All Activity

This stream auto-updates     

  1. Past hour
  2. That is if it is operating normally. My sister's aren't. I have found out that this came up right after a "big update" that installed itself. The computers that are not working are now on built 1709 of Windows 10, of which I know for certain last month were still on 1703. I'm having her uninstall Eset, install all the available updates (to 1803) and then reinstall Eset. I think this might do it.
  3. It's showing under "Connected Home Monitor" it shows a yellow exclamation point on the computer (the center) and shows that traffic was blocked, and when clicking on that, it shows that "Microsoft DNS client" was blocked 400+ times. That's local. That is definitely NOT the router.
  4. Yesterday
  5. Yes and no. Its rules are also conditioned/modified upon what IDS settings are enabled or disabled. Also what profile is selected; public, Home/Office network, or use of the Windows firewall profile. Other than that, it will allow all outbound traffic by default. To monitor outbound traffic, it must be set to Interactive mode and rules created manually for each outbound connection as it is detected.
  6. Problem pushing out updated EES from ERA6

    @davidenco Thankyou.. I have followed your suggestion and cleared out the cache folder (\ProgramData\Apache HTTP Proxy\cache) and but restarted the ApacheHttpProxy service. All is good now and the packages are being installed from the ERA Server.
  7. So basically in default mode ESET firewall behaves like Windows firewall.
  8. Ok did that. Attached is the generated archive from Eset log collector
  9. Please carry on as follows: - temporarily uninstall EAV and installing ESET Internet Security - enable advanced logging in the main gui -> Help and support -> Details for customer care - reboot the machine - disable logging - gather logs with ESET Log Collector and providing us with the generated archive - in the main gui -> help and support click Change product and select ESET NOD32 Antivirus after we find out the root cause of the issue.
  10. If two separate devices each with their own installed EIS copy that connect through the gateway are exhibiting this behavior, odds are the issue lies with the gateway/router and/or possibility their ISP. It could also be a wiring issue with the connection to the ISP. I would start by contacting their ISP and run diagnostics on their connection.
  11. Nod32 antivirus scanning too fast

    1minute 3seconds, yep an issue :/
  12. Nod32 antivirus scanning too fast

    How long does it take to scan the disk using the in-depth scan profile?
  13. usually it takes me like 15 minutes to perform a normal scan on my PC, but in the past 4 days something changed and now it takes around 1-2 minutes, even for the full scan that should take around 1-2 hours. anyone know how to solve that? because that's definitely not working as intended. any help? thx.
  14. In automatic (default) mode, the firewall allows all outgoing communication and blocks all non-initiated communication unless blocked by custom rules. Please carry on as follows: - with EIS v11.1.54 installed, in the main gui navigate to Help and support -> Details for Customer care and select "Create advanced logs" - reproduce the issue - disable logging - gather logs with ESET Log Collector, upload the generated archive to a safe location and drop me a message with a download link.
  15. After I upgraded to the version of NOD32 antivirus i got two notifications: 1. Anti-Phishing protection does not function. 2. Internet filtering protocol and mail filtering does not function (I have greek interface, and that is the reason the above may not be exactly translated as the english version) I tried switching both the functions on via the eset menu, but no luck. Any ideas?

    Thanks! Have a nice day!
  17. ESET works against known threats with its database and is cloud, but the HIPS is clearly to rethink, because even in the Intelligent mode too much happens: /
  18. I've been in professional IT for over 20 years now, so I'm the family central support guy. I have used Eset Total Security for many years now and not had a problem, but this morning I got a call from my older sister, to whom I recommended Eset several years ago, saying she was ready to smash all her computers. After some troubleshooting, I found she was unable to do anything, and the firewall was showing that it was blocking traffic from every device on the network, including the network firewall/router. It was also blocking everything going out, including the DNS client! What's worse is that her daughter's Surface Pro is doing the same. Trying to bring up a browser gives a security warning just as it is starting. The browser starts, but nothing displays on it. She can't even print, as the firewall is showing that it is blocking traffic to (and from, somehow) the network printer. I live 2 hours from her, so I can't just drive down to troubleshoot and fix this myself. The earliest I can get down there is Friday. I don't get it. I have never seen this behavior from anything before. The closest I've experienced was when Bitdefender had their bug that identified all x64 executables as viruses. (That was the reason I switched from them to Eset, so many years ago.) I directed my sister to call Eset support, but I don't know how well she'll fare with this. Her temper is legendary, and she is riled up right now, and I don't know how well non-family will handle that. (I really hated to throw her their way, but I had nothing for her.) Has anyone else experienced this? If so, what caused it? I'm baffled.
  19. Ok, I do not get the file, but it's a ransomware that needs to be recognized or not
  20. Document Exploit Detection

    yes... my test machine is still with old office 2007 BTW this sample is spread through spam, so it is a "real-world" one
  21. Document Exploit Detection

    thanks! originally I intended to ask if ESET has generic exploit detection like other vendors in VT as shown in that webpage. From the updated detection name, I can see what's happening
  22. Have you reviewed this Knowledgebase article How do I configure my Cyberoam® (a Sophos company) UTM device for use with ESET Secure Authentication?
  23. Regarding two methods: first describes steps how to use certificate that was generated by someone else. For example there are various third-party providers that can generate you certificate for your domain/hostname, or even IT department can provide you one in case of larger company. This certificate will be signed (should be) by trusted CA, i.e. it will be automatically trusted by browser or operating system itself. Second method described how to create your own self-signed certificate. Self-signed certificate will be by default entrusted by browser, and you will have to add exclusion, e.i. explicitly accept that you trust such certificate. Bu default, ERA installer uses method 2 to generate certificate, and that is most probably reason why it is considered as untrusted, but we will need more info of what certificate are you actually using. This certificate used for webconsole connections is used only in Apache Tomcat and is not managed by ERA at all. This means, that no configuration in ERA will change this behavior - and in case of compatibility, it completely depends on Apache Tomcat version currently installed. I think that Tomcat7 will be able to use even stronger certificates. Unfortunately I am no skilled Chrome user, but I would expect that there will be somewhere reason for marking certificate as untrusted somewhere ...
  24. Please carry on as follows: 1, Install Wireshark. 2, Enable advanced protocol filtering logging in the advanced setup -> Tools -> Diagnostics. 3. Start logging with Wireshark. 4, Reproduce the issue. 5. Disable logging, save the Wireshark log (pcap/pcapng) and compress it. 6. Gather logs with ESET Log Collector. Upload the generated archives to a safe location (e.g. Dropbox, OneDrive, etc.) and drop me a message with download links.
  25. Well... Not surprising now that I think about it. On most of these machines I've already tinkered with them ahead of time. I know I'm going to install Nod32 so I zing in a few registry changes: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender] "DisableAntiSpyware"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Real-Time Protection] "DisableRealtimeMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Network Protection] "EnableNetworkProtection"=- I'm still working on my first cup of coffee. Surely the cobwebs will vacate shortly. In the meantime I'm distracted by the little guy in my head asking stupid questions like "is Batman a transvestite?"
  26. Not running. That part worked. I guess. WD is generally not running when the Nod32 errors occur. Hadn't thought about that before.
  27. Document Exploit Detection

    This exploit was also patched a few months ago by Microsoft.
  1. Load more activity