cyberhash
-
Posts
728 -
Joined
-
Last visited
-
Days Won
30
Posts posted by cyberhash
-
-
2 minutes ago, novice said:
You do not add "exclusions" only if the application is a type of "threat" . A typical example is Malwarebytes and another antivirus , where exceptions are required.
Anyway, back to my question....
Funnily enough, i can run any second opinion scanners or firewalls without any trouble whatsoever and without exclusions. Only a second realtime scanner will cause problems. Nothing new and was even a issue back on windows 95 lol .
-
Why would you need to add exclusions if the application(or associated files)are not any type of "threat" ??
If anything being detected is false then it only needs reported and if its found to be clean then its detection is reversed. -
Running a scan only shows the same animation "showing that something is happening" on the system tray icon for me, but if you hover over it the text clearly states a scan is running and not an update.
-
6 minutes ago, itman said:
My understanding is it is not compatible with x(64) kernel patch protection. The primary reason almost all the third party HIPS solutions shut down. Assume their profits from such software were not worth reengineering the software to be compatible.
Yes the user base that needed all the features of a dedicated software firewall was very slim and therefore not profitable.
-
Many many years back (prior to eset suites being available) i always used a 3rd party firewall along side NOD32 as there was never any compatibility issues that other vendors suffered from. Like @itman has mentioned above. Because these 3rd party firewalls are dedicated applications they will always be more flexibe when it comes to ease of use (for more complex settings). Other vendors that offer security suites have either similar or worse methods of configuration when you get to the firewall.
Maybe using outpost along with NOD32 might be more to your liking .
-
Hi @punta30
Im guessing that this was also an issue prior to having your ESET product installed ?
edevmon.sys wont be the culprit , but at first glance it will appear to be the case as its name appears there.Have you checked the MSI website for the "Intel Chipset & Intel Management Engine " driver updates for your specific motherboard. Id put money on one of those 2 being the culprit
-
Hi @LB-ID,
When you had the black screen on boot , were you able to bring up task manager by pressing ctrl-alt-del and selecting task manager to see if anything was consuming large amounts of cpu cycles , on either the "details" or "processes" tab within task manager ??
You could also check this when your NOD32 is "not" installed and see if there is anything that looks suspicious beforehand.
If it's something thats just happened in the past few months then it would suggest that there is something else causing the issue and not your Antivirus , even although removing it seems to remedy the problem.
A (bad)device driver update during windows update could trigger such a behaviour, and would fit most with your timeline of it "worked then suddenly didn't".
-
The reason i can reach the page without issue is that "Adblock Plus" is filtering that bad URL. Guess you have some type of filtering too @itman ??
-
Not blocked here when i went to that site, you should maybe check again
-
I guess it's other vendors products thats affected, as i use firefox 65 with the sites listed above and many many more and dont and have not encountered any issues whatsoever.
-
1 minute ago, novice said:
Did you, at least, read my post???? Told you I never seen ESET blocking a "never seen before" ransomware , based on HIPS /behavior or its anti-ransomware shield.
Once a signature is created each and every antivirus will detect that ransomware ; the point is to see a signature less detection based on the mechanisms mentioned above.
I have read the past dozen threads you have started regarding HIPS. Which is why i made the comment about being like a "dog with a bone".
You have been given plenty of explanations as to how HIPS works, but after a few days you post the same or similar thing again.
Your average user here does not :
A) Have sole access to only the HIPS modules/components that ESET uses in its products to be able to test and simulate what you are looking for.
B) Actively go looking for "Never Seen Before" Ransomware to run and provide you with a screenshot.
C) Buy something to switch it off or break it ........ Like buying a car and taking 3 wheels off to see if it still works
There is NO option of only installing the "HIPS part of your ESET product when you run the installer". Plus the HIPS module is regularly updated too so it's also not a static part of the product.
@Rami , the above also applies when using a VM or not . So if my "pointless reply annoys you" it's not me who does not understand things.
-
8 minutes ago, novice said:
It is not that he doesn't know what is he doing , but it seems like he doesn't even know what are you talking about...
Running a live malware in a VM is a standard procedure with ZERO risks.
Easy solution .............
If its risk free and so easy then do it yourself and don't request it from other people on a forum. -
VM or not ............
"Get a ransomware , infect your machine , see if ESET blocks it or not "
Really good advice on a public forum 👎 -
-
Merry Xmas to you and the family when it comes Tom. Go easy on the Food and Wine 🤠
-
Default mode as you describe it, will be less in intrusive as it is designed to work without user intervention and works for novices.
For more hands on, clear your rules for FW & HIPS and swap to interactive and see the alerts & frequency for yourself ??.
Not seen the alerts on default mode personally, but i do know that incorrect rules with HIPS can render a machine unusable. The inbuilt rules for HIPS will always ensure that your machine will be functional. An overly sensitive "default" HIPS would be just be a hindrance and confuse users.
-
As above , the problem seems related to the code on the site itself and not anything that protocol filtering is causing.
In Firefox a completely different message is returned from the site/server (Not ESET) ...
" The requested URL was rejected. Please consult with your administrator.
Your support ID is: 3096220045441371025"
-
10 hours ago, kowalski215 said:
Sorry for not being clear. I mean pausing real-time protection...
No, didn't disable integration with outlook, as I have not installed MS Outlook
Hi @kowalski215,
Using Office 2019 & Windows 10 and have no issues at all with any of the applications (including Excel) running with ESET products. Is your copy of Office/Excel legitimate and not activated using some type of activator ??? -
Like Marcos says above, anything i have ever tried works perfectly alongside your ESET product as an on demand scanner. Used to use ESET with either MBAM or Superantispyware, but it's been fruitless over the past 2 or 3 years doing so as ESET on its own has protected/found everything as a stand alone product.
-
13 minutes ago, itman said:
@Marcos , I found the issue. Somehow "minimum verbosity of events to display" got set to the Error level versus Diagnostic. I honestly don't recall fooling around with that setting.
"Informative" is the default setting and should display the alerts
-
Bizarre , alerts showing properly on ESSP with the same windows setup.
Tested with IE11, EDGE, Firefox and all working ok
Maybe just isolated issue with EIS ?? -
2 hours ago, novice said:
The "Open ESET...." screen still doesn't correctly display the last update time (says 12h ago) , while the "update" screen says the correct time, see picture:
Does this "time difference" issue only happen when you "manually" update from the update tab in the GUI and keep that tab open then compare time ??
If so , click on the home tab in the GUI and then go back to the update tab and see if the last update time changes
(xx hours ago)
-
I find it quite the opposite , i use outlook 2016 and between the antispam that hotmail uses , along with the antispam that Eset uses i am lucky if i get 1 spam message per week. This is without using any custom lists or filters and just by default.
Might be more active spam in the part of the world you live in ?? Just a thought
-
6 minutes ago, foneil said:
Thanks for clarifying, I talk often with the product owners about what to include in changelogs and we'll have another discussion after this release using this feedback.
You are welcome @foneil , it just seemed a bit odd that after all the improvements made on the products that no mention of any of it appeared on the release notes.
P:s ... I'm reading the release notes that accompany the download
(xx hours ago)
gaps in history
in General Discussion
Posted
The log files should show different types of events (for each category) , is this what you mean ??