-
Posts
12,253 -
Joined
-
Last visited
-
Days Won
322
Everything posted by itman
-
Another alternative to prevent uTorrent crud redirects is to use a good ad blocker in your browser. Below is a screen shot of uBlock Origin extension in FireFox blocking rudy.adsnative.com using one of its default filter lists.
-
Don't believe this is resident malware related. It is possibly uTorrent redirect activity. One great example why Eset classifies uTorrent as a PUA. Here's an older thread on like issue: https://forum.eset.com/topic/19652-constant-blocked-address-alerts/ . If you insist on using uTorrent, your best option is to add rudy.adsnative.com to Eset's Web Access Protection's List of blocked addresses. For better protection, enter the URL as "*.adsnative.com/*" less the quote marks. This will block everything related to adsnative.com. Your best overall solution is not to use uTorrent but one of the safe alternatives to it.
-
Then I would say Eset phishing protection is fully functional. As far as the AMTSO Desktop test site goes, they were hacked a while back and some tests, PUA and Cloudcar, aren't functional at all. As such, I would say Chrome's non-detection of the AMTSO phishing test would be related to this status and not directly related to any issues within Eset.
-
Should I block: svchost.exe/CryptSvc?
itman replied to SRT's topic in ESET Internet Security & ESET Smart Security Premium
Looks like legit outbound traffic to me. Trying to monitor svchost.exe outbound traffic is pretty much an effort in futility. IP address, 23.203.62.19, is Akamai which is used extensively by Microsoft. -
This is not possible in this situation. When the system boots, Windows is automatically going into auto repair mode. As such, one can't access the recovery environment menu to boot into safe mode. Try to boot from Win 8.1 DVD or USB drive if bootable media was previously created. You should be able to access the recovery environment from there. Refer to step 3). in this article on how to boot into safe mode via Win 8.1 recovery environment: https://www.digitalcitizen.life/5-ways-boot-safe-mode-windows-8-windows-81 Also make sure you make note of this from the article: As an alternative method, you can try the technique described in step 2). of the article. This interrupts the Auto Recovery process allowing you to get into safe mode.
-
You have to contact Google directly since that is whom you have the license subscription with. Only they can cancel this subscription.
-
B&PP not working Firefox 70
itman replied to stackz's topic in ESET Internet Security & ESET Smart Security Premium
-
Did you click on the link in the screenshot titled "Subscriptions in Google Play?" I believe that is where you need to cancel it from.
-
You also posted this issue over at bleepingcomputer.com malware help section. If anything materializes from that analysis, post back on the finding.
-
Lagging and making certain portions of PC unusable...
itman replied to prixone's topic in ESET NOD32 Antivirus
I am using FireFox on ver. 13.0.22 with zip issues. There is a bug in the latest Firefox release that is impacting some users: https://www.bleepingcomputer.com/news/software/mozilla-provides-workaround-for-firefox-70-not-loading-sites/ -
MedusaLocker Ransomware - Virus files and encrypted files
itman replied to ttrifonov's topic in Malware Finding and Cleaning
Do you have Eset installed on this network in any capacity? If not, you're in the wrong forum. You should be contacting Microsoft about this ransomware. -
Lagging and making certain portions of PC unusable...
itman replied to prixone's topic in ESET NOD32 Antivirus
Forget rollback. Just switch back to regular updates if you prefer. -
Lagging and making certain portions of PC unusable...
itman replied to prixone's topic in ESET NOD32 Antivirus
Switch to pre-release updates and see if that helps. -
A versus B articles are banned on a number of security web sites. There are good reasons for this as this linked article illustrates. To begin, this article is nothing more than a disguised marketing article for BitDefender. I went through all the BitDefender vs X comparisons and in every one, the final verdict was BitDefender. Obviously missing is a BitDefender vs Kaspersky comparison since Kaspersky would have won that one. The most glaring error in all the analysis is that only one AV lab test results were used as a determination basis. It so happens that Eset has traditional been a low scorer in the protection category in the AV-C real-time test series. That is if you consider the 98 - 99% range low scoring. In the other AV Lab test comparatives Eset participates in; Malware Research Group and SE Labs, it is a consistent top scorer both in protection and performance. Finally I agree also with the previous comments in regards to BitDefender performance. It has shown consistent performance issues for some time on a number of devices based on like negative comments by a number of users. Also in dedicated ransomware testing, BitDefender's protection has been shown to be lacking.
-
I am starting to see a common denominator as far as these Augur detentions of uTorrent. That is uTorrent is running from the AppData\Roaming directory. @Marcos, check where uTorrent is running from on your installation. One possibility is Augur has been trained to apply more aggressive detection methods for anything running from the user's AppData directory. Makes sense to me since the user AppData directory is a favorite spot for malware to run from. Also a bit odd in this particular detection was that runtimebroker.exe was running uTorrent from the AppData\Roaming directory. That also might "have caught" Augur's attention. Of note in regards to runtimebroker: https://www.groovypost.com/howto/runtimebroker-exe-process-windows-8-running/ In other words, a Win 10 Store downloaded app.
-
@Marcos, here's the user manual for the test tool: https://dl.surfright.nl/Exploit Test Tool Manual.pdf . It's for ver. 1.6 of the tool. However aside from new tests added in later test tool versions, the operations involved in testing are the same. You can save me some work by seeing how Augur performs against these tests. Of course, Augur first has to allow the tool to run.
-
I was referring to neither. As previously stated, it is the test tool designed to test HitmanPro Alert although it can be used to test any security software. Here's a video by the developer of OSArmor using it to test his product: https://www.youtube.com/watch?v=2fUBOVbAHcE . Appears Sophos has discontinued the tool's download availability. I can't find it anymore on their web site. -EDIT- Found an older version of the tool here: https://www.softpedia.com/get/Security/Security-Related/Exploit-Test-Tool.shtml
-
Do I have to install Win 10
itman replied to Knitter's topic in ESET Internet Security & ESET Smart Security Premium
Refer to @Marcos previous above reply. -
This was answered by @Marcos in another thread. Eset does participate in AV-Test Commercial/Endpoint comparative testing: https://www.av-test.org/en/antivirus/business-windows-client/ . Since Eset Endpoint Internet Security is essentially the same as Eset Internet Security, they appear to have wanted to save a few bucks. If anything, EIS has more protection mechanisms than EES. -EDIT- Other AMTSO member AV labs where Eset is tested are: https://www.av-comparatives.org/ https://www.mrg-effitas.com/test-library/ https://selabs.uk/en/reports/consumers https://www.virusbulletin.com/testing/results/latest/vb100-antimalware
-
You should be able to excluded the app via file hash or detection name. Refer to this online help article: https://help.eset.com/eis/13/en-US/idh_detection_exclusions.html