Jump to content

Urashima Taro

Members
  • Posts

    14
  • Joined

  • Last visited

About Urashima Taro

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Please select
  1. @100 Thank you. This will do until ESET resolves this conflict with SandBoxie.
  2. @itman I do confirm that the issue with ESET locking SandBoxie registry files do still occur with cleaner module 1199 but at the moment only when the "ESET Startup Scan" is active and I am closing a SandBox and this occurs sometimes but not rare.
  3. @Marcos I have been running ESET 1197 pre-release cleaner module for the past few days without issues. Sandboxie is working like it was prior to the reported problem. Marcos, could you elaborate what did ESET cleaner module did to Sandboxie to cause this problem? Sandboxie worked along with ESET for years without any conflicts until the reported issue occured recently. Your input is appreciated.
  4. @Marcos We are half way into "next week", do you have an ETA for pre-lease cleaner module 1197? Your response is appreciated.
  5. Understood, thank you for the clarification. The Sophos mitigation did not work as well in my case.
  6. I have taken the dive into ESET's 1195 pre-release cleaner module. I am not sure why I did not receive the 1197 pre-release cleaner module after opting for it. For the most part it works but I do still receive the sandbox deletion issue 2 times out of 6 cold boots. I am attempting to find if there is a relation between how soon I log into OS desktop from a cold boot and open a sandboxed browser session with the sandbox deletion issue. 1195 pre-release is better but not a solution to the problem. I will attempt the blocking of ekrn.exe with Sandboxie after I revert from the 1195 pre-release.
  7. Okay, disabling ESET NOT32 HIPS did not work as well. I have re-enable it along with DBI and have disabled "Protocol Filtering" completely and so far so good. Will continue testing.
  8. You are correct, it took less than 2 hours of work to see that this option (ESET DBI Exclusions) did not work. I have disabled ESET NOD32 HIPS and are trying again. WIll post my findings soon.
  9. I am testing the option of setting up all Sandboxie files to be excluded under ESET NOD32/HIPS/DEEP BEHAVIORAL. I will report back in about a week worth of use.
  10. I am experiencing a very similar issue as reported by Tetranitrocubane. I run Win7x64 / Sandboxie 5.30 / ESET NOD32 12.1.34.0 all running without any issues until I received Detection Engine update 19640 (20190705) and Rapid Response module 14501 (20190706). I am still able to clear the contents from the sandbox after a cold boot. No other updates and/or changes has been introduced to my system with the exception of the ESET updates. Any assistance in this matter is much appreciated.
  11. Hello Marcos, Thank you for taking time to reply. Are there any logs within ESET NOD32 that I could provide to you that will show if and when I changed any settings? I am the only one who has access to the workstation in question and have not made any changes since the time of the initial installation of NOD32. The logs that I have only show when the scanner started to flag these files as PUA. Any insight into providing you this evidence of changes within NOD32 is appreciated. Respectfully, Urashima Taro
  12. To Whom It May Concern: I run multiple scans a day, every day since having installed ESET NOD32 on a workstation for the last three months. Each time I have zero detection of files stored on the same machine with the same files. In the past week I have noticed that the latest updates are now flagging files that are considered to be "Potentially Unsafe Application" (PUA). These same files have been scanned daily, multiple times a day with zero results, without changing any options on ESET NOD32. Why are these files now considered PUA? When in the past ESET did not even noticed them for three months. The files are: CPU-Z_1.56-setup-en.exe HWMonitor_1.16-setup.exe Both come up as PUA due to having "AskInstallChecker" and "AskToolbarInstaller". I am running ESET NOT32 on Win7x64 OS. Version of virus signature database: 15685 (20170703) Date: 7/3/2017 Time: 2:50:40 PM I have previous scan logs which scanned the same files with no detection. Your guidance and/or assistance in this matter is appreciated. Respectfully, Urashima Taro
  13. I am having the same thing but using NOD32. I run multiple daily scans on the same directory for the past few months with no positives. This appears to be a false positive: Version of virus signature database: 15520 (20170602) C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template2.pdf28 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template3.pdf26 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template2.pdf26 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template1.pdf26 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template3.pdf28 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template2.pdf28 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template3.pdf27 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template2.pdf27 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template1.pdf27 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template3.pdf25 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template2.pdf25 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template1.pdf25 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template2.pdf16 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion C:\Program Files (x86)\Adobe\Acrobat 11.0\Setup Files\{AC76BA86-1033-FFFF-BA7E-000000000006}\Data1.cab » CAB » template3.pdf15 - PDF/TrojanDropper.Agent.AH trojan - action selection postponed until scan completion
×
×
  • Create New...