planet
-
Posts
560 -
Joined
-
Last visited
-
Days Won
30
Posts posted by planet
-
-
Although I know that Eset is a fine a very highly recognized security program I think the developers should have a little talk with their sales team about the bad taste their little escapade may have left in the mouths of many Facebook users
I just want to mention that this is Facebook's thing and they don't only use ESET for their malware detection on accounts, but also F-Secure and Trend Micro and apparently plan on providing more vendors for this in the future (here's a link to the original announcement about this scanning on Facebook).
-
Ok wish I found that link earlier, Whoever came up with this brilliant idea should of made it more clear because I didn't find any links anywhere explaining what it was doing, I had to google it.
BTW I'm not actually sure if it actually cleaned anything after it scanned because it said it found 1 problem and the only choice's were to either try a 30 day free trial or buy the product neither of which he wanted to do so I just closed the the program.
If Facebook asks to do it again in the future, I would scan all other possible devices the account is logged into in case there is still something causing it to happen. Regarding the scanner, once you clicked Finish you can simply close the window (which you did).
One more thing how did Facebook know He had a problem he must of got it from them LOL .
Just in case anyone is wondering what it found it was some toolbar in the downloads folder that was not installed. I ended up deleting everything in that folder
No one really knows - it could be from logging into his account on an infected device, suspicious activity on the account, allowed applications sending spam, etc. Check in the Account Settings such as Security to remove any unknown active sessions or saved devices, and possibly review the approved applications on the account to see if you can remove any that you don't need or look suspicious.
Also I don't see any option to mark this thread as solved so I will leave it the way it is unless someone knows how to do that
You can click on the 'Mark Solved' button on the bottom right corner of the post that provided the best solution for you.
-
ESET has a KB Article regarding this very thing: "Why does Facebook require that I scan my computer with ESET?"
Facebook announcement: "ESET and Facebook Partner to Combat Malware"
Facebook requires your friend to scan his computer before being able to use his account, as they feel as though he could have malware.
Once he scans his system by using the scanner and following the instructions, Facebook should then give access to his account again.
Thanks' I read those announcements, But they don't mention forcing him to download Eset before he could logon
Following the initial notification, Malware Checkpoint will prompt you to perform a system scan using one of the security applications available on Facebook. If you receive a notification from Facebook with instructions to scan your computer, you must complete the requested scan before you will be able to log in to your Facebook account.
-
Anything about this?
-
When I install ESET Cyber Security Pro on each of my kids Macs, immediately after detecting our actual home network the following happens:
- New Network Connection Detected. "You just connected to an unknown location. Please select a profile for this connection."
- So, I confirm my current (not new) network connection name. It shows my current familiar network address.
- Then it prompts me again with a New Network Connection detected.
- It says, "Interface: awd10" I don't know what this is.
- Below, under advanced settings it shows a Network of "fe80::/64" and above that a particular fe80... address. I am unfamiliar with this address.
- Now, my normal network connection shows BOTH addresses, as if my internet connection might be routing 2 different directions. This appears really suspicious to me.
I'm wondering if a malicious code is activating or running awd10.
Does anyone else experience this?
Is this a true part of ESET? (If so, it would be REALLY nice to be forewarned.)
Hi Craig,
I'm fairly certain that this isn't malware based on the information you've provided.
Here's a nice description for it (via Mario Ciabarra on medium.com):
AWDL (Apple Wireless Direct Link) is a low latency/high speed WiFi peer-to peer-connection Apple uses for everywhere you’d expect: AirDrop, GameKit (which also uses Bluetooth), AirPlay, and perhaps elsewhere. It works using its own dedicated network interface, typically “awdl0".
You can read the full article as well for more detail on this.
Aside from your kids Macs, do you have any other apple devices connected to your network? Any AppleTVs, iPhones or iPads etc. with AirPlay or AirDrop or currently turned on? Overall, this would be why you are seeing this appear in ESET Cyber Security Pro.
I do think ESET should provide more friendly names instead of just the technical name of the network interface (such as Apple Wireless Direct Link (awdl0) instead of just awdl0) if possible. I know they already provide the friendly name for some like Ethernet, Wi-Fi and Bluetooth but have no idea why not for other ones. I'll add this to the suggestion topic.
In terms of selecting a profile, you can select the same one you're using for your main Ethernet or Wi-Fi connection (you mentioned Home).
In another article (near the bottom that mentions Yosemite) by the same author, if you feel that you don't need to use AWDL you can turn it off via the terminal and turn it on again in the future if you need it later. Turning it off will no longer make awdl0 active. Before you do this though, please make sure you're running the latest version of Yosemite (10.10.3) and backup anything if necessary.
-
Found issues with the new endpoint AV effecting web browsing by simply not going to certain websites, just a blank screen, no error, only in Safari.
Support notified, will be fixed in next release, but no idea when, etc, etc.
Not good enough.
Recent updates to the 'Internet protection module' has resolved the web browsing issues (See previous topic 1, topic 2) for 6.0.24.0 at the moment, however after updating the Macs need to be restarted for changes to take affect or else the issue will still be present.
Restart OS X after the update is complete. Then, if you click on the ESET icon and click 'About...' then 'More Information...', see if you have the same Internet protection module or one from a later date:
Internet protection module 1173.7 (20150428)
This seems to be the current regular update module released as of now and the one I tested with. -
Renewal still isn't working on the Microbe site (tested with Multi-Device license) and ESET Australia isn't providing a way for prior customers (before the official store existed) to renew with them online if we want to - is there going to be a solution for people who wish to renew online instead of everyone individually contacting either Microbe or ESET Australia?
The problem is that Microbe's renewal currently doesn't work - when I try to renew with my username I only receive a renewal for 3 years of 'ESET Smart Security', not my current Multi-Device license. TJP is also getting the same 3 year ESS renewal too, with no option to change it.
Since all previous users were redirected to Pro1 to purchase for a while before the ESET Australia store was available recently, shouldn't there should be a future proof method for all Australian users to renew successfully on Microbe or have the choice to renew with ESET Australia?
Couldn't you automatically provide two options after entering the username on the ESET website to either renew with Microbe or renew with ESET Australia (as well as a brief description why people are seeing Microbe instead of Pro1 too)? If the ESET Australia Store existed when I purchased my multi-device license I wouldn't have gone with Pro1 or Microbe.You've nailed the siutation planet. All we want is the ability to renew with Eset Australia!
I don't want to use Microbe and I don't care about the issue/claim that Eset Australia is/will be 'poaching' or 'stealing' customers from its distributors (read the stories I linked to earlier). Do what all other vendors do - allow your users to renew with whomever they wish to. This is a non-issue for the likes of Kaspersky Labs, Symantec, Avira etc.
Microbe could be here today and gone tomorrow and then were am I?The question on renewal of multi-device licences has been raised several times in this thread and, thus far, studiously ignored.
-
Just wondering, did this occur straight after install without restarting Windows? Or after trying to uninstall it but cancelling it instead? Does restarting Windows resolve the issues?
I only ask as what on the video was also exactly what happened to me but only after trying to uninstall and cancelling it due to an error and was wondering why.
-
Does anyone know how to fully uninstall the product. I thought i did until I just noticed when i secondary click a file for example, under Services > the options to scan, clean file etc are still there for ESET.
You can delete the ESET services by removing the workflow files here: /Users/<user>/Library/Services
Unfortunately, Finder continues to display the items in the menu even if the files themselves were deleted (clicking on the menu items gives a 'workflow not found' error). The current workaround is to manually disable the context menu option within Preferences before uninstalling.
An update for this - the newer release of Endpoint Security for OS X also continues to have this problem, so after testing some more it seem like it is a problem with Yosemite or OS X rather than ESET in regards to the Context Menu issue.
When you turn Context Menu on in Cyber Security or Endpoint Security, it places workflow files in the location panther-modern mentioned earlier. When you turn it off or uninstall the program, ESET deletes the workflow files from that location. Usually, OS X will realise that the files were deleted and will update the services entries automatically. However, some times it doesn't and this is why we are seeing leftover entries in the Context Menu that don't work (as the files were deleted). I'm noticing this happening on Yosemite, but I am not sure if it happens on earlier versions of OS X.
So, aside from the workaround to reinstall and turn it off manually via ECS or ESS, some additional ways to resolve this issue if you see the leftover context menu after uninstalling Cyber Security is to:
- create a quick service in Automator which will add a workflow file to the same location ESET had place theirs, and then deleting the workflow file, making OS X refresh the service entries and the 'ghost' ESET entries are gone; or
- visit System Preferences > Keyboard > Shortcuts > Services and uncheck the ESET entries which should either make OS X refresh the entries or simply hide it from Finder until OS X does it by itself in the future with an update or upgrade.
Not sure if ESET has found a way to force OS X to recognise the workflow files being deleted and can implement an extra command when turning off the Context Menu or when uninstalling, but I hope this helps for users who experience this issue.
-
As it stands ECSP definitely needs work around Airdrop/Handoff/Continiuity
I'm currently running without it as it's become too much of a hassle to work around it when issues occur
Good news, just tested Airdrop and it is working again with OS X Yosemite 10.10.3 and ESET Endpoint Security for OS X 6.0.24.0 (currently on pre-release updates) released after ECSP 6.0.14.0. This might mean that the next build of ESET Cyber Security (and Pro) will also have the same results.
I don't know if it is just a coincidence or if they specifically tested Airdrop lately, but happy to see it working again and hopefully soon for home users too.
-
A few years ago, when computers were not as fast as today so any process or program that causes a slowdown would be easily identifiable since one would know that his system is running slower than usual. Nowadays it's hard to tell because today's computers are really fast.
This brings me to how I caught this spyware.......
After a format, installing Windows, updates, etc....... after installing iTunes, I would notice a huge slowdown in my computer and / or the internet connection. I checked the running processes and found something called mDNSresponder.exe
upon researching, it appears to be a spyware injected by Apple with anything you install from them, iTunes, iCloud, etc.
What they claim that it does that it helps in discovering media on the network (bunch of lies), what it really does is send all user activities / browsing habits to apple to help in user studies and targeted spam
If I'd uninstall Bonjour, the speed of my computer would be back to normal and the only issue I will get is an error message upon first starting iTunes saying that the Bonjour Service is missing but iTunes will continue to work perfectly fine! To make things worse, every time iTunes or any Apple product gets updated and you install the update, Bonjour slips in and gets installed again.
Now Logitech also started doing the same thing, in their latest Logitech Gaming Software it silently installs Bonjour as well so I had to revert to an older version as I don't want it even installed on my system in the first place nor do I want any traces of it.
Can you please start detecting / blocking it as part of the PUP/PUA thing?
Bonjour is apparently open source and is used by developers, with links, guides, libraries as well as the SDK and source code: https://developer.apple.com/bonjour/index.html
Here's a high level overview too: https://developer.apple.com/library/mac/documentation/Cocoa/Conceptual/NetServices/Introduction.html
Here they provide examples and more about Bonjour's operations: https://developer.apple.com/library/mac/documentation/Cocoa/Conceptual/NetServices/Articles/NetServicesArchitecture.html#//apple_ref/doc/uid/20001074-SW1
Bonjour, also known as zero-configuration networking, enables automatic discovery of computers, devices, and services on IP networks. Bonjour uses industry standard IP protocols to allow devices to automatically discover each other without the need to enter IP addresses or configure DNS servers. Specifically, Bonjour enables automatic IP address assignment without a DHCP server, name to address translation without a DNS server, and service discovery without a directory server. Bonjour is an open protocol which Apple has submitted to the IETF as part of the ongoing standards-creation process. To learn more, check out the Bonjour Protocol Specifications which detail the technologies that make up Link-Local and Wide-Area Bonjour.
Bonjour is not only based on open Internet standards, our implementation is also available as Open Source under the Apache 2.0 license. It is built into most modern printers and many other consumer products.
The above might explain why Logitech is now also using Bonjour with some of their software. It's like how some apps require another thing (.NET Framework for some software, or Flash Player/Unity for a game online). iTunes needs it to communicate with Apple devices over your local network and possibly for other iTunes features (like sharing your library over the local network and syncing your Apple devices over Wi-Fi). Logitech uses it for network discovery for their Arx Control feature.
mDNSresponder.exe is similar to mDNSresponser on OS X, which has Bonjour built in. I would not be too sure that it is 'spyware' and that they are lying about what Bonjour does and is trying to do the suspicious activities you mentioned.
They are using this technology for their Logitech Arx Control, and removing it may cause issues if Logitech (or Apple's iTunes) depends on it. That is probably why it couldn't be classified as a PUA.
From Logitech's website: hxxp://support.logitech.com/software/gaming-software
Logitech Gaming Software lets you customize Logitech G gaming mice, keyboards and headsets.
Logitech Gaming Software includes third party software components, libraries, and frameworks, including, but not limited to, the third party software listed below. These included third party software components provide key functionality to Logitech Gaming Software and are included in the software installation package.
• Digia QT - Application and User Interface Framework
• Microsoft Runtime Libraries - Application and Hardware Support
• Apple Bonjour - Network Discovery Support for Logitech Arx Control
It seems to just be for Logitech Arx Control which has network discovery support, which is why Bonjour is installed along with two other third party software.
Here is more information about Arx Control: hxxp://gaming.logitech.com/articles/arx-control
Win the information war and stay ahead of the competition with critical in-game information on your tablet or smartphone. "Arx Control introduces second screen capability that allows iOS and Android mobile devices to display in-game info, vital system statistics and more."
Which is probably why they use Bonjour, to use iPads or iPhones for this feature.
I'm not sure that ESET should prevent Bonjour as a PUA so users can't use products and services that depend on it.
-
I've noticed for a while that moderators and admins can edit their post and provide a reason for editing. When I edit one of my posts, I cannot see anywhere for me to be able to provide a reason for editing, which might be useful at times.
Is it possible for regular users to provide a reason for editing a post and if so, how?
-
Installation of v9 beta was really fast, much faster than v8 based on my experience so far.
GUI is simple, clean and modern.
Almost no noticeable impact on my system either, I think this will be a great release.
-
Hello Brandon,
There was a similar topic regarding this issue in the past, but with most recent module and VSD updates for Cyber Security 6.0.14.0, as well as most recent updates for OS X Yosemite (currently 10.10.3), this issue should no longer be happening.
What version of ESET Cyber Security and OS X are you using?
Any third-party apps or major modifications since you first noticed the issue?
Does it occur randomly or does it happen often at a certain time (for example it used to happen to me when first logging into my Mac at the time)?
-
@Planet, thanks for the feedback. How do I switch to the pre-release updates on EES. Also support got back to me and said they couldn't reproduce the issue, which I find hard to believe.
UPDATE: switching to pre-release updates has fixed the issue with Safari. Is there any word on when this will be patched/added to regular updates? I am very uncomfortable with putting anything "pre-release" into my production environment.
I just switched back to regular updates to check and noticed that the CSS and JS resources are now able to load correctly again in Safari, as it seems the modules have been updated since I last tested it.
Try switching back as well and clearing the update cache (also in the update preferences) on one Mac, and restart OS X after the update is complete. Then, if you click on the ESET icon and click 'About...' then 'More Information...', see if you have the same Internet protection module:
Internet protection module 1173.7 (20150428)
This seems to be the current regular update module released as of now and the one I tested with.
Hopefully it works for you in Safari.
-
To my best knowledge, a new version of OS X should be released some time soon which is the reason why it takes a bit longer to release a new build of ECS as it should include support for the new version of OS X too.
True
Does that mean though if any future bugs or issues arise with this new build of ECS, we won't able to have any updates or fixes (that modules can't resolve) or when a bug like the shutdown is discovered, until the next major OS X version? Or is it just because this shutdown bug isn't considered important to need a solution right away? -
Still no sign of a new release or a fix to this issue
ESET Cyber Security Pro makes my Mac way slower than a Windows PC to shut down, I think I'll uninstall it again and await the next release
I know it has been a long time already, but I wonder if ESET could provide an optional fix or patch for the shutdown issue for now in 6.0.14.0, until the next release? (Since it has been already resolved with the release of Endpoint Security for OS X earlier)
-
Planet thank you for your post here, you've helped me finally realize the issue that has stumped me for over a week or so.
You're welcome poiriern1!
An update, now the latest regular and pre-release updates for the 'Protocol scanner module' has resolved this issue but I needed to restart the Mac for changes to take effect and for websites to load correctly again.
-
An update, both regular and pre-release updates for the Internet protection module has resolved this issue but I needed to restart the Mac for changes to take effect and for websites to load correctly again.
-
Hello,
Someone did post a topic about this for EES, and after discovering the same issue I also posted about this for the Home Products (ECS and ECSP) as those products were also getting the same issue.
Until there is a response, I since did find that the latest pre-release updates have resolved this issue that was caused by the "Internet protection module" so I would suggest switching to pre-release updates on the Macs with EES installed, and then restarting them to see if that solves it. -
If you have not ticked the box and the threats were not cleaned automatically, you can right click on the scan log entry and click 'Show' to see where the infected files are (See this existing post for a screenshot and more detail). You could then perform a custom scan targeting that directory or file, or now perform a deep scan via the scan window.
It's also a good idea to double check your default scan settings to see if cleaning is turned on (by default it is set to the middle setting).
Also, cleaning isn't performed at all if you have dragged a file or folder (or volume) into Cyber Security to scan for some reason.
-
We recently signed up with ESET as a platinum partner and acquired Pro1 and AcNode in November 2014. We setup a renewal system for existing clients, redirected the websites to our renewal page and then an email was sent to all existing Pro1 & AcNode customers explaining the acquisition and reassuring them about renewal discount.
If you are an existing Pro1 or AcNode customer you will be receiving a renewal reminder from sales@microbe.com.au, 30 days prior to your license/s falling due.
There have been some teething problems that we are actively working on. Please be assured that if you have any concerns we are happy to assist on 1300 88 3456 or email us at sales@microbe.com.au and your matter will be dealt with immediately, as we appreciate your business.
I would like to apologise for any inconvenience experienced. We look forward to working with you to ensure your satisfaction with ESET products and our service.
Hi Alison,
Thanks for your post on here, it's great to have a response from Microbe abut pro1.
Unfortunately I never received that email you mentioned, so I'm not sure I'll be able to receive that reminder email but that's a personal matter and I'll contact Microbe when the time comes if I didn't receive that reminder when 30 days has approached.
I'm also happy to hear that there is work being done, hopefully I can renew my multi-device license if the time comes.
-
I'm assuming that you've read the KB article regarding this message you get:
hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3361
Where you restart twice (not shutdown), modify one registry entry, delete two other entries, restart and run the uninstall tool in Safe Mode, then restart (not shutdown) and reinstall the latest version?
The message is not exclusive to ESET but to anything that uses the Microsoft Windows Installer, such as a previous uninstall not recognising that the computer has since been restarted.
-
Within the Real-time Protection Advanced Setup, there's a setting for the clean file cache. I have read what is within the help file:
To minimize system footprint when using Real-time protection, you can define the size of the optimization cache. Enable clean file cache must be enabled for this setting to take effect. If Enable clean file cache is disabled, all files are scanned each time they are accessed. Files will not be scanned repeatedly after being cached (unless they have been modified), until the cache is full. Files are scanned again immediately after each virus signature database update. Click Enable clean file cache to enable/disable this function. To set the amount of files to be cached simply enter the desired value in the input field next to Cache size.
Is there any particular decision to have 50,000 files as the default cache size, and if I increased it to the maximum it allows me or a number higher than the total file count on my Mac, wouldn't that be better than the default according to the description above? Wondering if there's an optimal amount or why the clean file cache isn't just automatically caching every file unless they have been modified.
Real-time Clean File Cache
in ESET Cyber Security (for Mac)
Posted
Thanks Marcos, I will leave it as is.