Jump to content

Marcos

Administrators
  • Content Count

    13,288
  • Joined

  • Last visited

  • Days Won

    585

Kudos

  1. Upvote
    Marcos received kudos from persian-boy in Very poor test result   
    If you really think that other AVs outperform ESET, then why you are still using it? Just a rhetorical question.
  2. Upvote
    Marcos received kudos from JamesR in Virus in operating memory before and after offline scan   
    V4 is an ancient version which does not provide sufficient protection against current threats and is not supported any more either.
    Uninstall it and install the latest Endpoint v7 (or 6.5 in case of WinXP) asap without disabling any protection features or default settings. After activation and update, run a full scan and reboot the machine after the scan was completed.
    Should the problem persist:
    - gather logs with ESET Log Collector (select Threat detection in the ELC menu)
    - Procmon boot log

    Upload the stuff in an archive encrypted with the password "infected" to a safe location and email samples[at]eset.com while providing a download link as well as a link to this topic.
  3. Upvote
    Marcos received kudos from Gonzalo Alvarez in Can I install new version "on-top" of my older version?   
    That's because you first installed ESET using a bootstrapped installer which in fact runs an msi installer in the background. The msi installer is then kept in c:\windows\installer folder and is run if you choose to repair the installation.
    Since upgrade to newer versions is typically carried out via uPCU updates (ie. not the whole msi installer is downloaded and only differential files are), the repair feature of the msi installer cannot install the very latest version to which you've upgraded via uPCU. Moreover, uPCU upgrade is typically performed throughout various versions, e.g. 11.0 (bootstrapper / msi) -> 11.0 (uPCU) -> 11.1 (uPCU) -> 12.0 (uPCU), etc. We had been considering disabling the repair feature for this very reason in the past.
  4. Upvote
    Marcos received kudos from Gonzalo Alvarez in Can I install new version "on-top" of my older version?   
    Installation over older versions is fully supported.
  5. Upvote
    Marcos received kudos from Aryeh Goretsky in Eset the key from which distribution?   
    Please contact your local distributor to answer questions re. licenses.
  6. Upvote
    Marcos received kudos from Gonzalo Alvarez in Eset the key from which distribution?   
    Please contact your local distributor. I have no clue where you found the key; if you purchased a license you should have a registration email with your license details. If you lost it, it's possible to retrieve it, e.g. through your local distributor if you purchased the license from him.
  7. Upvote
    Marcos received kudos from TomasP in Very poor test result   
    I strongly disagree with this accusation. Itman is not an employee of ESET and has no other relation to the company. He's become an active user in our forum and is a person who 's always willing to help the other with issues they have for no profit.
  8. Upvote
    Marcos received kudos from itman in Very poor test result   
    In order for us to provide an official response on the test, we would need the following:

    Obviously the following concerns were not addressed since the "tester" didn't download files from actual urls serving the payload, ie. real-world conditions were not fulfilled and one of the important protection layers was bypassed:
    Without logs, samples or hashes, and possibly further metada, everything said in this topic are just speculations. Respected testers would allow vendors of tested AVs to review the results, provide the necessary stuff for verification and give room for disputes with vendors. This was not the case. Having said that, we'll draw this topic to a close.
  9. Upvote
    Marcos received kudos from TomasP in Very poor test result   
    I strongly disagree with this accusation. Itman is not an employee of ESET and has no other relation to the company. He's become an active user in our forum and is a person who 's always willing to help the other with issues they have for no profit.
  10. Upvote
    Marcos received kudos from Gonzalo Alvarez in Eset Remote deployment   
    If you deploy an installer with AV Remover, then the previous AV should be uninstalled provided that it's supported by AV Remover.
  11. Upvote
    Marcos received kudos from Gonzalo Alvarez in Eset the key from which distribution?   
    Please contact your local distributor. I have no clue where you found the key; if you purchased a license you should have a registration email with your license details. If you lost it, it's possible to retrieve it, e.g. through your local distributor if you purchased the license from him.
  12. Upvote
    Marcos received kudos from Rami in Very poor test result   
    I'm sorry, I don't understand. Each vendor uses its own mechanisms to detect and get suspicious files. There are many ways how vendors get samples but the quickest way to learn about new malware is via feedback systems which is ESET LiveGrid in our products. What matters is how quickly a particular vendor can identify new malware and respond to it by adding recognition.
    The problem with script malware is that scripts can be modified easily even by people with little knowledge (e.g. by kids or students) until they become undetected by the vendor that they focus on. No matter what vendor it is, detection of scripts can be relatively easily circumvented. The only 100% protection against script malware is blocking the script interpreter from interpreting scripts, e.g. which are placed outside of a folder in which execution of (legitimate) scripts is allowed. And that is also why we recommend applying HIPS anti-ransomware policies to improve protection even more.
  13. Upvote
    Marcos received kudos from Gonzalo Alvarez in ESET Livegrid not reachable   
    The ESMC server has nothing to do with Endpoint's communication with LiveGrid servers and restarting the ESMC server cannot affect it in any way. I rather suspect that the server got into a state when it stopped accepting replication attempts from agents for some reason. Should you run into the issue again, check if a troublesome machine has recently connected to the ESMC server.
  14. Upvote
    Marcos received kudos from Gonzalo Alvarez in ESET Livegrid not reachable   
    You can temporarily set logging verbosity to diagnostic on the client and in case the issue returns, check the ESET event log for more details about the failure.
  15. Upvote
    Marcos received kudos from brezanac in Smart Security Premium & Webcam Access Notifications   
    Are you prompted for an action even if you delete all existing webcam protection rules and choose to remember the action again? Does the problem persist even after uninstalling v12.0.27 and installing it from scratch?
  16. Upvote
    Marcos received kudos from Gonzalo Alvarez in ESET Livegrid not reachable   
    Try temporarily changing logging verbosity to diagnostics and check the ESET Event log for more details about the error.
  17. Upvote
    Marcos received kudos from soda_za36 in Untrusted Certificate Popup on several machines   
    Um.wbtrk.net indeed uses an expired, ie. untrusted certificate:
    https://www.ssllabs.com/ssltest/analyze.html?d=um.wbtrk.net&latest

  18. Upvote
    Marcos received kudos from Aryeh Goretsky in SOLUTION TO :- JS/Adware.Agent.AA application" pops up   
    Please nobody follow the advice above. Disabling web protection would expose your computer to Internet-borne threats.
    The solution is not to visit websites where ESET detects malware or some other threat.
     
  19. Upvote
    Marcos received kudos from heyyahblah in Banking Protection Just Stopped ...   
    Do you mean the following respective IB pages?
    https://www.scotiaonline.scotiabank.com/online/authentication/authentication.bns?convid=1114919
    https://www1.bmo.com/onlinebanking/cgi-bin/netbnx/NBmain?product=5
    https://www1.royalbank.com/english/netaction/sgne.html
  20. Upvote
    Marcos received kudos from Aryeh Goretsky in ESET corrupted file   
    This is an example of how Fortinet corrupts files. In the left pane you can see data being replaces with zeroes:

    Usually at offset 1MB (including HTTP header), a 73-byte section is zeroed. This problem occurs with large files like em002_32_l0.dll.nup, em002_64_l0.dll.nup, em002_64_l1.dll.nup, em023_64_l0.dll.nup, em023_64_l1.dll.nup.
    Not sure if creating an exception will be enough, please try.
  21. Upvote
    Marcos received kudos from Aryeh Goretsky in SOLUTION TO :- JS/Adware.Agent.AA application" pops up   
    Please nobody follow the advice above. Disabling web protection would expose your computer to Internet-borne threats.
    The solution is not to visit websites where ESET detects malware or some other threat.
     
  22. Upvote
    Marcos received kudos from Aryeh Goretsky in Why is my scan taking so long?   
    On my machine it took 1 hour and 45 minutes to finish a scan of the C drive with 3,2 mil. objects scanned in total.
    The scan time depends on many variables. For instance, the more big archives (e.g. iso containers) you have, the longer it takes since files from each archive have to be extracted before they are scanned. You could try running a scan with archives disabled and see how long it will take then to scan the drive.
  23. Upvote
    Marcos received kudos from Abdul Jabbar Dumrai in ESET is Filtering SSL/TLS Traffic thus downgrading Latest Http2 Protocol   
    Please name only those that do not have support in browser add-ons which is quite trivial to implement. We do the filtering deeper at the Windows Filtering Platform level which gives us the possibility to be browser-independent and filter the http(s) communication of any application, not just browsers' communication.
  24. Upvote
    Marcos received kudos from petersonal in unable to uninstall era agent   
    Remote admin tools have an option to re-establish connection after booting to safe mode where you could run the ESET Uninstall tool to remove the era agent completely. Wouldn't that be an option? Then you could install the latest version of the ESMC agent from scratch.
  25. Upvote
    Marcos received kudos from Waltered in Issue updating Agents   
    No, the category is ESMC:
     

×