Jump to content

itman

Most Valued Members
  • Content Count

    7,782
  • Joined

  • Last visited

  • Days Won

    191

Kudos

  1. Upvote
    itman received kudos from bEeReE in Pre-installation questions?   
    BitDefender's TrafficLight has been a joke ever since they introduced the feature. "Each to their own" as the saying goes.
  2. Upvote
    itman received kudos from migs_k in can I ask where to locate these windows "updates"   
    As far as KB4023057 goes, I also received it again on 2/19. Appears this is an update to Windows Updating itself and Microsoft is just using the prior KB number.
  3. Upvote
    itman received kudos from Nomidia in My network name has changed   
    Eset populates the DNS suffix with whatever is established for connection-specific DNS suffix value established by DHCP initialization as I posted previously. You can determine the current connection-specific DNS suffix value by opening a command prompt window and entering the following:
    ipconfig /all
    Under each network adapter connection section in the display, note the value shown for connection-specific DNS suffix value :
    Above is shown DNS suffix assigned via my router and ISP for my Ethernet network connection.
    Note that the "lan" value you are observing is being assigned the same way. Eset is only populating its corresponding network connection fields with data received from your router/ISP.
  4. Upvote
    itman received kudos from Patricia J Jones in my usb become corrupt   
    The fact that files on the drive are corrupt and the drive can't be formatted would be indicative of a faulty USB drive.
    Rather than fooling around trying to find and correct if possible the issue, I would just return the drive for refund or replacement with another USB drive.
  5. Upvote
    itman received kudos from simrick in Permissive Firewall Rules & equi.exe (PID 8988)   
    Select Disable permissive firewall rules.
  6. Upvote
    itman gave kudos to Nightowl in Unknown Connected Home Device   
    Can you get into your router and check which devices has DHCP lease?
    That way you can have all info about connected devices to your home network
  7. Upvote
    itman received kudos from Aryeh Goretsky in If You Use Licensing Cracking Software, You Need To Read This   
    It appears that a number of Eset users employ license "crackers." It also appears that a number of Eset forum participants feel that the most widely used , the KMS software family of crackers, are safe. As noted in this recent analysis of KMS based software by AVLabs in Poland, they are definitely not safe to use.
     
    KMSAuto and KMSpico are the most commonly installed hacktool on computers in Poland
    https://translate.google.com/translate?hl=en&sl=pl&u=https://avlab.pl/&prev=search&pto=aue
    Note: This article was posted in the Polish language. Hence the use of Google's Translator.
  8. Upvote
    itman received kudos from mallard65 in Dropbox and self-updater constantly changing directory name triggers firewall in interactive mode to approve connection   
    Again, your missing the point. An app being signed does not guaranty that it is not malware. Numerous signed malware instances have been documented.
  9. Upvote
    itman received kudos from Darth Vader in ESET Internet Security not Auto Updating   
    What I will do is use lock screen the next time I am away from the PC for a long enough period to verify or not Eset will update in lock screen mode.
    BTW - it is more secure to sign-off versus using lock screen when the PC is unattended for an extended period of time. In sign-off mode, the Internet connection will not be active.
  10. Upvote
    itman received kudos from mallard65 in New trojan not detected by Eset   
    At far as VT detections go, note the following which has been mentioned multiple times in this forum.
    Most AV products installed there do not have all their protection mechanisms enabled. Overall, VT is primarily employing static detection methods in the products used; i.e. signature detection.
    Therefore just because a given product doesn't detect a malware sample at VT, does not imply the product won't detect when installed on a device.
  11. Upvote
    itman received kudos from khairulaizat92 in IOBIT Forum Hacked   
    The main thing to know about this attack was Windows Defender was bypassed since the malware created exclusions in WD to allow its malicious .dll to run undetected.
    Kapersky also didn't stop files being encrypted by the ransomware portion of the attack. Per a malwaretips.com poster:
    Waiting until someone does a detailed analysis on this puppy.
  12. Upvote
    itman received kudos from mallard65 in user   
    Are you referring to the Eset splash screen which just shows an image of Eset logo? If so, refer to below screen shot to disable its display at system start up time.

  13. Upvote
    itman received kudos from persian-boy in YEARS Of Eset Internet Security, will I have to move on? HELP APPRECIATED!   
    There is no direct correlation between Eset and Windows Updates. An exception would be for Win 7 where specific updates must be installed since Microsoft no longer supports SHA1.
    This is not to say that some Win Update could bork Eset but the likelihood is extremely remote based on past history.
    Most of the Eset new release issues arise due to some Win configuration on select devices. These are usually the result of either intended or non-intended user OS or app setting changes from default values.
  14. Upvote
    itman received kudos from peteyt in Endpoint Prevention & Response (EPR) Test 2020   
    Eset gives you "the most bang for your bucks" in this category.
    Interesting to see how fast someone filled the void by NSS Labs demise which used to do like analysis for $$$$$:
    https://www.av-comparatives.org/reports/endpoint-prevention-response-epr-test-2020/
     
  15. Upvote
    itman received kudos from Aryeh Goretsky in Avast Now Also Has Block-At-First-Site-Capability   
    The fact is Eset has all the internal mechanisms in place to accomplish this. All they have to do is block the process until LiveGrid black list determination processing has completed. As to the false positive element, I say "to hell with that." Most home users would not be significantly impacted by such process blocking. 
    This could be also further refined by adding Trusted Publisher, signing, etc. criteria to Eset Reputation scanner. Failure on reputation coupled with suspected malicious activity should be enough to block until LiveGrid initial scanning is completed.
  16. Upvote
    itman received kudos from shocked in Firewall logs target column empty   
    Yes.
    No.
    Network Protection log entries for the most part reflect user created firewall rules for which the logging option has been selected. Overall, the log being empty would be normal.
  17. Upvote
    itman received kudos from 0x55 in I Am Very Ticked Off!   
    Why did I anticipate this was going to be the answer?
    So let's analyze this. I have been an Eset customer since 2014. Not only do I pay a full license renew price, but the renewal price is considerable higher that a new license price. So it appears Eset's sales strategy is "to sock it to" their existing customers so they can lower the price to entice new customers.
    This might be for me "the last straw that permanently broke the Eset use back."
    Also considering the amount of time I spend on the Eset forum helping others, I should receive a free Eset license each year!
  18. Upvote
    itman received kudos from SeriousHoax in Avast Now Also Has Block-At-First-Site-Capability   
    The fact is Eset has all the internal mechanisms in place to accomplish this. All they have to do is block the process until LiveGrid black list determination processing has completed. As to the false positive element, I say "to hell with that." Most home users would not be significantly impacted by such process blocking. 
    This could be also further refined by adding Trusted Publisher, signing, etc. criteria to Eset Reputation scanner. Failure on reputation coupled with suspected malicious activity should be enough to block until LiveGrid initial scanning is completed.
  19. Upvote
    itman received kudos from SeriousHoax in Avast Now Also Has Block-At-First-Site-Capability   
    Avast blog article here: https://blog.avast.com/cybercapture-protection-against-zero-second-attacks .
    Detail on configuration options here: https://support.avast.com/en-us/article/54/
    Of note is this feature exists even in Avast free version.
    Time Eset "get with the program" and offer same like capability for their home use products.
  20. Upvote
    itman received kudos from peteyt in Avast Now Also Has Block-At-First-Site-Capability   
    Avast blog article here: https://blog.avast.com/cybercapture-protection-against-zero-second-attacks .
    Detail on configuration options here: https://support.avast.com/en-us/article/54/
    Of note is this feature exists even in Avast free version.
    Time Eset "get with the program" and offer same like capability for their home use products.
  21. Upvote
    itman received kudos from Aryeh Goretsky in Eternal Blue checker help?   
    Yes.
    Here's a Microsoft article detailing Windows versions vulnerable to EternalBlue: https://support.microsoft.com/en-us/help/4023262/how-to-verify-that-ms17-010-is-installed
    Also I realized why srv.sys no longer exists on my device. Windows will auto remove SMBv1 10 days after installation if it is not used. Additionally if srv.sys exists on later Win 10 installations, you are not vulnerable since this driver has been patched against this exploit.
  22. Upvote
    itman gave kudos to Marcos in Found JS/Agent.OLF   
    If you don't know how to clean the website and harden it against further attacks, you can contact a website cleaning and monitoring service, such as sucuri.net.
  23. Upvote
    itman received kudos from LesRMed in I Am Very Ticked Off!   
    Why did I anticipate this was going to be the answer?
    So let's analyze this. I have been an Eset customer since 2014. Not only do I pay a full license renew price, but the renewal price is considerable higher that a new license price. So it appears Eset's sales strategy is "to sock it to" their existing customers so they can lower the price to entice new customers.
    This might be for me "the last straw that permanently broke the Eset use back."
    Also considering the amount of time I spend on the Eset forum helping others, I should receive a free Eset license each year!
  24. Upvote
    itman received kudos from Pug in A new virus?! (Eset + Microsoft defender and Windows updates are gone)   
    There is also the rootkit possibility. Microsoft has a nice diagram on how those load and can bypass/disable anti-virus:

  25. Upvote
    itman received kudos from LesRMed in A new virus?! (Eset + Microsoft defender and Windows updates are gone)   
    Hard to say what went on in this device in the week or so since this malware was detected. From MBAM's findings to date, it appears to be coin mining related. But who knows if a backdoor or more malware, spyware, etc. were also installed in the interim?
    If it were my device, I would indeed reformat and reinstall Win 10 20H2.
×
×
  • Create New...