Jump to content

Aryeh Goretsky

ESET Moderators
  • Posts

  • Joined

  • Last visited

  • Days Won



  1. Upvote
    Aryeh Goretsky gave kudos to itman in eamsi.dll blocked from Videogame Counterstrike Global Offensive   
    Also the problem here appears to be not Eset's eamsi.dll, but CSO's new "Trusted mode" feature that is also causing issues with other running software: https://www.pcgamer.com/csgos-trusted-mode-anticheat-system-is-live-but-its-causing-problems/
    Believe this is something that needs to be reported to CSO's developers. Security software mechanisms that worked prior to Trusted mode implementation should also be allowed in this new mode.
    Also of note:
    It also appears that Symantec does offer Authenticode signed certificates: https://urlssl.net/symantec-code-signing-certificate.html . Therefore the issue is not with Symantec certs. per se.
    -EDIT- Believe this is the issue with CSO. Eset's cert. for eamsi.dll is not an EV cert.. However, Eset also countersigned eamsi.dll with it's Microsoft issued driver cert. which is an EV cert.. This appears to satisfy most apps requirement for an Authenticode signed certificate, but not for CSO it appears. This is also why Code Integrity errors are being thrown by some apps.
  2. Upvote
    Aryeh Goretsky gave kudos to Marcos in Detection occurred but not cleaned   
    If you ran a custom scan, make sure that you didn't enable scan without cleaning:

  3. Upvote
    Aryeh Goretsky gave kudos to itman in Uploaded but still always a false positive   
    The only way to get rid of this detection is to get an UEFI/BIOS version from Lenovo that doesn't include the Computrace components and re-flash the UEFI/BIOS.
  4. Upvote
    Aryeh Goretsky gave kudos to Marcos in Uploaded but still always a false positive   
    The above files were detected on the C drive according to the screen shot. However, it's unlikely to be FP and it's most likely Lojack by Absolute Software that Lenovo used to install to laptops.
  5. Upvote
    Aryeh Goretsky gave kudos to Marcos in Uploaded but still always a false positive   
    EFI/Computrace detection is correct, it's not a false positive.
  6. Upvote
    Aryeh Goretsky gave kudos to Marcos in Trojan Perseus not detected by Nod32   
    It's normal to be detected as a PUsA. Trojan detection is rather a FP.
  7. Upvote
    Aryeh Goretsky gave kudos to Marcos in Domains false positive   
    Since this forum is not a channel for disputing detections and url blocks. we'll draw this topic to a close.
    Only the security malware lab is entitled to make decisions about url blocks. In this case, the blocks appear to be ok. Aggressive or misleading ads are subject to detection as well.
  8. Upvote
    Aryeh Goretsky gave kudos to Marcos in Allow access to some websites   
    The detection is correct. It's not that the website is on a blacklist but it's an adware javascript that was detected.
  9. Upvote
    Aryeh Goretsky gave kudos to Marcos in ESET   
    If it's a pre-installed application, it cannot be removed, only disabled.
  10. Upvote
    Aryeh Goretsky gave kudos to Marcos in exe installer command line   
    I don't think it's possible. Moreover, I can't think of a good reason to not use the latest installer.
  11. Upvote
    Aryeh Goretsky gave kudos to Marcos in ESFS Windows Server 2016   
    Please run the ESET uninstall tool in safe mode and after starting Windows in normal mode install EFSW 7.1 from scratch.
  12. Upvote
    Aryeh Goretsky gave kudos to FEAMCOR in After Windows 10 Build 2004 Install WSL2 is Blocked   
    Update of ESET fixed the problem. Please close this post. Thank you.
  13. Upvote
    Aryeh Goretsky gave kudos to Marcos in Steam update problem   
    Yes, it was a false positive created by the mechanism for automatic generation of detections.
  14. Upvote
    Aryeh Goretsky gave kudos to Marcos in Steam update problem   
    Most likely you are still on an older engine. The current one is 21448 which doesn't detect the file any more and 21449 is going to be released momentarily.
  15. Upvote
    Aryeh Goretsky gave kudos to Marcos in Steam update problem   
    It should be fixed in the upcoming module update.
  16. Upvote
    Aryeh Goretsky received kudos from jonnypotter321 in Future changes to ESET Internet Security and ESET Smart Security Premium   
    The goal of this message thread is to provide ESET with specific feedback on changes and new features you would like to see in future versions of ESET Internet Security or ESET Smart Security Premium. Please use the following format when providing feedback:
    Description: A very-specific one-line description of your feedback.
    Detail: A more detailed explanation of your feedback. Please feel free to make this any length, but be sure to use terms everyone can understand. If your suggestion is an extension or update to an existing discussion, please include a link to it in your message.
    Here is an example:
    Description:  Arduino support
    Detail:  The Arduino is a small ARM-based single-board computer popular with hobbyists.  I think ESET should make a version of ESET Internet Security for it.
    You are welcome to discuss the merits of each and every suggestion, but keep your comments on topic, concise and thoughtful.  There are other parts of the forum to discuss issues.
    NOTE:  When making your requests do not offer general suggestions such as "better detection, HIPS, firewall, cleaning, and so forth."  ESET's threat researchers constantly examine new threats and release updates to the virus signature database and to the modules in order to improve these functions.  Requests must be actionable:  If you have a specific feature or functionality you would like to see added (or improved) please post it here, but general requests to "make things better" or "improve detection" are not helpful because they do not give ESET detailed enough information.  Thank you for your understanding.
    Aryeh Goretsky
  17. Upvote
    Aryeh Goretsky gave kudos to oto313 in After enabling virtual Machine feature, the PC BSOD every start   
    After update to new version it works. Thanks
  18. Upvote
    Aryeh Goretsky gave kudos to Marcos in IObit Constantly Triggering ESET   
    The PUA detection is correct. It's optional. For more information what PUA are, please read https://support.eset.com/en/kb2629-what-is-a-potentially-unwanted-application-or-potentially-unwanted-content.
    If you think that benefits of using a particular PUA outweigh possible risks, you can exclude the PUA from detection.
  19. Upvote
    Aryeh Goretsky received kudos from Demostenes Iturrizaga in Disk Errors during Detection Engine updates after Windows Update   

    Just to add to my colleague @Marcos suggestion, I would strongly recommend you back up any important information stored on the drive, as it sounds like it has begun to fail.  SSD failure modes can be very problematic in terms of data recovery, so it is a very good idea to make sure any type of information you have on the drive which is valuable to y ou is saved in one (or more) backups.
    After you have gotten your important information backed up, check with the SSD manufacturer to see what diagnostic software they offer to check the drive, as that may provide you with additional information/insight into what is happening, as well as what options are available, such as replacing the drive under warranty, and so forth.


    Aryeh Goretsky
  20. Upvote
    Aryeh Goretsky gave kudos to Marcos in Question regarding licence and activation   
    As I wrote, the license I found was for 1 computer, not for 3. Please contact the seller if you actually extended it to 3 computers.
  21. Upvote
    Aryeh Goretsky gave kudos to Marcos in Windows 10 Update broke ESET Security Management Center   
    ESMC should be installed only on server systems. We do not recommend nor guarantee that installing it on Windows 10 home will work.
    Is the Tomcat service running? Please check this out: https://support.eset.com/en/kb6752-apache-tomcat-is-not-running-service-could-not-starthow-do-i-fix-this-problem-esmc-7x
    Does it work if you access it via http?
  22. Upvote
    Aryeh Goretsky gave kudos to Marcos in Multi Devise vs. Internet security   
    It should be the same product, "Multi device security" is an older name of a package that is not used any more. With a license you can download any version of the product you've purchased, including any future versions.
  23. Upvote
    Aryeh Goretsky gave kudos to Marcos in I want to know why Eset security products are so fast.   
    There are many reasons for that, not just one. One of the things we do is that the resource-intensive code emulation is done once and the result is cached for future use so advanced heuristics doesn't have to emulate files each time they are accesses and scanned. Then there are other safe caching mechanisms to ensure that files are re-scanned only when needed (e.g. after module updates), trusted / whitelisted files are scanned less frequently, etc. which also positively affects performance.
  24. Upvote
    Aryeh Goretsky gave kudos to Peter Randziak in EOL for ESET MSP Administrator 1 set to DEC 31, 2020   
    This is an early announcement related to the end of life for ema.eset.com (EMA1). As we're completing the migration of MSPs to EMA2 (msp.eset.com), the aim is to phase out EMA1 completely by the end of the year.
    For more in-depth information and details, please consult the below links:
    ESET MSP Administrator V1 to V2 Migration Process FAQ: https://help.eset.com/ema/en-US/migration_faq.html  ESET MSP Administrator versions feature comparison (EMA1/EMA2): https://www.eset.com/int/business/msp-administrator/ More about ESET MSP Administrator V2: https://help.eset.com/ema/2/en-US/ How to use EMA2 with your ESMC https://help.eset.com/msp_getting_started/en-INT/  There will be more detailed information about what this specifically means coming via the usual channels and you'll be informed about any action steps that may arise as part of this EOL initiative.
  25. Upvote
    Aryeh Goretsky gave kudos to Marcos in A verification of license ownership is now required   
    Contact the seller and ask for a refund.
  • Create New...