Marcos
-
Posts
36,219 -
Joined
-
Last visited
-
Days Won
1,441
Posts posted by Marcos
-
-
Could you pm me your public IP address? Ie. the address you get when you enter "ip address" into Google search.
-
You didn't mention whether it was a document or executable that was attached to the email and which you opened / ran. The best would be if you could send it to samples[at]eset.com for analysis if it is not detected.
As for the BSOD, I'd strongly recommend uninstalling MBAM since its real-time protection may clash with ESET and cause issues. Should the problem persist, have a dump from the crash sent to customer care for analysis and to determine the cause of the crash. It appears to be network related.
-
1, The email would be likely scanned by Web access protection. Make sure that SSL/TLS filtering is on so that https communication is scanned.
2, Without knowing what product / version and settings you use and checking the email you received, it's impossible to tell what happened. Please provide me with the email that was not detected as well as with logs gathered by ELC from the machine.
To increase detection efficiency, you might want to use ESET Dynamic Threat Defense (provided as an extra service). If you use Microsoft Exchange or Lotus Domino mail server, with new v7 mail server products you can take advantage of EDTD and have attachments run in the EDTD sandbox and have them evaluated by Augur, the ESET machine learning system. Based on the result of analysis, the ESET Mail Server product can take the appropriate action. This greatly minimizes the gap between a new malware begins to spread and the time a detection is added.
3, Any infected attachment should be cleaned / removed. -
It's a potentially unwanted application. For information what PUAs are, please read https://support.eset.com/kb2629/.
The detection is optional. If you think that benefits of using a particular PUA outweigh possible risks, you can exclude it from detection.
-
It's a potentially unwanted application. For information what PUAs are, please read https://support.eset.com/kb2629/.
The detection is optional. If you think that benefits of using a particular PUA outweigh possible risks, you can exclude it from detection.
-
The detection was added on Sept 4. Cached results are cleared after a module update so the file should have been re-scanned if the file was actually scanned by the Idle-state scanner.
-
From the screen shot it is not clear if ekrn is consuming 10,4 GB of RAM. Does the issue manifest right after Windows starts without doing anything ?
Do you have ESET Internet Security v11.2.63.0 installed? If not, uninstall the version you have and install the latest one from scratch using default settings. Does the problem persist?
-
Release Date: July, 17, 2018
ESET NOD32 Antivirus 11.2.63.0 has been released and is available to download.
Changelog:
- Fixed: Issues with freezing when debugging applications
Upgrade to Latest Version
Upgrade my ESET Windows home product to the latest version
Support Resources
ESET provides support in the form of User Guides, fully localized application and online help, online Knowledgebase, and applicable to your region, chat, email or phone support.
- Online Help user guides
- Visit www.eset.com/contact to email ESET technical support
- For version 11 video tutorials, see the ESET Knowledgebase YouTube channel
-
Release Date: September 11, 2018
ESET NOD32 Antivirus, ESET Internet Security and ESET Smart Security Premium version 11.2.63.0 have been released and are available to download.
Changelog:
- Fixed: Issues with freezing when debugging applications
- Fixed: Issues with Webcam on Windows 10 RS4/RS5
- Fixed: Issues with background crashes in Anti-Theft
- Fixed: Issues with wi-fi when connected to a public AP
Upgrade to Latest Version
Upgrade my ESET Windows home product to the latest version
Support Resources
ESET provides support in the form of User Guides, fully localized application and online help, online Knowledgebase, and applicable to your region, chat, email or phone support.
- Online Help user guides
- Visit www.eset.com/contact to email ESET technical support
- For version 11 video tutorials, see the ESET Knowledgebase YouTube channel
-
Please generate a Procmon boot log as per https://support.eset.com/kb6308/, section Gather boot log files.
After you've generated the log, compress it, upload it to a safe location (e.g. Dropbox, OneDrive, etc.) and provide me with a download link.
-
Perhaps Dynamic Threat Defense (EDTD) would be an ideal solution for you. As of EMSX v7, documents with macros can be submitted to the EDTD sandbox where the file is opened and the behavior is monitored. Besides that, the file is evaluated by Augur (ESET's machine learning system) and the result is returned to EMSX which will deal with the email accordingly.
It is possible to configure EDTD to delete analyzed documents immediately after analysis or after some time.
-
Modifying an html code is much easier than creating new variants of actual malware and sometimes it's even technically impossible to discern between a legit and scam / phishing website. Next time please jot down the whole url and provide it to us for further analysis as per https://support.eset.com/kb141.
-
Are you positive that the messages were filtered by ESET? Are there any records in the ESET Antispam protection log?
-
Quote
Bottom line - is idle-state scanning the equal in detection capability as a manual/scheduled full local drive scan? Does idle-state scanning bypass files that were previously Eset scanned?
Yes, the Idle-state scanner should be equal to a smart scan. Please provide the ps1 file so that I can check when exactly the detection was added.
-
I've tried to log in to my.eset.com via Firefox on an Android 8 phone and it worked. Since I don't have ipad nor a Windows 10 mobile phone, I couldn't test it with these. I'd recommend contacting customer care.
-
Sounds like another system service that the firewall is dependent on takes time to start. I'd suggest contacting your local customer care to troubleshoot the issue further.
-
What restart check do you mean? How does it affect ESET Endpoint AV?
-
31 minutes ago, lagunero said:
Sorry, just after my post eset asked me to restart and now it works. Sorry again, if you want you can delete all my posts, thanks.
Thanks for letting us know. A computer restart is required for new drivers to load after a program update. And the fix for the freezing issue was indeed in the eamonm.sys driver.
-
14 minutes ago, lagunero said:
11.2.63.0 just right installed. The problem is still here, at least for me.
It must be a different issue since the problem with freezing of debuggers was resolved in v11.2.63. Please provide ELC logs. Also generate a complete memory dump during the freeze as per the instructions at https://support.eset.com/kb380. When done, compress it, upload it to a safe location and drop me a message with a download link.
-
Please gather logs with ELC and upload the generated archive here.
-
Maybe a similar issue like this ? https://forum.eset.com/topic/16740-cisco-anyconnect-vpn-not-working-with-eset-v7/
What VPN are you using?
-
18 hours ago, Merkme said:
Make it more easy to understand and user-friendly
ESET's products are install-and-forget. You don't have to care about setting up anything and it will protect you in the background. It can't be easier than it already is in my opinion.
-
No problems here:
If clearing browser's cache doesn't make any difference, please gather logs with ESET Log Collector and provide the generated archive for analysis.
-
Currently it falls in the "File repositories" category. You can suggest a more appropriate category through the form https://tools.zvelo.com/.
11.2.63 Bug - Eset Firewall Detected Insecure Rule
in ESET Internet Security & ESET Smart Security Premium
Posted
I assume that %InstallDir% is resolved by ekrn.exe itself which knows this information.