Martian 0 Posted September 7 Share Posted September 7 After initial scan, notifications keep popping up with same detections that I previously instructed the program to ignore, even with the bottom 2 checkboxes enabled that I believe said something like (paraphrasing) "exclude (or ignore) this (file) or (application)" and "exclude (or ignore) this (signature?)". At least 4 times the same files were detected (and interrupting me) even after I said to ignore and remember. Also I don't like the auto delete (or clean) of my files and programs without permission. I hate having to manually answer every detection, but if I have to do it to preserve my programs, I expect to only have to do it once, and not be asked continually regarding the same files or programs. Also if it's going to notify me in the corner, I should be able to click the notification and bring up the application interface and instruct the program how to deal with detection, not have it fade away while it's deleting my stuff. All IMHO, of course. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted September 7 Administrators Share Posted September 7 Couldn't it be that the files were detected in c:\documents and settings and c:\users? The former is a junction point that points to the latter so both need to be excluded. Please provide logs collected with ESET Log Collector. Quote Link to comment Share on other sites More sharing options...
Martian 0 Posted September 14 Author Share Posted September 14 It's possible, but it's been days and days and it still keeps finding the same files. The log files just show the detections from the first days scans, so they must just be telling me about the same ones. I Also get constantly reminded about the same changes to the start menu. It's getting kind of annoying. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted September 14 Administrators Share Posted September 14 1 hour ago, Martian said: It's possible, but it's been days and days and it still keeps finding the same files. The log files just show the detections from the first days scans, so they must just be telling me about the same ones. Please provide logs collected with ESET Log Collector should files be detected after creating a detection exclusions. 1 hour ago, Martian said: I Also get constantly reminded about the same changes to the start menu. It's getting kind of annoying. Not sure what you mean without a screenshot, please post one if it happens with this setting in the advanced HIPS setup disabled: Quote Link to comment Share on other sites More sharing options...
Martian 0 Posted September 15 Author Share Posted September 15 Sending log files. I can try that fix you suggested, but I do like to know if something is messing with my start menu. Waiting to catch screenshot. Of course it won't do it when I want it to. I'm sending log files now, I will send screenshot later. Thanks for your help essp_logs.zip Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted September 16 Administrators Share Posted September 16 As I assumed, you have the above setting in the advanced HIPS setup enabled. Please disable it which should stop the notifications from popping up. Quote Link to comment Share on other sites More sharing options...
Martian 0 Posted September 20 Author Share Posted September 20 I would like to know if someone is messing with my startup settings. I just don't know why they would keep changing the same ones. I will turn that setting off for now to see what happens. I have some screenshots of those messages as well as the detections that keep coming up. I don't know how many you want to see. I have more if you want them. Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted September 20 Administrators Share Posted September 20 You have created detection exclusions but not for the CoinMiner variants in the screenshots. In the configuration youve' provided you have the following variants excluded from detection: Win64/CoinMiner.MR potentially unwanted application Win64/CoinMiner.GG potentially unwanted application Since you have even more variants, you'll need to exclude each. Quote Link to comment Share on other sites More sharing options...
itman 1,748 Posted September 20 Share Posted September 20 Err ........... ? Are you intentionally running multiple coinminers on your device? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.