Jump to content

Marcos

Administrators
  • Posts

    35,860
  • Joined

  • Last visited

  • Days Won

    1,429

Everything posted by Marcos

  1. DNS requests are used by Parental / Web Control and for license-related purposes. This is a perfectly legitimate use of DNS that is employed by plenty of vendors of legitimate software. If the "spyware" detection is not removed soon, we'll raise an official complaint.
  2. Could you please post a screen shot of your IDS exclusion setup as well as the appropriate records from the Network protection log that were generated with the exception in place?
  3. I'd recommend not to create exceptions for any alert, otherwise you'd effectively disable IDS protection against potential attacks coming from the excluded IP address.
  4. Please provide me with logs gathered with ELC. Obviously a process has crashed while a Procmon log with protection enabled was being generated. However, the very first Procmon log you provided didn't contain any records of a crash.
  5. Try uninstalling ESET in safe mode using the Uninstall tool. Should the problem persist, gather logs with ELC and provide me with the generated archive. Also if possible, create and provide a Procmon log from a failed install as well.
  6. If you have gigabytes of iso files or other archives / containers with dozens of thousands files inside, it can take quite long to complete the scan. Try running a scan with archives disabled to see if it improves the speed.
  7. Hi Tom, Do you mean the link How do I use ESET Log Collector? in my signature? I've tested it and it opened a correct KB with instructions for using ELC.
  8. Not surprisingly detected as a PUA: ..\Local\Temp\DTInstallerResources\Fusion.dll;a variant of Win32/FusionCore.AC potentially unwanted application
  9. The issue will be fixed in the Banking and payment protection module 1140 soon.
  10. This has been already mentioned that we'll consider a solution for wake-up calls in offline networks in future versions.
  11. If you provide me with the network protection advanced log with an ARP cache poisoning attack detection captured, I should be able to confirm that it's caused by a different MAC address than the one from which the previous ARP response was sent. After generating the log and disabling advanced logging, gather logs with ELC and provide me with the generated zip file.
  12. This happens if you mark a machine as missing in the Anti-Theft portal. Please drop me a message with your my.eset.com login email address as well as the name of the machine so that I can check its AT status.
  13. The website / page in question was compromised and loads malicious javascript from 2 other malicious websites.
  14. Check ELA/EBA for information about units that use the EFSW license. If you are using ESMC, it's a good practice to not add your license directly to ESMC, instead add it to EBA (eba.eset.com) and then add the EBA account to ESMC. Some new products, such as ESET Dynamic Threat Defense, require that.
  15. The detection is correct. The website was compromised and loads JS/Adware.Revizer js from another website.
  16. The detection is correct. The fact that other vendors do not detect it does not make the code benign. Please provide the url (obfuscate http) on which the detection was triggered.
  17. Please drop me a message with your license key so that I can check it on files.
  18. There's nothing unusual. The CPU utilization by ekrn was very low all the time:
  19. Endpoint v7 has already been released. We currently have no beta version to test.
  20. A new version of Linux server products will be unveiled next year.
  21. No, decryption of Filecoder.Crysis is not possible.
  22. I didn't find anything unusual with regard to ESET. Ekrn spent 14,5s on the file C:\Users\ntona\AppData\Local\Packages\WhitewaterFoundryLtd.Co.16571368D6CFF_kd1vv0z0vy70w\LocalState\rootfs\lib\x86_64-linux-gnu\libc-2.27.so but other processes spent more than 700s on it. Does excluding the folder C:\Users\ntona\AppData\Local\Packages from scanning make a difference?
  23. It all depends on what you need. Parental Control doesn't only serve to locate a child but you can define website and application/games restrictions. It also provides geofencing, ie receiving notifications when the child enters a specific area (the school, home, etc.).
×
×
  • Create New...