-
Posts
36,097 -
Joined
-
Last visited
-
Days Won
1,438
Everything posted by Marcos
-
AdwCleaner detects also benign stuff / leftovers that are not normally subject to detection. Without getting and analyzing what it detected it's impossible to tell if that stuff was supposed to be detected or whether it was a false positive by AdwCleaner. Moreover, AdwCleaner is not an antivirus and works differently than AVs. Let's stay on topic, don't turn this topic into a A vs B discussion and keep polite tone.
-
ESET' service' (ekrn) failed to start.
Marcos replied to Ali Akbar's topic in ESET Endpoint Products
You have a rootkit in the system. In safe mode, delete the files c:\windows\system32\drivers\winmon.sys and c:\windows\system32\drivers\winmonfs.sys. If necessary, boot from a clean medium (e.g. ESET SysRescue) first. -
This is dangerous and not recommended to do since you won't be protected when opening malicious websites or downloading malware. Please enabled advanced protocol filtering logging and advanced network protection logging in the setup under Tools -> Diagnostics, reproduce the issue. When done, disable logging, gather logs with ELC and provide me with the generated archive.
-
Protecting you from malicious websites and scripts is not a serious mistake but something that a security product is supposed to do and expected to do. The fact that you opened the website with Web protection disabled which subsequently caused the browser to crash is not ESET's fault. We cannot prevent users from deliberately pausing protection and subsequently opening websites containing malicious or otherwise dangerous stuff.
-
Problems with chrome
Marcos replied to Ori0749's topic in ESET Internet Security & ESET Smart Security Premium
As for Adguard, please read https://forum.eset.com/topic/16066-112490-causes-netiosys-bsod-on-win10/. Try uninstalling it and let us know if it makes a difference. Should the problem persist, does it occur only with https websites and http websites open alright? -
We have double checked the detection and what has been reported to be detected. We confirm the detection is correct, only a small correction to it will be made. It detects scripts that often server malicious ads delivering PUAs and malware. There's also connection with child pornography and the JS/Chromex.Submelius malware.
-
Arquivos criptografados .BIP (Encrypted .BIP files)
Marcos replied to Lessandro's topic in Malware Finding and Cleaning
Files with the bip extension are legitimate files that were encrypted by Filecoder.Crysis. They are not subject to detection. Please provide me with logs gathered by ELC and with another tool that I'll provide you with via a personal message. -
EMS for Domino: someone is sending SPAM
Marcos replied to Lockbits's topic in ESET Products for Windows Servers
I'm not a Lotus Domino expert but I assume it generates some logs where you could trace from which IP addresses the spam was sent from. Then I'd gather ELC and ESVC logs from that machine for perusal. -
This is from one of the compromised websites, looks like a heavily obfuscated JS. Below is an already beautified excerpt from it : Do not disable protection to circumvent the detection / protection or you may get infected. Not sure what the script exactly does but it doesn't look nice and I'd never want such script to be run unless provided by a highly trusted entity.
-
That is ok. The address serves just for the purpose of redirection and no such request is actually sent out. It's a recent change in Chrome that causes Chrome to report "Not secure" for all http websites. A secure browser with a bank's website and https address in the address bar should open in a new window.
-
Try running the browser without extensions. Also you can try another browser to see if the threat is detected.
-
My site is NOT malicius, malware site
Marcos replied to Noizeradio's topic in Malware Finding and Cleaning
Since the malware has been removed, the website will be removed from blacklist momentarily. -
Can ESET Mail security support hosting server
Marcos replied to mayowa's topic in ESET Products for Windows Servers
If they don't run their own mail server, then they cannot use products for mail servers. -
Since this is an English forum, please post in English, otherwise moderators and most of other users will not understand it and won't be able to help you. Please provide a more accurate description of the issue that you are having. How is it related to ESET?
-
Chrome Warning to remove Eset Endpoint Antivirus
Marcos replied to zhopkins's topic in General Discussion
I'd like to check ELC logs from this machine as well as a Procmon log from the time of launching Chrome but that should be discussed further in a new topic. -
ESET' service' (ekrn) failed to start.
Marcos replied to Ali Akbar's topic in ESET Endpoint Products
We'll need ELC logs from the machine. Something is causing ekrn to take too long to start until it times out. -
Please provide step-by-step instructions to reproduce the issue. Also make sure that QUIC protocol is disabled in Chrome: https://support.eset.com/kb6757/.
-
Anti-Theft Questions on how it works
Marcos replied to ebill's topic in ESET Internet Security & ESET Smart Security Premium
1, Since AT works also on older operating systems, I assume that the Win10 location services doesn't need to be enabled. 2, A photo is taken only when you run AT test or when you mark the device as missing in the AT portal.