-
Content Count
8,013 -
Joined
-
Last visited
-
Days Won
195
Everything posted by itman
-
Nano Antivirus is also detecting it at VT when I just checked. Also VT detections are static ones for the most part. As such, other security solutions might also detect it via dynamic means.
-
Delayed task execution
itman replied to chileverde's topic in ESET Internet Security & ESET Smart Security Premium
Yes. Eset is just not scanning files at user logon time but also other system areas such as registry and WMI storage areas. By delaying this startup scan, you have in effect nullified its intended security protection intent. Eset scans some system areas and files early in the system startup phase. Examples are MFT, drivers, etc. -
What I will do is use lock screen the next time I am away from the PC for a long enough period to verify or not Eset will update in lock screen mode. BTW - it is more secure to sign-off versus using lock screen when the PC is unattended for an extended period of time. In sign-off mode, the Internet connection will not be active.
-
Are you sure you're not being signed-off and/or entry into sleep mode after a certain period of time while in lock screen mode? Does the desktop when displayed upon resume from lock screen mode show Eset and Windows Security Center icons immediately on the desktop toolbar. Or, does it take a few secs. for these icons to appear? If the latter, you have indeed been signed off.
-
In Eset Firewall settings -> Known networks, verify that two network connections exist; one for your LAN and one for the WAN connection. I also suspect the issue here is Eset is not recognizing the WAN connection due to the way it is being established; i.e. via command line setup. Eset sets up its network connections based on DHCP initialization processing at user logon time, existing network connection reset, etc.. In other words, from existing router settings. You might have to manually add in Eset Network settings, a network connection for the WAN connection. BTW - I assume you
-
OP never explicitly stated he had Eset installed. I suspect that he was just looking for the tool. If Eset was installled, an on-demand scan should have been able to detect WMI malware since it now scans WMI entries.
-
Restoring a file from Eset Quarantine does not require a password. Are you stating that Eset GUI settings are password protected? Ref.: https://support.eset.com/en/kb3195-restore-a-quarantined-file-in-eset-windows-home-products
-
MSBuild.exe can be used maliciously: https://attack.mitre.org/techniques/T1127/001/ . If you are deploying PlugX within the app, this might be what is triggering the Eset detection.
-
This first thing to check is if Eset updates are failing for some reason. Check Eset's Event log for any like entries in this regard. The next thing to check is Eset's scheduled update setting. Open Eset GUI. Then Select Tools -> More Tools -> Scheduler. Verify that the Update task for Regular Automatic Update is enabled and its frequency is set to the default internal of 1 hour per the below screen shot. Also take note of current Next Run and Last Run values. These will show if Eset's signature updating is indeed running as currently scheduled. Note: I have modified my f
-
ESET keeps ThomsonReuters products from "phoning home"
itman replied to jeffw00's topic in ESET NOD32 Antivirus
Most likely something to do with the Win firewall rules the product creates at installation time. -
ESET keeps ThomsonReuters products from "phoning home"
itman replied to jeffw00's topic in ESET NOD32 Antivirus
I would contact ThompsonReuters tech support. They might be able to shed some light on where the issue might be with Eset NOD32. It isn't network related since NOD32 does not have a firewall. -
ESET keeps ThomsonReuters products from "phoning home"
itman replied to jeffw00's topic in ESET NOD32 Antivirus
I also don't understand the issue here. I assume you're stating that that app has a 10 sec. delay upon opening. Is that a problem? Unlike a browser that is opened many times per day, I assume an app like this is opened just a few times per day; e.g. user logon time. -
I agree. Best Buy and MicroCenter also sell the same version here in the U.S.. One possibility is that they changed the installer to enable Gamer mode in real-time protection. The default setting is paused.