cyberhash
-
Posts
728 -
Joined
-
Last visited
-
Days Won
30
Posts posted by cyberhash
-
-
Is this screenshot from when you first start the scan ? as it can take about 30/40secs before you can actually see the (objects scanned) numbers moving
-
@tommy456 Have you actually managed to boot your PC into safe mode yet ?? As your original message states that you could not do this.
Getting into safe mode then running the ESET uninstall tool should work. -
@itman
@djcz
The lists of the ip addresses(including the azure & c.eset ones you have mentioned) and an explanation of what they are used for is available at
https://support.eset.com/kb332/ -
2 minutes ago, itman said:
My point was that when 11.1.42 was initially installed, 12 ports were tied up. I now observe at times over 40 ports being allocated. At this rate, soon all my ports will be tied up by Eset pico updating and I will not be able to use the Internet.
I have the same amount of (internal) waiting ports tied up as yourself , but they eventually kill themself and open up new waiting ports (of the same quantity on different port numbers). I can only assume that this is only to increase the reliability of updates. I have been watching this myself for the past few months and it does not appear to affect (My Internet) connection.
If it does, i will be back here complaining along with you @itman
-
@itman I can only assume that these port WAIT's which you describe as "leaking" have increased in frequency with the latest 11.1.42 update are down to
Improved: More frequent update checks for detection engine and modules (part of the 11.1.42 release notes/changelog)
-
2 minutes ago, Ladderman said:
Hi Cyebrhash
Where do i put the exceptions as described in your image?.I put the exceptions in Firewall/Advanced/Exceptions,but i'm guessing it was the wrong part of ESET Firewall.
Colin
Hi @Ladderman
If you just open the main ESET gui , then press F5 . That will take you to the advanced setup. From there go to FIREWALL > ADVANCED > RULES > click edit
Then manually add the rule within there
-
Probably steamwebhelper being blocked , make sure you have these 3 items set up like this picture
Have shown the paths to each file you need to allow as they are not all in the same directory
-
I'm British too but this is not really an issue @Skier. There is probably only about 20% of the software on the planet that offers a EN-GB combination and even less of a percentage that offers and EN-GB with a British flag. Outwith a flag being present in during installation, you will never see it again
If you have ever written code in any language on a computer , the industry standard is EN-US and probably the sole reason why it's been adopted by the masses this way. Plus anyone that is under the age of 30 will be unlikely to even realise that there is a difference, as autocorrect does people's spelling for them nowadays and still favours the EN-US format.
Even the word "Realise" is only slightly different in the US , being "Realize" , or "Specialised" becoming "Specialized" for example.
-
@itman , guess i worded things a bit wrong. It's not that i don't understand the test itself. I just don't understand the reasoning behind or need for the test
Yes anything that employs whitelisting would always score high , irrespective of having a live internet connection or not (PcMatic). PcMatic just took an old freeware idea and slapped a price on it, bad points is that applications are updated that often and the volume is so large is that getting round to your application eg MYEXE v2.297.254 , could take weeks if not months to whitelist. I would guess that applications with a larger user base would be whitelisted before an app that has 200 users worldwide.
The sole reason as to why this method has never taken off, is because people want to use an APP immediately..... not waiting for it to be whitelisted in the cloud (as they are not very tech savvy and don't want to do it manually). Then if you are savvy enough to do it manually, sitting for at least an hour after windows updates allowing changes manually would be soul destroying and allows for user errors to also occur.
As for the big players , i very much doubt that having a working internet connection would make any difference when it comes to samples that have already been analysed.
Once something is identified as bad then surely it will be sent as a definition update and stored locally on the end users hardware. I'm sure that network outages are something that every a/v vendor would factor in as a possibility. It's not just malware that can cause an outage or loss of connection. Getting caught with a virus/malware because your ISP goes down for example would not make any sense from a business perspective.
Every large vendor employs some form of cloud detection method, but as far as i know it is for new and evolving malware. Not stale and already analysed malware that this RAP test uses.
Which takes me back to the point i made above , if it makes no difference to the actual certification then why bother. As the test is already flawed before it starts.
Anything 100% whitelist and cloud based would consistently give the best result, but would also fail to factor in that the majority of the files that it blocked were also false positives.
Just my take on it anyway
-
English is my one and only language and i fail to understand what this test actually does and why they do it. From what i can see they just feed an a/v product some samples for 10 days, then pause any updates and see how it scores on the same set of samples with no active internet connection.
Is this not just a test to see how long it takes definitions to be added/updated for samples ? At least that's what i read/interpret from the description .......
Plus if it does not even count against certification then why bother
-
Never actually felt the need to use a VPN personally. So cant really recommend any.
This review gives a bit of info and shows you how many devices you can have on each service, price etc, and might narrow down a decent one for you
https://www.techradar.com/vpn/best-vpn -
Now im getting both email and realtime notifications . Maybe someone has pressed a button somewhere
-
5 minutes ago, TomFace said:
You might be correct CH. I am set up for a daily notification of new content. I haven't gotten one in a while. I will check my settings.
Likewise i never received a notification for your reply to this message on the forum itself, even although i am signed in. Last one i received was on the 12th feb , even although i have been active on some of the threads on the forum
-
Just me , or is anyone else having issues with notifications on the forum ??
Email notifications of new posts are taking up to 48hrs to be received, plus i no longer receive notifications on the forum itself when articles i have commented on receive new posts/replies
Checked all my settings on the forum and they are fine.
Here's an example of a Email notification received this morning at 07:42am .......... but when i go to the post itself it is 18 hours old.
Have noticed this behaviour for around a week now
Checked the email headers and the email was not received until 07:42 , so its nothing to do with my email account causing the delay. Plus it would not explain the lack of notifications on the forum itself via the browser.
Received: from VE1EUR03HT203.eop-EUR03.prod.protection.outlook.com
(2603:10a6:802:2b::38) by VI1PR10MB1773.EURPRD10.PROD.OUTLOOK.COM with HTTPS
via VI1P190CA0025.EURP190.PROD.OUTLOOK.COM; Tue, 27 Feb 2018 07:42:14 +0000
Received: from VE1EUR03FT003.eop-EUR03.prod.protection.outlook.com
(10.152.18.59) by VE1EUR03HT203.eop-EUR03.prod.protection.outlook.com
(10.152.18.197) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.20.527.18; Tue, 27
Feb 2018 07:42:14 +0000
Authentication-Results: spf=pass (sender IP is 54.240.11.16)
smtp.mailfrom=amazonses.com -
Not if you are using interactive mode , are you using that ?
-
It's been a very bad end & start of year with regards to windows updates and security in general. Too many out of schedule updates, some of which rendered machines useless and then subsequently pulled by MS. Then patches released by MS to replace the buggy ones were also found to be having issues and likewise pulled.
Then add to that mix , some people that were installing updates manually by downloading the corresponding KB's (as they could not see them via WU) were also having problems of varying degree's of severity.
Plus one of my pet hates since moving over to win 10 with regards to updates .......... is the "still to be explained" by MS, delay of updates that can be 3 or 4 days or more after release. If Microsoft could address this issue as a starting point, then at least everyone would know where to start if they never received the patches within say a 24hr period. This leaves people everywhere searching for what "might" be the reason for not receiving their update/s.
Then people end up manually searching and installing KB's , not knowing they come with issues and making matters worse. Or just as bad , spend hours/days looking for a resolution to something to no avail.
I sort of feel kind of stupid personally, where a 1 second export of settings > uninstall my Eset product > reboot and check windows update could have confirmed where my issue was stemming from. But after checking all firewall settings and traffic to and from windows update servers among other things, i never suspected this to be the issue. Plus im limited with time.....
Bugs appear in all software from time to time. At least with the input from all the people on this forum and the matter being resolved quickly by Eset, we all now have our missing WU problem fixed
-
I thought the OP had posted this because his Eset product had flagged it up because of the wording "what are you all doing about this" , as it has never came up as a FP with Eset and has a value of 0 on VT.
I guess it's not Eset related whatsoever , and has been flagged up by some other product
-
4 minutes ago, itman said:
Yes. That is what I posted.
70/100 on one and 0/68 on the other , makes no sense
-
-
23 minutes ago, katycomputersystems said:
What is everyone doing about C:\Windows\System32\CompatTelRunner.exe ?
It shows up on several computers as a potentially unwanted application ("MSIL/WebCompanion.A" & "Win32/SoftonicDownloader.E"), it seems to be an important Windows system file. On my computer, I am unable to delete the file and have not tried removing it from client workstations.
Is there a windows update that needs to be run? Do I restore from SFC? Is there another/better solution?
Yes it's a valid windows system file, not getting any messages here showing that it is a PUA ...... strange
-
@howardagoldberg while someone may have experienced an issue with WU while they had an Eset product installed, it really does not narrow down if that was exactly the root cause of the problem.
From memory i think i was 2 days from the release of the fall CU update , to actually receiving it on 2 machines. Maybe the person that made the reddit post experienced something similar, waited a day or two and never received the update so uninstalled the Eset product they had installed and by sheer coincidence the update became available to them in their region at that particular time (or shortly after). MS don't have any guidance on the delivery of updates that is useful to anyone. For instance i don't allow the P2P sharing method of the updates, and i don't know if that somehow puts me to the back of the queue with receiving them. Obviously people allowing updates to be shared across the web would be more beneficial to MS and they might get priority over people who don't share like myself.
Maybe a few people have found that removing a security product (Not only Eset) has worked for them, but i think these would tend to be a very isolated cases and is still not definite proof that the security app itself was at fault. Were these very rare cases just people that set up a few bad rules in their firewall and never knew how to undo them, or were they using 3rd party tools for traffic shaping or network priority etc (to name a few). Without looking at the problem "when it's a problem", and having all the necessary info to hand is going to be futile.Plus , I think that if there was a major problem with Eset products blocking the delivery of windows updates then these forums would reflect that with a large volume of posts regarding the issue. Maybe for some people like Jani an uninstall/install did work and the reason behind it will never be known as it's too late to tell.........
Just throwing a few ideas out there as there are probably many reasons for the problem
-
@ItsKrom , there are lots of different things that could affect the outcomes of your benchmarks . Are you running any OTHER security product alongside your Eset product, there are plenty of products on the market that can cause issues like this.
A bit Like @Phoenix benchmarks above , my results are even less negligible.
Left side is with protection on, right side is with it off ................ Not even noticeable
-
Wait till patch Tuesday, this update has been causing more trouble than it actually resolves. Some people who have applied the patch manually have done so , then regretted it.
It came out on the 31st January and pretty much "unavailable" since then via WU so something is wrong. Seems to go 3 ways if you try manually
1, Download manually and it installs ok
2, Download manually and it refuses to complete install
3, Download manually and it installs ok but breaks something in the process
Not worth the trouble
-
Do you have "detection of both potentially unwanted and potentially unsafe applications switched on" in the advanced setup" ??.
The url itself is not dangerous, but certain apps install adware that redirects to that url. Like a lot of software nowadays you need to see if there is a "custom install" available when you are installing otherwise it will end up doing things like changing your browser to chrome and making yahoo your homepage without your knowledge and forcing these ads on you.
EIS firewall's interactive mode and Windows 10 apps
in ESET Internet Security & ESET Smart Security Premium
Posted
I use interactive mode also , but don't find it that much of a chore to add one or two new rules following an update. If it was daily then it would be a problem, but every 6 months or so is not an issue.