Arakasi

Just a question to make sure.... When you enable SSL protocol checking, do you uncheck or have you tried ? " Block encrypted communication utilizing the obsolete protocoll ssl ver2 " ? This would mean the mail server is relying on a handshake that has so many flaws it could be laughed at, ver3 is patched. Can you try and see ? Is the mail domain public/known or private/masked ?

Hey Loke, i find that auto mode + rules is usually sufficient, but again i dont know your environment or work. We do know significant changes have been made with ver7 beta, and its still being worked on. Beta phase *Advanced memory scanner was one, they could have also beefed up the strictness of whats behavioral; as hips interactive is suppose to be "prompt" on most. You could try enabling logging under configure rules, and have a peak.... Also, i would be interested in the rule list you have, have you double checked it for behavioral type prompts ? Good Luck

Hi Guest_concerned. My apologies if any offense has been portrayed, it was not my intention; as a public forum i was speaking out in assistance for jlpeifer , who is concerned about Eset's ability to protect against threats for his personal clients. I wanted to ensure him he has great products installed; and maybe other methods of attack (helping his customer) may be needed to provide customer service. The following links are to make aware that Eset is fully known of the infection of what no one seems to know is called more recently Reveton.A of ransomware. We all call it Fbi moneypak nonetheless.... hxxp://www.virusradar.com/Win32_Reveton.A/description Forms of fbi ransomware on eset virus radar: hxxp://www.virusradar.com/en/search/all/fbi%20moneypak Win32/TrojanDropper.Agent.FBI - Its true it has been a while for some time. 2008 , maybe earlier hxxp://www.virusradar.com/en/Win32_TrojanDropper.Agent.FBI/description As far as "no software provides 100%". I have to agree from long experience in repair. The person behind the chair is always controlling the direction of his browser or mouse clicks. I am guilty myself. There is an abundance of malicious software in the world, with high percentages of them, type that love to spread. -When i clean computers for customers, i not only manually sift through their files for certain anomalies (after staring at windows directory for years you can actually memorize it by the thousands). -I scan with multiple rootkit scanners -Then with multiple virus/spyware programs -Then remove PUA's through add/remove like toolbars,java,flash, and all outdated software -Not in this order but i make sure all temp folders are dumped to increase vir rem and lower scan times -I remove any anti virus at this point i feel may be insufficient. -Upon removing PUA's I then scan with multiple malware/spyware/virus/trojan scanners AGAIN, possible with cloud scanners and onsite scans at the end. - End with updating apps, and any i didn't..... forces the customer to go out and get the latest which would be patched, even if i didn't agree with it being installed. Reason being [ all the different companies have different databases, and different definitions, some may have caught or seen that others have not - this could be due to location in the world or different cloud submissions from users] At this point you have to decide what sort of protection are you going to give your client for preventative maintenance. *we wont be around when it comes to lurk its ugly head again. So we opt for the best software with heuristics and real time file system protection to prevent. I believe Eset has done a great job at naming itself a good active program and a cleanup program in one.. Both exists as separate tools/methods out in the wild. Thanks guest_concerned for sharing your thoughts. I hope i helped a little from a techs mind-set.

Good day Hitman. I am sorry for your dissatisfaction of eset's product. I would gladly provide some assistance on their behalf in the form of exclusions for the software you may be running / conflicts that you may be having. Just post here or send me a message. I back their software as remarkable and hope we could change your mind. There are Eset mods on this forum that i am positive they will provide you with assistance. If only your issues regarding software were announced to here. They are great people. If you still do not receive satisfaction. Their publicly announced contact site is @ hxxp://www.eset.com/us/about/contact/

Well. You have to determine if that error is because of the layer 5 transport layer of osi using "SSL" or if its using the actual protocol "TLS" vs "SSL" As with most mail servers, you could either be describing that error from using the wrong encryption type, or as a general error of the SSL being rejected by server. At layer 5 the handshake is performed, and then at layer 6 the communication is encrypted. That sounds like what needs to be determined. Do you have full access to adjust mail settings ?

Well... I found the download for it through a 3rd party site. However Eset has shutdown activation servers for the product as well. So don't take that route. I trust Eset will push it out soon. I also trust they wont let us paid users go without some sort of help from this whole debacle, assuming ver2 is better and does not crash. Trust me i will be passing some of this info along to Eset . Thanks kent & ugly for feedback Thanks eset staff

Wow, i cant find it on play store or by using the qr scanner. Is it gone and over now ? That would make me a little disgruntled i cannot obtain it now until RC or Rp version. I have active sub on #1. Oh well Maybe i can swindle a link from someone.

Time to start comparing system specs. I play games daily. Have have had no issues with advanced memory scanner enabled with Battlefield, or Crysis, Wow, Aion, AssasinsCreed, Farcry. Vidko..... Please list the following : --Hard drive your OS is installed on - model, type, interface connection. --Amount of System Ram, Speed of system Ram --Processor type & speed -- FSB speed if applicable --Whether or not Gaming mode is enabled -- OS version Please post if you require assistance obtaining this info.

Ok well i can refrain from frequently using task manager. If this is indeed a google issue. Show me where to raise he** against them to provide a fix. Thanks ugly & eset. **update I also noticed that if i use the back button instead of the home button to exit. I receive the loading EMS components again every time. Very curious on that as well. Home button vs Back button ? Thanks again. Specs: Samsung Galaxy III - Verizon (SCH-i535.10) - Android 4.1.2 [kernal:3.0.31-1152558]

The following attached screen, is what i get when i select Eset from the Android pull down menu after running a task manager or clearing from default task manager with android. Does this mean its not actively protecting until i launch it again ? Would be nice to have clarification on whether its still protecting or if this is just a GUI launch. Also is this truly a task kill that's stopping services? We should be able to come up with a fix for this also from process termination defending !

I can confirm this issue. Will be attaching a screen. This is a paid security app. I have noticed this for months now and assumed it was normal. I hope to get a confirmation here, or possibly at Blackhat. I am in no hurry as Eset does an excellent job of catching bad apps the moment i download and install, telling me to remove them immediately and starting the uninstall for me.

In my experience, my customers who run Av products still like to visit the web url's and sites that have malicious programs. I have learned in my years and years of working. You can never trust the user. Although up front you have to be courteous and understanding as well as professional. You cannot accuse, blame, or insinuate that its there fault. You can only do as they ask and fix their issues while maintaining good rapport and a nice strong attitude. My customers will turn off and disable their anti virus to visit the bad sites such as pirating and pornography websites. Then, turn there AV back on after they have completed their tasks. I highly suggest you strongly keep this in mind. However do not accuse or blame, only keep your calm and maintain your assertiveness that ESET has a strong virii engine for protection against most threats.

Another very nice feature that could be a nice addition to eset is a stronger termination protection. We all know eset runs as executable egui.exe and so do malware devs. I wanted to add an example from the well known SAS as a running process. In Task Manager it reads as : Image Name: 6985c66f-6756-4002-aa08-a1038fcf4b79.com Description: SUPERAntispyware Application I have been seeing many posts and user comments about how eset was terminated by malware or similar. I am unsure of the technology behind this but it looks similar to encryption. To the devs: TerminateProcess is a weak attack but malware may use it because its quick and efficient. I am confident this has already been blocked by eset engine. I am assuming we already have a form of WM_Close with destroy window protection ? If not may be good to investigate for future releases ! I also assume SetWindowsHookEx protection is there as well ? This is where the question of 32 bit and 64 bit versions come into play as i heard Marcos discussing earlier ; as with DLL injections.... a 32-bit DLL can't be injected into a 64-bit process and a 64-bit DLL cannot be injected into a 32-bit process. I was curious to how many methods of process to process protection nod32 has ? I'm amazed at how the window handle name or image name, whatever, has been altered by superantispyware. Although it still has a PID. I am not sure how they did it, but if eset were to develop a form of technology, of course with software copyright in mind , we may have an even stronger piece of software on our hands to protect against some of the more nasty malware that i hear users are complaining about. Developing this protection can be fairly difficult however a simple change in running name may be an easier addition to app term. prot. then the previous discussed methods.

Eset , Malwarebytes, Super Anti-Spyware, Sophos, Kaspersky & McAfee do not detect any suspicious behavior from those 3 files. I did not run the executable myself though.

Just to throw in more to help..... Have you manually browsed your file system in an attempt to locate said virus ? Start with changing folder options to show hidden files and folders, and show protected os files. Visit the following directories: C:\programdata C:\temp C:\windows\temp C:\windows\prefetch c:\users\ [or Documents and settings for older win versions]( Main profile, including all users profile, or public) *within profile check appdata\local - appdata\locallow - appdata\roaming C:\Users\'profile'\AppData\LocalLow\Temp C:\Users\"profile"\AppData\Local\Temp C:\Users\"profile"\AppData\Local\Microsoft\Internet Explorer are a few you can look in for exe's or dll's If you are having trouble locating profile run a cmd prompt or Startmenu > Run interface and type %userprofile% for current logged on user profile. The way i think, is if normal software cannot remove the virus, manually get rid of it yourself. (this does not always work !! but sometimes you can delete if its not a spread or memory infecting virus) relying on execution. If you still have troubles.... The next best option is to pull your hard drive and scan with a laptop via usb or second desktop. It may be hiding after logon or boot. Good luck !

While Eset is the top of the line Antivirus with no comparison in my opinion !!!! 1 Database of virus definitions is not absolute. Download a few other programs as well and scan with those as well, just to be on the safe side. If you do not notice any extra pop ups or funny activity like site redirection or programs crashing on their own. Including issues booting to operating system. You should be ok. Good luck !

Good day my IT friends ! My name is Ryan and i have been working in the IT industry since i was 14 & teaching myself how to program with BASIC and familiarizing myself with the internet on my first computer. A Gateway lol. I am 30 and love anything and everything that has to do with computers. I started off learning how to repair iPods when the 2ng generation was created. I moved into iPhones and iPads and started teardowns the moment smart phones were booming. My first you tube video can be located by searching "ipad teardown" Its the only one with a tat on my finger ! iPad 1st gen. I moved into corporate environment as a network administrator after school and certifications; working for Citibank. I have also provided network support for a United Health Group subsidiary. I love helping people with computer issues and my first break into this sort of assistance was at ww w.overclock.net. Same Username. I have not been involved in forums for years because i was unable to find a new community in which to become acquainted. I run a self built EVGA 780i - 995 socket with a qx9650 oc'ed to 4.1 *love to game!! I refuse to take the plunge into windows 8 and will stick with my 64bit 7 version until i see change from tablet back to desktop which i believe corporations and business will always have a need for. How did you find the ESET Security Forum? - I learned of the new forums from the Beta invitation ! What OS are you running? Windows 7 Home Prem 64bit What AV are you running? Eset 7 AV only What’s an interesting fact(s) about you? I am a musician and have studied percussion all my life. I love to program with basic and c++. I am a dedicated overclocker of anything that has open bus alterations Feel free to drop me a line anytime. I am outgoing and love to discuss computers. I take criticism well, so don't hesitate to correct me if i am i incorrectly informative or with a misunderstanding. Thanks and glad to be a member of these Security forums. I hope i can learn a lot from the community.

One more addition to feedback, that i am not sure if has been mentioned. I really think the operating system update warning is very useful. - There are many consumers that do not pay attention to that AT ALL. Believe me i know from some of my clients. However they do tend to pay attention to their AV just in-case they stumbled upon malware. It seems NOD32 is quicker to recognize these out of date systems quicker then even Microsoft's checker, possibly because MS has different intervals and concentrates on internet resources for the average user, and Eset up front has a check during boot or after the profile has loaded. Amazing job devs!

Thank you Kent. Thank you Dan. I'm really looking forward to BlackHat as well as becoming more aquainted with the forums and Eset staff. I hope I can provide much assistance where & when needed. Cheers~

Hey guys! Just an informative post here. I was tickled on the inside since I only own PCs. Unsure if its old news, but I just heard recently. Eset may be able to jump the gun on a counter solution early if not already. I read in the rules breaking up links and ensuring its non malicious was ok. If not my apologies! Article on dailysmalltalk .com

A manual remove of everything eset should clear it. Show hidden folders and visit, c:\programdata , program files, % userprofile%\appdata\ local and roaming . Also public or all users. Then visit the registry and Find all keys related to eset and remove. Then uninstall office again & do the same thing for office only in the files and folders not registry unless you think you can tackle that. Then reinstall office. First thing that comes to mind is eset might have the plugin buried in outlook directories. These tips may or may not help, but that would be my route to take if I had your issue. Good luck!!!

90 second installs? I have an MSI with an i5 & 8GB RAM, the install took about 3 minutes. Still, this is an improvement over previous versions. Plus no reboot was required. When there is improvement, no matter how slight, I'll take it. Install times also depends on the ISP speed, which if a cable one, may vary during peak times. The "99%" complete even shows as such with the ESET Online Scanner, even though it may still scan for another 30 minutes or so, & also shows for a bit on V6. Kind of like a gas gauge on an auto, it's not an exact science. Ever notice how long it stays on Full, then once it begins to drop, it does so as a rock? That bugs me more than the "99%' complete does, as I know that I'm soon going to pay for more fuel. No one year subscriptions there. Cat Mine was 90 seconds or less. Try thinking in terms of what the program is doing and how fast your components are vs what components you have. The i3 (1.7-2.0) and i5 (1.3 /w 3.0Max) doesnt compare to an overclocked processor running at 4ghz+ Having 8GB of ram isnt going to speed up your install, but having Ram running at 1600+ or 2200+if ddr3 throughput, will show an improvement with installs. Then, the writing the install data to program files and organizing all the files will be determined by HD speed. SSD's will show more improvement on install times. Most people now days on average are downloading at 3-6megabits, with high performance users 20-60. Can safely say that is enough on download bandwidth. With all this being said. Only having the up-to-date virus definitions already prior to starting the install will achieve the said install times. What i have to agree on most is the Progress Bar coding on the scanner. Is the dev team using a Timer ? or a Loop ? It shouldnt sit at 98-99% and have Gigabytes of data left to scan through. Good luck, and as always , Thanks ESET & Staff for one excellent AV Program. In the IT industry myself, i know without a doubt, NOD32 engine and its addons destroy the competition !!

Heys, Just installed v7 AV (Not a clean, installed over ver6) - My thoughts are as follows. - Installation was fast (using pci-ex ssd) and without errors just like i remembered with ver4, 5, and 6 *Less then 90 seconds i might add* - License carried over and my sub is still active till November ! - Agreed, the old taskbar icon was far greater in design and perspective, and i always looked forward to the next color to be used by the company. - Not sure if this is new but ( Enable gamer mode in full screen apps automatically ) ? If i missed this in previous versions, that is a nice feature indeed for gamers ! - I love how the exclusions carried over from ver6 , maybe this was due to files in Appdata and ProgramData sections ? Very awesome - Idle state detection to start scan running? fairly useful - Tested Outlook plugin with Outlook 2010 Proffessional Plus! Plugin loaded without errors. (Attempted to scan the root inbox of 1 mail account - no change, Highlighted all mail items within Inbox - no change) (*Repeat already scanned messages selected ) I am unsure whether the plugin is communicating the commands back to the program main handle to be executed or not. Whether its a backgroundworker or initializing the main form to start an action, it may need another look ! Thanks ESET for your free beta test of ver7. I will continue testing and submitting feedback. System: Win7 Home Prem. 64bit OCZ Revodrive SSD Pci-ex x2 GTX 285 QX9650 @ 4.1ghz 4GB Ram - Mushkin High Perf.