Jump to content


Most Valued Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by itman

  1. I agree. Best Buy and MicroCenter also sell the same version here in the U.S.. One possibility is that they changed the installer to enable Gamer mode in real-time protection. The default setting is paused.
  2. You can disable the Eset firewall as shown in the below screen shot. Disable time options are shown including permanent disabling - not recommended:
  3. It appears most of your malware submissions are originating from cracked software? No one should be using cracked software these days. They have become the favorite vehicle to deliver ransomware. Also much of this software uses trusted installers which run at system privilege level making it difficult for anti-virus software to detect the malware. Personally, I wish Eset would flag all cracked software as PUA at the minimum detection level.
  4. At far as VT detections go, note the following which has been mentioned multiple times in this forum. Most AV products installed there do not have all their protection mechanisms enabled. Overall, VT is primarily employing static detection methods in the products used; i.e. signature detection. Therefore just because a given product doesn't detect a malware sample at VT, does not imply the product won't detect when installed on a device.
  5. One thing I am puzzled about is that Eset with default settings is supposed to warn and not block certificates with trust issues which is not happening:
  6. Firefox most certainly does: https://support.mozilla.org/en-US/kb/secure-website-certificate . I would assume the same for Chrome and Edge. This article gets into more detail: https://www.ssl.com/article/how-do-browsers-handle-revoked-ssl-tls-certificates/ . Their test in regards to RSA DV certs. yielded the following: As long as FireFox has OCSP enabled which is the default for certificate checking, it will detect a revoked intermediate cert.. Chrome doesn't detect because of bugs it appears: Edge will detect as long as its default settings haven't been modified:
  7. Did you do as @Marcosinstructed here: https://forum.eset.com/topic/27115-eset-140-dont-allow-software-download-from-microsoft-store-9x8007dd0a-urgent/?do=findComment&comment=127990 ?
  8. On a PC having connection issues, scroll down to this section, "3. Disable Automatically Detect Settings," in this article: https://www.techbout.com/err-tunnel-connection-failed-error-in-chrome-39692/ and do what is recommended. See if this resolves the issue.
  9. What Eset account are you referring to? The eStore account you set up when you purchased your license from the Eset Germany web site?
  10. Something is not right here in regards to this certificate status. I went to the GlobalSign web site here: https://support.globalsign.com/ca-certificates/intermediate-certificates/domainssl-intermediate-certificates , and downloaded this cert.. I really don't believe GlobalSign would still list a revoked cert. on their web site. Further confirmed by viewing the cert. itself: Additionally note that the thumbprint of this cert. does not match that of that shown by the independent scan of the URL by SSLLabs: It appears to me that this URL, https://intranet.agricom
  11. I will also note that this URL, https://www.agricom.cl/ , is OK. Appears to me that access is being attempted to an intranet domain of above via the Internet?
  12. Since there have been past complaints about Eset blocking IOBit web sites and software to boot, note the following also from the bleepingcomputer.com article. Obviously, the attacker used this vulnerability to exploit the IOBit web site.
  13. Are you disabling the Ethernet network connection as noted below? https://www.addictivetips.com/windows-tips/disable-an-ethernet-connection-windows-10/
  14. Elaborating on this attack, the details are as follows. The IOBit forum website was compromised by an attacker who gained admin access to the site. This allowed him to harvest e-mail addresses of forum users and plant a malicious download from the forum web site. The attacker then sent e-mails to IOBit forum users which stated they were the winners of a free one year license to an IOBit security product. At this point note that the e-mail would appear legit since the sender's address was legit. The following are excerpts from the bleepingcomputer.com article. The ransomware i
  15. The main thing to know about this attack was Windows Defender was bypassed since the malware created exclusions in WD to allow its malicious .dll to run undetected. Kapersky also didn't stop files being encrypted by the ransomware portion of the attack. Per a malwaretips.com poster: Waiting until someone does a detailed analysis on this puppy.
  16. A bit difficult to understand what you posted. Eset has three retail products with a firewall: 1. Internet Security 2. Smart Security Premium. 3. A legacy product called Smart Security. This has been superseded by Internet Security. Which of the above did you have installed previously? Which of the above did you recently install? Did you uninstall what you had installed previously prior to performing the new install?
  17. You can make an inquiry as to pricing here: https://www.eset.com/my/business/windows-security/
  18. The way to diagnose this is as follows: 1. Set Ethernet IPv4 connection back to Obtain DNS server automatically. 2. Reboot device or do via command prompt window, ipconfig /flushdns, ipconfig /release, and ipconfig /renew commands to reset IPv4 connection and acquire a new IPv4 lease. 3. Via command prompt window, enter ipconfig /all and note IPv4 DNS server assignment IP addresses. 4. Open Eset GUI and then Network protection. 5. Select Advanced. Then select Zones -> Edit. In the DNS section, do you see the same IPv4 DNS server addresses noted in the prior ip
  19. Are you referring to the Eset splash screen which just shows an image of Eset logo? If so, refer to below screen shot to disable its display at system start up time.
  20. I came across this posting in regards to connection-specific DNS suffice: https://community.linksys.com/t5/Wireless-Routers/Need-to-get-rid-of-quot-DNS-Suffix-Search-List-quot-from-ISP/td-p/1233151 It confirms: 1. It is assigned by Comcast ISP servers. 2. It is IPv6 conditioned. My best guess as to why it changes from hsd1.ca.comcast.net to hsd2.ca.comcast.net deals with IPv6 DNS server assignment. I suspect hsd1 is the primary IVv6 DNS server and hsd2 is the secondary server. I have never really seen anything like this before. When Eset detects the hsd2.ca.comcast.net
  21. FYI https://help.eset.com/protect_cloud/en-US/what_is_new.html
  22. NOD32 does not contain a firewall. Installing NOD32 would have no effect on any existing firewall you were previously using. Did you perhaps purchase and install Eset Internet Security by mistake?
  • Create New...