King_of_zor wrote: »

When I hit 'play' from the launcher, I get a 'suspicious file' warning for eso64.exe. Anyone else seeing this? (I'm using free AGV (basically avast re-branded by avast, lol).)

Yes.

Sophos AV has been suspicious of eso64.exe for quite a while:

https://forums.elderscrollsonline.com/en/discussion/667897/eso-upsets-sophos-av#latest

This issue persists to today, U46 still upsets the AV.

King_of_zor wrote: »

When I hit 'play' from the launcher, I get a 'suspicious file' warning for eso64.exe. Anyone else seeing this? (I'm using free AGV (basically avast re-branded by avast, lol).)

Yes - for the last three days, but today it's back to normal for me (using Norton).

Fiennes wrote: »

AV software is almost as insidious these days as the viruses they purport to remove.

Windows Defender has, for a while now, been all you need. Even IT Professionals agree with this.

My absolute advice is to cancel your subscriptions to these awful programs and uninstall them.


For performance purposes you should also add your Steam folder (or ESO folder) to Windows Defender exceptions so that it won't bother scanning there.

That IMO - as advice that makes sweeping remarks with little to no substantiation and no nuance whatsoever - is pretty poor advice.

I am an IT professional myself, alas I am also human and fallible.

Not that long ago I got an alert from our licensed AV that a piece of software that is crucial to our operations was compromised.

I contacted the supplier of the software, they said it was a false positive and they were talking with the AV publisher to clear the matter of the false positive.

I contacted the publisher of the AV, they assured me that it was not a false positive and that our corporate network was under threat and to take immediate corrective action.

I trusted the supplier of the offending software instead of the AV publisher then this happened:

https://www.darktrace.com/blog/3cx-supply-chain-compromise-how-darktrace-uncovered-a-smooth-operator

Took very expensive weeks to clear the mess and to this day there is no way to be 100% sure that sensitive encrypted information was not removed from our network, sitting somewhere just waiting for the computing power to catch up and make decryption feasible.

Take from this what you will.

Fiennes wrote: »

ApoAlaia wrote: »

That IMO - as advice that makes sweeping remarks with little to no substantiation and no nuance whatsoever - is pretty poor advice.

<snip>

Take from this what you will.

I have plenty of substantiation, from both my current company, a previous one, and multiple international companies we deal with. One of whom is very, very, security conscious. I'm glad your licensed AV picked it up, I have no idea from your unfortunate experience whether Defender would have also picked this up. For the lay-user my advise is perfectly grounded. As you say, nuance.

Have a good day.

It didn't.

Some of our reps run the aforementioned software on their own hardware where is not right for us to impose conditions and Windows Defender remained none the wiser throughout.

This was one of the factors that I weighed in when it came to choosing who to trust.

Next time I will weigh in 'more' who is more likely to suffer consequences from contractual obligations if the **** hits the fan: the publisher of a software that when it comes to it 'you run at your own risk' or the publisher of a software that has a contractual obligation to perform as agreed