Jump to content

Recommended Posts

Posted

Hi,

 

I have ESS 7 installed and have just run the AMTSO tests against my system.

 

ESET passed all tests thrown at it, with just one exception failing the CloudCar testfile download test.

 

The AMTSO page gives the following advice:

 

"If you are able to download this file successfully, your Anti-Malware Cloud Lookup solution is NOT configured correctly."

 

I cannot see any reference to cloud lookup settings in ESS.

 

AMTSO shows that ESET is a partner and that if any tests are failed to seek advice from the vendors support forums, hence this request:

 

Could anone tell me which setting(s) I should adjust to correct this?

 

Many thanks in advance.

 

Jez

Posted

Can you consistently reproduce the download successfully ?

 

I was blocked from Downloading, see attached images with ESET nod32 version 7.0.302.26

 

post-1101-0-64525100-1388619431_thumb.jpg

post-1101-0-64315800-1388619442_thumb.jpg

Posted

Can you consistently reproduce the download successfully ?

 

I was blocked from Downloading, see attached images with ESET nod32 version 7.0.302.26

Hi Arakasi, Thanks for replying.

 

Yes I have tried it three or four times and it just downloads with no warning generated. All other AMTSO tests were detected perfectly.

 

Jez

Posted

 

Can you consistently reproduce the download successfully ?

 

I was blocked from Downloading, see attached images with ESET nod32 version 7.0.302.26

Hi Arakasi, Thanks for replying.

 

Yes I have tried it three or four times and it just downloads with no warning generated. All other AMTSO tests were detected perfectly.

 

Jez

 

I have just tried a "right click" scan on with ESS on the downloaded .exe file and this comes back as no threat found also.

Posted

@Jez have you changed any settings in the product?

 

FWIW it's detected fine here too.

Posted

Do you have all the following options checked in Advanced setup :

 

post-1101-0-11916000-1388621101_thumb.jpg

post-1101-0-34806700-1388621107_thumb.jpg

Posted (edited)

Very good screenies Arakasi. Same as me   :)

Edited by SweX
  • Administrators
Posted

Also make sure that the Eicar test file is detected by the http scanner. If it's not, cloudcar.exe won't be detected either.

Posted

Also make sure that the Eicar test file is detected by the http scanner. If it's not, cloudcar.exe won't be detected either.

Hi Marcos, SweX and Arakasi,

 

Arakasi - yes, my settings show as on your excellent screenshot.

 

Yes Marcos, the Eicar test file is detected as a threat and blocked. It is simply the cloudcar file.

 

SweX: I have the firewall changed to "interactive" and have ticked options to detect PUPs etc. Other than those changes, I don't believe I have changed anything else -  nothing is unselected that shouldn't be as far as I can see .

 

Very strange.

 

Perhaps a full uninstall and re-install will fix it?

  • Administrators
Posted

I'd suggest installing v7 from scratch and making sure that you enable participation in LiveGrid during install.

  • Solution
Posted

 

Also make sure that the Eicar test file is detected by the http scanner. If it's not, cloudcar.exe won't be detected either.

Hi Marcos, SweX and Arakasi,

 

Arakasi - yes, my settings show as on your excellent screenshot.

 

Yes Marcos, the Eicar test file is detected as a threat and blocked. It is simply the cloudcar file.

 

SweX: I have the firewall changed to "interactive" and have ticked options to detect PUPs etc. Other than those changes, I don't believe I have changed anything else -  nothing is unselected that shouldn't be as far as I can see .

 

Very strange.

 

Perhaps a full uninstall and re-install will fix it?

 

 

Bingo!

 

Uninstalled and re-installed ESS 7 and now successfully detecting CloudCar testfile as threat!

 

Very odd indeed!

 

Thank you to all who replied.

Posted

Case closed.

It could have been Live Grid was not selected, however i am glad you are fixed.

Posted

Great that you got it sorted quite easy Jez  :)

  • 9 months later...
Posted

I just want to report that I've witnessed this several times in Nod32 7 and recently in 8 as well. For some reason LiveGrid does not function properly even though participation has been checked during the installation dialogue. Deactivating and reactivating in the configuration didn't help, only uninstallation followed by reinstallation. 

Posted

@FleischmannTV

Was ESET LiveGrid really activated when checking and did you have a stable internet connection (LAN/WLAN/...)?

 

@all

And BTW: I downloaded the file on my Android device and EMS didn't noticed it either. (all other test from AMTSO, even the tests for desktop security solutions, went fine)

 

I don't know if this is by design for EMS, because it is an exe file that isn't such bad on Android devices and I don't know whether EMS provides (or should provide) cross-over-platform protection, but maybe you should know that this file wasn't detected by EMS.

As a hint: At the time of the test I was in a WLAN.

Posted (edited)

I have just done further tests. I can download the cloudcar.exe with Chrome (32 and 64-bit), but it is blocked in Firefox and IE. Chrome protocol filtering is working though because the phishing page, EICAR and PUA downloads are blocked.

 

Edit:

 

When I try to save the cloudcar.exe in Chrome with right-click and "save as", ESET blocks the download in Chrome as well. When I try to save it by left-clicking the download link, it doesn't.

Edited by FleischmannTV
Posted (edited)
@all

And BTW: I downloaded the file on my Android device and EMS didn't noticed it either. (all other test from AMTSO, even the tests for desktop security solutions, went fine)

 

I don't know if this is by design for EMS, because it is an exe file that isn't such bad on Android devices and I don't know whether EMS provides (or should provide) cross-over-platform protection, but maybe you should know that this file wasn't detected by EMS.

As a hint: At the time of the test I was in a WLAN.

Should I open a new topic about that?

I thought it isn't worth it, but if I don't get any answer here, I'll open a new topic - no matter.

Edited by rugk
  • Administrators
Posted

Exe files won't be detected on Android devices as they cannot run on them. I'll try to get more info about that.

Posted (edited)

Exe files won't be detected on Android devices as they cannot run on them. I'll try to get more info about that.

Ok, so no cross-platform-protection. This could explain it all, but no sentence with no "but". ;)

 

But I tested the PotentiallyUnwanted.exe from AMTSO and it has been detected by EMS.

 

Here is the proof:

post-3952-0-78076500-1414091492_thumb.png

 

@FleischmannTV

Sorry for hijacking your topic. Now I now I had better open a new topic for that, but maybe a moderator can split this into a new topic.

Edited by rugk
Posted

Hey there, I just wanted to report that with the latest Version left clicking to download the cloudcar testfile is now blocked in Chrome as well.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...