itman
-
Posts
12,258 -
Joined
-
Last visited
-
Days Won
322
Posts posted by itman
-
-
Instructions for creating an Eset SysRescue USB or DVD media here: https://www.eset.com/int/support/sysrescue/
You can create Win 8.1 bootable DVD or USB media from here: https://www.microsoft.com/en-us/software-download/windows8ISO . Note: this web page took a while to render on my PC, so give it sometime to do so.
-
3 hours ago, SlashRose said:
Ist 1809 What can I do now to get it working again itman?
As @Marcos mentioned previously, it could be a firewall issue. Make sure the default Eset firewall for ekrn.exe is enabled that allows all inbound and outbound traffic for the process. Also ensure the Win firewall is disabled and that its outbound protection was not somehow inadvertently enabled. The Win firewall should have been auto disabled at EIS installation time.
Short of the above, you might just want to export existing Eset settings if custom modifications were made; uninstall EIS; and then reinstall EIS and import Eset settings if so previously saved.
-
54 minutes ago, Marcos said:
There are several categories of files that can be submitted and where the submission and retention can be controlled per category.
Suspected as much. Thanks for the clarification.
Any plans on Eset developing a version of EDTD for its Home version products?
-
3 hours ago, MichalJ said:
EDTD you can block also highly suspicious / suspicious files, based on the sandbox result automatically without waiting for the LG / detection engine update.
Which gets into the "which is first, the chicken or the egg" analysis.
Are indeed "unknown" files per se being sent to EDTD, or in fact only those deemed in the suspicious category by local heuristic scanning?
-
Also no problem with LiveGrid rep scanning with EIS 12.1.34 on Win 10 x(64) 1809.
What ver. of Windows yoou running?
-
This .pdf has a few more details. Of note:
QuoteAUTOMATIC PROTECTION
Once everything is set up, there is no action needed by the admin or the user. The endpoint or server product automatically decides whether a sample is good, bad or unknown. If the sample is unknown, it is sent to ESET Dynamic Threat Defense for analyzing. Once analysis is finished, the result is shared and the endpoint products respond accordingly.
https://cdn1.esetstatic.com/ESET/US/docs/business/ESET-Solution-Overview-Dynamic-Threat-Defense.pdf
My understanding is the executable is in a suspended sandbox state until EDTD responds back with a verdict; usually within 5 mins. or less.
Without EDTD unknown processes are examined using local heuristics with sandboxing and if nothing malicious is found, the process is allowed to execute. The process will be submitted via LiveGrid for further server analysis.
So if this is indeed 0-day malware, it stands a higher chance of being detected via EDTD.
-
1 hour ago, Richie said:
Go to: C:\Windows\System32\drivers\etc\hosts
Then remove the line: 127.0.0.1 edf.eset.com
To my best knowledge, Eset doesn't use the Win hosts file for anything. I know my hosts file hasn't been updated since Win 10 was installed.
However, Eset does mention this as a possibility: https://support.eset.com/kb2434/ in reference to a DNS poisoning event.
-
I can connect to the site using EIS 12.1.34 and IE11 w/o any issues:
-
I will say this about AV-C's online protection testing. If there is only a .14% deviation between the top and lowest scoring product, does comparative score ranking make any sense?
What AV-C needs to do is either go with a pass-fail ranking or do a better job at harvesting their malware samples.
Also of note is two previous test participants, Emsisoft and Bullguard, have dropped out of testing at AV-C. So it is evident, the outfit is having some issues.
-
I really think you're being a bit "paranoid" on this issue. If you really believe you have firmware related malware and you have shown no proof of this, you should have you device checked out by a competent security professional.
-
6 minutes ago, Purpleroses said:
I have stayed on regular updates and as of yesterday at 3pm something has changed because I don't get any blocked unknown devices with incorrect ethernet packet. I have not made any changes to Eset . No Eset has not updated the firewall to 1387 I'm at 1386.4.
Someone over at wilderssecurity.com commented likewise. Appears Eset issued a patched ver. to the firewall module dated 4/18/2019.
-
1 hour ago, novice said:
That's why I paid for an antivirus, to be protected when I am on-line, not when my PC is OFF!
Obviously nothing can infect you if your PC is powered off.
My reference and AV-C testing is for this instance. Any decent malware is going to try to tamper with your network connection online status for a brief instance while installing itself; more so today in the age of "cloud" detection by some AV products. It will then fully reestablish the network connectivity since it will in all likehood need it to connect to its C&C server.
-
It appears a similar posting and thread by possibily @novice forum alter ego @claudiu yesterday evening, was deleted by Eset mods; wisely so, I might add.
Here's the link to the AV-C article: https://www.av-comparatives.org/tests/malware-protection-test-march-2019/
The 99.86% rate noted is for online protection. Note that three categories were established for testing purposes: offline detection, online detection, and online protection. Eset was certainly not in last place if all three category scores are factored.
-
3 hours ago, balint_gazda said:
Other problem is with Internet Security and Grand Theft Auto 5. It's a legal, purchased version without modding. If I want to play online, when Internet Security is installed, I can't play. (only the story mode - offline mode - is working) When the game loading an online session, the game crashing with code 0xc0000005, and exit.
Did you verify that "Gamer Mode" is enabled in Eset's GUI Computer Protection section?
-
4 hours ago, mike4 said:
Where else could be the Problem?
It is not unheard of for anything firmware related to be possibly infected. For example, any add-on PC Express bus cards such as a network adapter card, etc.. As far as motherboard chipsets go, JMicron ones have long been suspected.
Are your memory chip card/s from a reliable vendor?
-
If you're stating that Eset is somehow scanning your Epson USB attached printer, then I would say something is wrong with the way that printer is configured in Windows.
I have a HP USB Laser printer attached to my PC, and Eset never scans it at system start up time
-
6 hours ago, dossgenny said:
I have found my Epson Printer In Error State
This link is flagged as a PUA by Eset.
-
I am running Win 10 x(64) 1809 fully patched w/ EIS 12.1.34.
I enabled pre-release updating to resolve the erroneous invalid Ethernet packet IDS detection issue which may or may not be also related to this speed issue.
My speed tests are downright strange. The speedtest.net test shows a download speed of 26 Mbps and an upload speed of 33.45 Mbps - err, what? Verifying the previous test results, I tried my ISP, AT&T, speed test. The download speed was approximately the same but the upload speed was 43.4 Mbps - err, double what?
I have never seen upload speeds like this; especially exceeding download speeds.
-
21 minutes ago, TomFace said:
You also might want to review your pop-up setting in your browser.
On this regard, I found IE11's popup blocker disabled after a screen locker like scam incident. It also took a bit of "finagling" to reenable it. I am still trying to figure out how the attacker could disable the popup blocker.
-
Eset appears to be blocking inbound mail from "mailer01.telemar.org."
Note that the posted rejection notice from telemar.org states "This is the mail system at mailer03.telemar.org."
Perhaps this is some type of domain routing issue?
-
12 hours ago, John Ross said:
Evening of 4/16/2019 I was attempting to update my Eset license from the Eset form when my computer taken over by some outfit I don't recognize.
I am curious about the "Eset form" you mentioned. Where did this appear from? Was it a popup from your browser for example? In any case, you were obviously redirected to some scam web site. The thing to be established is how this happened. I don't believe the "form" you mentioned was generated from the existing Eset installation GUI.
For future reference in the U.S., you should always renew from this web site: https://www.eset.com/us/renew/
-
Below screen shot is for Internet Security but believe the GUI option is the same in EAV an EIS:
-
As far as Eset's authorized partner in India, it is Technobind; not Sakri:
Technobind Solutions Pvt Ltd
No.19, Amar Plaza, Krishna Nagar Industrial Area, Hosur Road
Koramangala, Bangalore
560029, IndiaOffice Phone: +918042154512
Web: www.technobind.comI would contact them directly about your purchase issues.
-
What Eset product are you specifically referring to? You posted in the Internet & Smart Security forum section.
What issues are you having?
As far as refunds go, that is something you will have to discuss with Eset - USA. I assume this is whom you purchased the software from. Their contact information is here: https://www.eset.com/us/about/contact/
ESET Dynamic Threat Defense really necessary?
in ESET Endpoint Products
Posted · Edited by itman
The ideal solution for Eset Home product users would be for Eset to interface with Windows Defender in regards to its block-at-first-sight and cloud scanning technology. When I researched it a while back, it appears to be a separate interface in Windows Defender. Doubt this will ever happen. Which means Eset needs to incorporate like technology for Home product versions.