rugk
-
Posts
1,716 -
Joined
-
Last visited
-
Days Won
54
Posts posted by rugk
-
-
I don't know how the Java exploit blocker works, however I also find it surprising that this variable is needed for this purpose.
However please show me the "basic rules of the Windows environment" which were violated. I'm not aware of any which disallows a only-whitespace environment variable.
Also no application should crash because of a whitespace environment variable. An application doing such things has a bug.
Environment variables should always be considered as something unreliable, which can have any values. Because of this a program should be able to handle any input of this kind. The worst thing it can do is crashing.
-
2) The Anti-Phishing updates (blacklists) are pushed out every 20 minutes as stated on the Technology page.
So it's not updated with the VSD updates? Interesting...
-
You can't disable the autostart feature. And if you could (or do it in a not-suggested "bad" way) then ESET couldn't be execute any ESET feature.
However you can of course disable the real-time protection and the other things will remain completely active and working.
However why don't you want to use the antivirus features?
If you want install another antivirus then it surely wouldn't work as there are still drivers from ESET and other things using some real-time components.
-
Also, hxxp://forum.piriform.com/?showtopic=40552 should explain it in more detail and was supposedly addressed.
Well... you could post there a link to this topic.
I think this topic explains it quite good and detailed.
-
Just a link to explain the actual situation with the Firewall rules. In this KB article it's explained in what order the firewall rules are applied:
-
Yeah, useful idea to set it to "Ask".
I did it too and added the corresponding rule.
I also made some small changes to the other rule file, but this were only some cosmetic changes.
-
For what is worth here are now the official post:
https://forum.eset.com/topic/4614-eset-nod32-antivirus-80312-released
https://forum.eset.com/topic/4615-eset-smart-security-80312-released
-
BTW it's also interesting to look into the (language) strings of the file GWX.exe. There you can find two parts which are translated in nearly every language. In English these are:
There are some interesting things to note:
- There are not only strings for Windows 10 ("Get Windows 10"), but also strings like "Get Windows 7 SP1" and "Get Windows 8.1". However of course they don't have to be used. Especially it's strange as Windows 7 SP1 is the "oldest" OS for what the update was released so to get Windows 7 SP1 on a Windows 7-system with SP1 is quite senseless.
- There seems to be button (or menu entry or whatever) labelled "Show Advertisements". So I can click on a button to show me ads?
- Then I can confirm that you surely will be able to reserve a free Windows 10 upgrade. So far nothing new. But it's interesting to note that there is also a string called "Unreserve".
And of course the user can also check his reservation information.
-
Windows Live Mail should be compatible to ESS, so as I assume it uses a kind of addon have you tried disabling this addon in Windows LIve Mail and re enabling it again?
And besides this have you tried emailing yourself the test spam mail GTUBE? If so is it still recognized by ESS or not?
(But besides this I don't know if it is recognized by ESS if all works normally, so someone from ESET would need to confirm this.)
-
Yes usually there is an opt-out. However ESS detect such things as PUA as they might be unwanted. As for OpenCandy you will find much more information (including firewall rules you can use to block it, while still installing the software you want) in the topic I linked ealier.
However I still don't know how this is related to this topic.
So back to topic.
@josifusz
Well... your 99% sure, based on what? On your assumption. Although it's more a speculation.
As you maybe know you can submit files to ESET so they will check them, however I really don't think it is malware. Especially as this seems to be a often used product.
So you blame the developers for having a malicoius will, creating software which should deliberately damage computers or do other bad things. Such a thing shouldn't be said easily. Especially not if you have no real evidence.
As you're not a malware researcher (at least I think you aren't
) you may not be able to provide proves, but at least some significant evidences.Okay if you think this blocking of the GUI is a evidence (now regardless whether it was really caused by the software or not) you at first have to "prove" that it is deliberately. Otherwise it could just be an incompatibility.
So just a counter question: Why is it in your opinion no incompatibility? (assuming it is really caused by the software)
-
WOW, some information about v9...
Nice!
Let's see how fast it will spread.
BTW this nice is a very nice one.
I only hope that the rules (I mean the exported XML files with v8) will still be compatibly with v9, so I don't have to create them again. But however, we will see...
-
Well.. my screenshot was from Google Play. There it's also stated correctly now.
However my screenshot was a bit older and as far as I can remember I took it directly before or after the update was released on Google Play, where I saw it first.
Now it seems to be corrected. And as you see the first change listed there was also corrected. (Change of Permanent icon notification (for Android 4.4 +) to Change of Permanent icon notification (for Android 5))
-
Sorry for this really useless post, but I found the last changelog of the latest vupdate of ESET Mobile Seurity so funny that I had to post it. This was it:
I mean the last thing: So, ESET, you made/added "small bugs and small bug fixes and optimisations"?
The last things (the bug fixes) are nice, but the first thing...
So this is either programmer humor or it's just a mistake.
Anyway, it was funny to read this. And BTW all other things of the update worked nicely.
-
Ah great.
So it's a bit strange why they don't link to their own tool in the KB article.
But I've submitted it via the rating feature there so maybe they will change it soon.
-
Yes there are local restrictions for customer care. You have to contact the support service where you bought (or won
) your license. As for the new built: Yes you can try it out with the new one.
And there is a changelog online (at least now). There was a copious discussing today about this. More information here: https://forum.eset.com/topic/4609-nod32-antivirus-803120-final
-
Here more information about OpenCandy: https://forum.eset.com/topic/3701-block-pua-inside-installers-from-nero-burning-rom-orbit-downloader-imgburn-dvdvideosoft-install-them-without-opencandy
However I don't know what this (and Partition Manager Free and Eye Candy) have to do with this issue...
-
Well... you're right the "Schedule" running as "C:\Windows\system32\svchost.exe -k netsvcs". However I highly assume this service must run otherwise scheduled tasks can't run.
So I don't understand what you want to make.
As we said you must block access to some directories.
E.g. create a rule this way:
So I have done this and tested it by trying to create a new rule in the schedule manager:
As you can see it doesn't work and was blocked by ESS.
So finally I exported the configuration and trimmed it a bit so you can easily import it into ESS and you'll have this rule.
Here you can download it:
Block rule
Download
(alternative download link)
Ask rule
Download
(alternative download link)
I configured it to notify the user and to log all tries of all programs.
I hope this will fit your needs.
But keep one thing in mind: If you want to edit the tasks by yourself you of course need to disable the rule temporarily.Edit: Updated XML files, added ask rule.
-
Anyway thanks for this hosts file. As there were listed more OpenCandy domains I was able to update my other files too, so that they will also cover these ones.
If you already used the old version just delete the old firewall rule and import the new version.
-
Ahh of course: hxxp://www.eset.com/int/download//home/detail/family/5?installer=offline (at the bottom)
-
From where do you got this changelog?
-
Yes of course you can also use the hosts file. However if you use the hosts file it's important that you (after editing) restored the permissions of the file properly, so that's not so easy to edit, because the hosts file is also a potentially security risk.
As for the Batch file it just starts the installer with a parameter, so OpenCandy won't be used. The other methods I posted also do the same as you did with the host file - they block the network connection.
-
@LabVIEW707
Do you read my posts?
The other two sites you listed are "correct". Only majorgeeks is obviously linking to an old version. You can check it out by yourself.
BTW I would also like to see the changes, however (according to majorgeeks) ESET just released it today, so we should be a bit patient. Maybe @Marcos or @foneil are already creating the topic.
-
-
Yeah, as I was writing it they didn't. They're fast.
) you may not be able to provide proves, but at least some significant evidences.
Smart Security 8 Question
in ESET Internet Security & ESET Smart Security Premium
Posted
HIPS conflicts with your multiboot configuration? Really?
Can you give more details. Normally HIPS isn't active that early so it shouldn't cause any problems.
As I said in the way you want to do it may cause many conflicts. It's nearly the same as if you want to run two AVs at the same time.
However you can try it of course. At your own risk.
BTW HIPS and real-time-protection are two different things. So you can active one while deactivating the other.