Jump to content

itman

Most Valued Members
  • Content Count

    5,046
  • Joined

  • Last visited

  • Days Won

    155

Kudos

  1. Upvote
    itman received kudos from BALTAGY in HIPS problem   
    Join the club. I and many others have been asking for file wildcard capability for years.
  2. Upvote
    itman received kudos from elquenunca in Time For A Formal Augur Test?   
    That's what BitDefender did with their 100% machine learning based behavioral protection at A-V Comparatives: https://www.av-comparatives.org/wp-content/uploads/2019/10/spc_fdt_bitdefender_201909_en.pdf . Score was pretty impressive although false positives were a bit high.
    Also detection rate for this ML scanner is shown separately on Virus Total.
  3. Upvote
    itman received kudos from SeriousHoax in Time For A Formal Augur Test?   
    That's what BitDefender did with their 100% machine learning based behavioral protection at A-V Comparatives: https://www.av-comparatives.org/wp-content/uploads/2019/10/spc_fdt_bitdefender_201909_en.pdf . Score was pretty impressive although false positives were a bit high.
    Also detection rate for this ML scanner is shown separately on Virus Total.
  4. Upvote
    itman received kudos from BeanSlappers in Time For A Formal Augur Test?   
    That's what BitDefender did with their 100% machine learning based behavioral protection at A-V Comparatives: https://www.av-comparatives.org/wp-content/uploads/2019/10/spc_fdt_bitdefender_201909_en.pdf . Score was pretty impressive although false positives were a bit high.
    Also detection rate for this ML scanner is shown separately on Virus Total.
  5. Upvote
    itman received kudos from peteyt in ESET failed to protect against ZeroCrypt ransomware   
    https://docs.microsoft.com/en-us/windows/win32/seccrypto/cryptoapi-system-architecture
    Additionally, applications use the Win crypto API to protect their own sensitive data.
    Using Process Explorer, display some app .dlls. One that you will find used extensively is crypt32.dll.
  6. Upvote
    itman received kudos from stackz in B&PP not working Firefox 70   
    Works fine for me with BPP module 1166 and FF 70.0.1 on Win 10:

  7. Upvote
    itman received kudos from Anastasia21 in Uninstall Eset when it doesn't appear in programs   
    A few clarifications needed.
    First, multiple AV/anti-malware solutions can be installed. However only one should have its real-time protection enabled to avoid conflicts. The other solutions should have their real-time protection option disabled. Some solutions will run just fine in this status. Others might constantly complain via internal status display or alerting about their real-time protection being disabled.
    The interesting point posted is AVG's detection of an Eset protection module. Granted it was a "suspicious" detection but I would assume AVG is capable of detecting known safe processes/dll's. So let's get back to the original posting where you stated you installed a free version of NOD32. Do you mean that you installed it in trial license mode? Did you download NOD32 installer from the official Eset web site?
    Finally, to avoid conflicts with multiple AV solutions installed, the main engine component of each should be excluded from the other solution. For example in AVG, ekrn.exe needs to be excluded from AVG's real-time scanning, behavior monitoring component, web access protection component, etc.. Likewise in Eset, the above AVG protection components need to be excluded from Eset's real-time scanning, HIPS, and Web Access protection components.
    Bottom line and again - it is best to only use one AV solution. If others are used, you must disabled all their related real-time and behavioral/HIPS components and only use these solution as on-demand scanners.
     
  8. Upvote
    itman received kudos from Aryeh Goretsky in AV-TEST and ESET   
    This was answered by @Marcos in another thread.
    Eset does participate in AV-Test Commercial/Endpoint comparative testing: https://www.av-test.org/en/antivirus/business-windows-client/ . Since Eset Endpoint Internet Security is essentially the same as Eset Internet Security, they appear to have wanted to save a few bucks. If anything, EIS has more protection mechanisms than EES.  
    -EDIT- Other AMTSO member AV labs where Eset is tested are:
    https://www.av-comparatives.org/
    https://www.mrg-effitas.com/test-library/
    https://selabs.uk/en/reports/consumers
    https://www.virusbulletin.com/testing/results/latest/vb100-antimalware
  9. Upvote
    itman received kudos from Aryeh Goretsky in Do I have to install Win 10   
    Assuming you're running Win 7 Pro+ versions, extended support will available after 2/2020. However, it is not cheap: https://www.petri.com/microsofts-windows-7-extended-support-pricing-announced
    From an economic view, you would be better "biting the bullet" and upgrading to Win 10 Pro. The Win 10 Enterprise versions are a different story since they are only offered via subscription method.
  10. Upvote
    itman received kudos from BeanSlappers in Do I have to install Win 10   
    Refer to @Marcos previous above reply.
  11. Upvote
    itman received kudos from BeanSlappers in Do I have to install Win 10   
    Assuming you're running Win 7 Pro+ versions, extended support will available after 2/2020. However, it is not cheap: https://www.petri.com/microsofts-windows-7-extended-support-pricing-announced
    From an economic view, you would be better "biting the bullet" and upgrading to Win 10 Pro. The Win 10 Enterprise versions are a different story since they are only offered via subscription method.
  12. Upvote
    itman received kudos from peteyt in False positives?   
    Tip: When it comes to freeware, always opt for the "portable" version. As such, no software installation is performed.
    If the freeware does not offer a "portable" version in the form of a zipped download, consider that "a big red flag" that something is suspicious about the software.
    Note that LightShot is not offered in a portable version. Now the following I find hilarious. There is a web site that supposedly offers a portable version of LightShot here: https://karanpc.com/lightshot-free-download/ . When you select the DirectLink download, you are greeted with the below screenshot. If you proceed further, you are indeed a fool.

     
  13. Upvote
    itman received kudos from peteyt in For Individual Users, This Is One Ransomware You Should Pay Attention To   
    STOP Ransomware Decryptor Released for 148 Variants
    https://www.bleepingcomputer.com/news/security/stop-ransomware-decryptor-released-for-148-variants/
  14. Upvote
    itman received kudos from mxp in Duplicate IP Addresses on the network   
    Does this apply to your situation: https://forum.eset.com/topic/19424-duplicate-ip-addresses-on-network-cause-by-vpn-and-rdp/
  15. Upvote
    itman received kudos from The Rectifier in Review Of Eset   
    My own opinion is your posting is inappropriate for this forum. You should be soliciting Eset user comments on your web site.
    Also security web sites such as wilderssecurity.com and malwaretips.com have sections for inquiries like this.
  16. Upvote
    itman received kudos from Fenway in Need Info for Decision - Seek What's Right   
    Purchase a new license from the Eset web site or an authorized Eset retailer. Places like Amazon, eBay, etc.. are not authorized Eset retailers. If you have made customized changes within the Eset GUI, export those. Uninstall your existing Eset version. Reboot if not specifically requested to do so after uninstall. Install the Eset version you just purchased and activate it with the provided license key. If Eset previous settings were exported, import those into the newly installed Eset verion.
    Neither MBAM or SuperAntiSpyware are needed. If MBAM is installed, its real-time protection should be disabled since it can conflict with Eset's like real-time protection.
  17. Upvote
    itman received kudos from Fenway in Need Info for Decision - Seek What's Right   
    What I will note is that it is virtually impossible via web search to find an authorized Eset reseller. A search for U.S sellers will point you to Eset U.S. web site in San Diego, CA.
    I have always made it a point to purchase sealed box versions of whatever Eset product I was purchasing from whatever source in the U.S., and never had a licensing issue.
  18. Upvote
    itman received kudos from n0zkl3r in EIS firewall question   
    For some odd and unknown reason, the Eset firewall will often throw an alert about an insecure firewall rule in reference to the built-in equi rule. It usually occurs after an in-place Eset upgrade to a new version. You possibly answered one of those alerts as a block action which resulted in the rule being disabled.
    What appears to be triggering this activity is Eset's Application Modification detection which is only applicable if the firewall is set to Interactive mode. Bottom line - this activity appears to be a long running bug in Eset firewall processing.
  19. Upvote
    itman received kudos from BaldNerd in Change of IP address or hostname on EEI server   
    Don't you have direct contact info to Eset headquarters tech support in Slovakia? 
  20. Upvote
    itman received kudos from BaldNerd in Need Info for Decision - Seek What's Right   
    What I will note is that it is virtually impossible via web search to find an authorized Eset reseller. A search for U.S sellers will point you to Eset U.S. web site in San Diego, CA.
    I have always made it a point to purchase sealed box versions of whatever Eset product I was purchasing from whatever source in the U.S., and never had a licensing issue.
  21. Upvote
    itman received kudos from BeanSlappers in Eset 13 Version   
    Save yourself some time and stop looking. There is no option in the Eset GUI for 12.2.30 in regards to enabling AML. That won't exist until ver. 13.
    The scenario here is the same prior to when advanced behavior blocking was implemented. That is the feature in the form of the module being present is fully functional as far as I am aware of.
  22. Upvote
    itman received kudos from BeanSlappers in Eset 13 Version   
    It's there on my pre-released EIS ver. 12.2.30 installation:
    Detection Engine: 20128P (20191004)
    Rapid Response module: 15010P (20191004)
    Update module: 1018.1 (20190709)
    Antivirus and antispyware scanner module: 1555 (20190911)
    Advanced heuristics module: 1194 (20190918)
    Archive support module: 1292 (20190911)
    Cleaner module: 1200 (20190916)
    Anti-Stealth support module: 1155 (20190918)
    Firewall module: 1391.1 (20190912)
    ESET SysInspector module: 1275 (20181220)
    Translation support module: 1763 (20190916)
    HIPS support module: 1373 (20190916)
    Internet protection module: 1380 (20190920)
    Web content filter module: 1071 (20190605)
    Advanced antispam module: 7827 (20191002)
    Database module: 1110 (20190827)
    Configuration module (33): 1788 (20190719)
    LiveGrid communication module: 1054 (20190724)
    Specialized cleaner module: 1013 (20190627)
    Banking & payment protection module: 1160 (20190918)
    Rootkit detection and cleaning module: 1019 (20170825)
    Network protection module: 1682P (20190801)
    Router vulnerability scanner module: 1063 (20190724)
    Script scanner module: 1055 (20190924)
    Connected Home Network module: 1031.1 (20190621)
    Cryptographic protocol support module: 1040 (20190913)
    Databases for advanced antispam module: 3582P (20191004)
    Deep behavioral inspection support module: 1082 (20190716)
    Advanced Machine Learning module: 1034 (20190919)
  23. Upvote
    itman gave kudos to BaldNerd in Switching on/off VPN causes lengthy ESET checks   
    Do you have any network shares mounted to your computer as a drive letter which are accessed through the VPN? If yes, you might consider turning off scanning of Network Drives in the Real-Time Protection settings. This feature is on by default, and in many scenarios can be helpful, but over a VPN it'd be devilishly slow and could account for the strange scanner behavior.
    Robbie // The Bald Nerd
  24. Upvote
    itman received kudos from elquenunca in EIS - I got the update 12.2.30.0   
    Nothing strange about it. The Eset off-line installer web site is always updated somewhat after the release hits the Eset update servers. Also the situation is identical to the current status, the ver. update is offered prior to an official announcement in the forum. More so currently in that it appears all the Eset support personnel at some conference this week.
  25. Upvote
    itman received kudos from Clark T in EIS - I got the update 12.2.30.0   
    Nothing strange about it. The Eset off-line installer web site is always updated somewhat after the release hits the Eset update servers. Also the situation is identical to the current status, the ver. update is offered prior to an official announcement in the forum. More so currently in that it appears all the Eset support personnel at some conference this week.
×
×
  • Create New...