Jump to content


Most Valued Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by itman

  1. The following would imply it does have Russian government connections: https://tadviser.com/index.php/Company:Leta_IT-company
  2. Of note is this appears to be the official Swedish Eset subsidary: https://mforum.se/mf_profil/eset__scandinavian_security_service_/10489http://www.eset.se Also an Eset trial license can only be activated once: I also believe this also applies to subsequent attempts to use additional trial licenses on a given device or individual user which appears to be what is attempting to be done here.
  3. You received an ACT.5 activation error on your previously purchased 6 month licenses. If you received the same error on this newly purchased 6 month license, note the following: Here's a reference to other Eset activation error codes and issues: https://support.eset.com/en/kb7297-resolve-act-or-ecp-errors-during-activation-home-users As far as I am aware of, Eset does not issue 6 month licenses. The minimum license period is one year. If you purchase an Eset license from other than an Eset authorized retail partner, you do so at you own
  4. I just just checked out the JULA web site in Sweden. They are indeed a "hardware" e.g. tools, etc., web site. Why they would be selling computer security software is beyond me. Here is Eset's web site for Sweden: https://www.eset.com/se/ . As far as I can determine, they are the only authorized e-tailer in that country. My best guess is these 6 month licenses you purchased were some type of special promotion or the like. I also suspect that they had an expiration date associated with them; possibly one year from purchase date regardless if license was installed or not. You will
  5. Based on your posting here: https://www.linuxmintusers.de/index.php?topic=66999.0 , you uninstalled Eset and the problem went away. So at this point, we've established Eset Linux is the issue.
  6. Appears that it is possible to update Vista to SHA-2 capability using Win Server 2008 R2 update. Ref.: https://borncity.com/win/2019/07/29/windows-vista-no-more-unofficial-updates-due-to-sha2/
  7. Here's an interesting tidbit. When I tried to download crypt.exe in FireFox: the download showed 0 bytes and was indeed empty. Scratching my head a bit, I then noticed that the download icon had a red dot I had never seen before. Opening it showed that Firefox blocked the download since it contained a virus. No alert from FireFox on this one however. Interestingly, I could download the .zip package w/o issue that contained crypt.exe. Thanks but no thanks on use of this puppy for anything.
  8. Also depending on the parent used to run crypt.exe, its malicious detection rate dramatically increases as noted here: https://www.virustotal.com/gui/file/5f46ba46f76623fcf4facd8fa2acecec1fa985651dd4c3982da7784310c47a90/relations
  9. I just referred back to a link: https://id-ransomware.blogspot.com/2020/10/mars-ransomware.html , I posted earlier in this thread. As of the end of Dec., 2020, no one yet has been able to harvest a MARS ransomware sample. Without a sample, it is impossible to positively determine the initial attack vector for this ransomware. What is known is the source is predominately e-mail based ; as most malware is. Are Eset recommended HIPS and firewall rules against ransomware link below - especially those in regards to e-mail clients - being deployed? https://support.eset.com/en/kb6119-confi
  10. Again, your missing the point. An app being signed does not guaranty that it is not malware. Numerous signed malware instances have been documented.
  11. I use both the HIPS and firewall rules and have observed no performance degradation on my very dated PC. A bit of history first in regards to Eset recommended HIPS and firewall rules noted in links 1 & 2. These were recommended prior to Eset Endpoint products implementing advanced ransomware protection that existed in its consumer products. This advanced protection now exists in the latest Eset Endpoint versions. As such, it is debatable if these custom HIPS and firewall rules are still needed on Eset consumer and Endpoint products. Also these rules especially if set to the speci
  12. Are you positive your network connection is active while in lock screen mode? Are other apps auto updating in this mode?
  13. Also read this posting: https://forum.eset.com/topic/24825-if-you-use-licensing-cracking-software-you-need-to-read-this/
  14. The reason why its not an issue for the Win firewall is Windows lets apps dynamically create firewall rules. This in effect overrides the purpose of using Interactive mode in the first place.
  15. Nano Antivirus is also detecting it at VT when I just checked. Also VT detections are static ones for the most part. As such, other security solutions might also detect it via dynamic means.
  16. Position the mouse pointer over the quarantine entry. What is the value shown in the Count field?
  17. Adding and deleting Win firewall rules "on the fly" is not the way to accomplish this. Use of netsh advfirewall firewall via remote execution method should be restricted. If you can do it, so can an attacker.
  18. Yes. Eset is just not scanning files at user logon time but also other system areas such as registry and WMI storage areas. By delaying this startup scan, you have in effect nullified its intended security protection intent. Eset scans some system areas and files early in the system startup phase. Examples are MFT, drivers, etc.
  19. I will also make this comment about Eset's Security Report. I would take what is shown there "with a grain of salt." It for example. does not register a correct count for any Thunderbird e-mail scans for my IMAPS e-mail provider.
  20. What I will do is use lock screen the next time I am away from the PC for a long enough period to verify or not Eset will update in lock screen mode. BTW - it is more secure to sign-off versus using lock screen when the PC is unattended for an extended period of time. In sign-off mode, the Internet connection will not be active.
  21. The Detections count on the Security Report does not include blocked web pages. Scroll through your Detections log. Count up how many non-blocked web page detection's exist for the last 20 days.
  22. Are you sure you're not being signed-off and/or entry into sleep mode after a certain period of time while in lock screen mode? Does the desktop when displayed upon resume from lock screen mode show Eset and Windows Security Center icons immediately on the desktop toolbar. Or, does it take a few secs. for these icons to appear? If the latter, you have indeed been signed off.
  23. This is by design. Eset will not update if you are not logged on to the PC. It will perform a signature update immediately after logon if one is available.
  24. In Eset Firewall settings -> Known networks, verify that two network connections exist; one for your LAN and one for the WAN connection. I also suspect the issue here is Eset is not recognizing the WAN connection due to the way it is being established; i.e. via command line setup. Eset sets up its network connections based on DHCP initialization processing at user logon time, existing network connection reset, etc.. In other words, from existing router settings. You might have to manually add in Eset Network settings, a network connection for the WAN connection. BTW - I assume you
  25. Did you verify that the Regular Automatic Update task in the scheduler is running every hour?
  • Create New...