Jump to content

camelia

Members
  • Posts

    121
  • Joined

  • Last visited

Kudos

  1. Upvote
    camelia gave kudos to itman in Why WaasMedic_Agent.exe download in my desktop?   
    That is the hash value for same file in my Win 10 x(64) 20H1 build.
  2. Upvote
    camelia gave kudos to Nightowl in Why WaasMedic_Agent.exe download in my desktop?   
    You can upload your version to virustotal for more checking by AV engines to be more sure
    It seems that this WaasMedic is related to Windows Update.
  3. Upvote
    camelia gave kudos to itman in Why WaasMedic_Agent.exe download in my desktop?   
    Have no clue what could have caused WaasMedic_Agent.exe to appear on your desktop.
    However, there have been recent postings in regards to Eset firewall not working properly in Interactive mode. I assume you were in Interactive  mode when the Eset firewall alert appeared?
    I would just delete the desktop entry and post back if this activity occurs for another process you create an Eset firewall rule while in Interactive mode.
  4. Upvote
    camelia gave kudos to itman in Network protection Fix notifications   
    Did you exclude Eset files from ShadowDefender? Looks like that might be the issue: https://www.wilderssecurity.com/threads/nod32-shadow-defender-how-set-exclusion-list.322742/
  5. Upvote
    camelia gave kudos to JozefG in Network protection Fix notifications   
    Do I understand it correctly that if Shadow Defender's Shadow Mode is not active it does work correctly?
    From the description of Shadow Mode it looks like it may prevent some things to be done correctly.
     
  6. Upvote
    camelia gave kudos to Marcos in Network protection Fix notifications   
    Looks like no diagnostic logs were created
    C:\ProgramData\ESET\ESET Security\Diagnostics\
    2020-10-29 14:28  <DIR>           ECP
             0 files               0 bytes
     
    Therefore I assume that you skipped the initial steps:
    - enable advanced logging under Help and support -> Details for tech support
    - reboot the machine
    - disable logging
     
  7. Upvote
    camelia gave kudos to Marcos in ESET Windows home products version 14.2.19 (hotfix) have been released   
    ESET NOD32 Antivirus, ESET Internet Security and ESET Smart Security Premium version 14.2.19 have been released and are available to download.
    Changelog:
    Version 14.2.19
    Fixed: Bug fixes and optimizations Known issues:
    N/A
    Upgrade to Latest Version
    Upgrade my ESET Windows home product to the latest version
    If your ESET security product has not updated automatically yet, you can enforce product update by manually checking for update in the Update panel or wait until it updates automatically.
    Support Resources
    ESET provides support in the form of Online Help (user guides), fully localized application and Online Help, online Knowledgebase, and applicable to your region, chat, email or phone support.
    Online Help (user guides) Visit www.eset.com/contact to email ESET technical support
  8. Upvote
    camelia gave kudos to itman in Network protection Fix notifications   
    Open Eset GUI -> Setup -> Advanced Setup.
    Select User Interface -> Statuses -> Application statuses -> Edit.  Mouse click on "+" for Network Protection. Are all statuses in that section enabled per below screen shot?

     
  9. Upvote
    camelia gave kudos to peteyt in Network protection Fix notifications   
    Just wondering if in advanced you have some notifications disabled 
  10. Upvote
    camelia gave kudos to Marcos in Network protection Fix notifications   
    Please carry on as follows:
    - enable advanced logging under Help and support -> Details for tech support
    - reboot the machine
    - disable logging
    - collect logs with ESET Log Collector and post the generated archive here.
  11. Upvote
    camelia gave kudos to Marcos in Can I delete this rule?   
    Looks like you have firewall in interactive mode. If you delete the permissive rule, you'll be asked for an action should the application at the given path be run again which is unlikely to happen.
  12. Upvote
    camelia gave kudos to Nightowl in Am I having too many Edge connections?   
    Thanks for that itman , I was trying to remember the name of O&O software , I completely forgot about it and Cortana drove me crazy recently , trying to disable it every way I can , but Cortana is mighty keeps resurrecting itself haha
    Thanks!
  13. Upvote
    camelia gave kudos to Marcos in What I should do with the duplicates rules?   
    Unfortunately without seeing all parameters of particular rules it's not possible to tell if they are identical or not. Please provide logs collected with ESET Log Collector.
  14. Upvote
    camelia gave kudos to itman in What I should do with the duplicates rules?   
    First, monitoring Win 10 individual services via Eset firewall is somewhat an effort in futility. Eset attempted that a while back in a prior release and quickly abandoned it. Hence, why all Eset default firewall rules for svchost.exe are not service specific. Why? Because there are many hidden services used by Windows that are not specifically listed or controllable via Control Panel -> Admin Tools -> Services.
    In regards to DoSvc, it is Win 10's Delivery Optimization service used to speed up downloading of Win Updates primarily but also used for other Microsoft apps. If Win 10 is not restricted in some form on how updating is performed, you can end up with what is described here: https://social.technet.microsoft.com/Forums/windows/en-US/b94d8e74-58de-451a-b137-7ec2028adc27/delivery-optimization-service-downloading-something-and-using-all-my-bandwidth . Win 10 introduced runtimebroker.exe via BITS processing that allows one service to spawn multiple instances of another service/process. This is in effect what your Eset firewall rule set shows in regards to DoSvc service. Also what service is actually started in regards to DoSvc is C:\WINDOWS\System32\svchost.exe -k NetworkService -p.
    My advice - quit globally monitoring individual service outbound network traffic via Eset firewall.
  15. Upvote
    camelia gave kudos to Marcos in What I should do with the duplicates rules?   
    Correct. The rules are not duplicate since the path to the application is different.
  16. Upvote
    camelia gave kudos to peteyt in What I should do with the duplicates rules?   
    I belive you can delete them but don't think leaving them will cause any issues such as space etc. As you can see from the folder path each location has a slightly different version name.
    The problem with Windows Store apps is their folder location and I believe exe. name changes with each version number. For example is the folder name was app 1.0 the new folder might be app 1.5 and so on. As the location and so on change eset treats it like a new app and a new rule gets made. 
  17. Upvote
    camelia gave kudos to Marcos in Event : Service closed connection?   
    Unfortunately we have not seen that message yet. If you are experiencing issues, such as with viewing websites, please open a ticket with your local ESET support for further investigation.
  18. Upvote
    camelia gave kudos to Marcos in EIS blocking a different Av website vendor?   
    The product in question is correctly classified as PUA since they don't adhere to good practices.
  19. Upvote
    camelia gave kudos to foneil in No product release about ESET Cyber Security why?   
    It's not you...we are transitioning our product release communications currently for all products but once the process is finalized, we'll resume posting. 
  20. Upvote
    camelia gave kudos to itman in No more notifications about updates? yup again   
    The security report referenced is the aggregate event status one that shows ever 30 days.
    When you have questions about Eset settings, always click on the "?" on the GUI page. This will open Eset on-line product help which will show detailed explanations for the settings: https://help.eset.com/eis/12/en-US/idh_config_ui_notifications.html
  21. Upvote
    camelia gave kudos to peteyt in EIS New Scanner Option Feature?   
    The best way to look at pua also is there are many programs that people use that could be risky e.g. there are many people using registry cleaners and similar stuff. They are often risky and its debatable if they should be used, sometimes they may also try to install unwanted extra stuff, nag you to upgrade and other suspicious stuff but people use them and they like them. 
    I often see people asking why their favourite software gets classed as a pup and its usually for something like that. With pups its not a virus so its down to the user to decide if the risks are acceptable
  22. Upvote
    camelia gave kudos to Marcos in EIS New Scanner Option Feature?   
    I always recommend turning it on and exclude any such application by the detection name if it begins to be detected then and is intentionally used for legitimate purposes by the user. PUsA also cover tools that can be used by attackers to stop or uninstall AV in case of a breach via RDP for instance.
  23. Upvote
    camelia gave kudos to HANDJOJO in EIS New Scanner Option Feature?   
    Dear Marcos,
    Please advise so it's to be better if this feature still in turn off for the common users?
     
  24. Upvote
    camelia gave kudos to Marcos in ESET Cyber Security not scanning?   
    Please contact your local customer care and provide them with logs collected with ESET Log Collector for Mac.
  25. Upvote
    camelia gave kudos to stackz in No more notifications about updates? yup again   
    You'll now find it in Advanced setup under Tools -> Notifications -> BASIC -> Display notification about successful update
     
×
×
  • Create New...