely together regardless of OS updates. -
Please rename this topic to a meaningful name.
-
1803 to 1809 & ESET
Marcos replied to COStark26's topic in ESET Internet Security & ESET Smart Security Premium
Also you wrote: " UNTIL I DISabled ESET Protect/FW & All other Security Apps". The question is if it was enough to uninstall ESET for the issue to go away or the other security applications you mentioned. We intensively tested upgrade from RS4 to RS5 and didn't encounter any issues with ESET installed. -
Also please post the appropriate record from the Detection log. Again, make sure it's in English so that we don't have to translate it ourselves.