Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


Marcos last won the day on October 19

Marcos had the most liked content!

Profile Information

  • Gender
    Not Telling
  • Location

Recent Profile Visitors

13,131 profile views
  1. After a fresh installation a restart should not be required. Try using the msi parameter SKIP_PENDING_REBOOT_CHECK=1.
  2. Marcos

    Web site url blocked

    Since the website has been cleaned and we didn't find any malware there, we have unblocked it. The procedure for reporting blocked websites is described in the KB https://support.eset.com/kb141/.
  3. Marcos

    firewall policy

    As long as the option to evaluate also Windows Firewall rules is enabled, it should work. However, RDP is allowed in the trusted zone by default. For security reasons we do not recommend connecting to machines from outside. Instead, use VPN, 2FA or firewall rules to restrict access to specific IP addresses.
  4. There is no problem with LiveGrid. Probably something is preventing ekrn from connecting to LiveGrid servers.
  5. That is not possible. You can copy only text from logs.
  6. Marcos


    A changelog will be available soon after v12 has been released for all users.
  7. Marcos

    Virüs algıladım (Virus detected)

    Since this is an English forum, we kindly ask you to post in English so that moderators and other users can understand you and provide you with help. Unfortunately, you didn't provide any information about the threat that was detected. The best would be if you could provide the appropriate record from the Detected threats log and elaborate more on the issue.
  8. If a computer is turned off at the time of task execution and the task is configured to run ASAP, it will be run after the computer has been turned on or restarted.
  9. Does any of the following make a difference? - disabling real-time protection and rebooting the machine - disabling HIPS and rebooting the machine - disabling protocol filtering
  10. Marcos

    Gamma malware help

    There's no solution. Prevention is crutial. 1, Back up, back up, back up. 2. Install all critical Windows updates. 3, Make sure that you have the latest version of an ESET product installed. 4, Do not disable any protection features or exclusions, if not really needed. 5, Set a password to protect ESET's settings. 6, Enable detection of potentially unsafe applications. 7, Block RDP access from outside and use VPN. Alternatively you can use 2FA and / or restrict RDP access to specific IP addresses. 8, Use more sophisticated passwords, especially by users with RDP access. 9, Practice safe computing.
  11. Either you are using older ESET modules or it's another domain / IP address which is blocked. Please post the appropriate records (the whole row) from the Filtered websites log.
  12. Please provide ELC logs from such machine so that we can investigate. I'd suggest carrying on as follows: - temporarily uninstall EAV - install ESET Internet Security and activate a trial version - in the advanced setup -> tools -> diagnostics enable advanced network protection logging - reboot the machine - disable logging - gather logs with ELC and provide me with the generated archive .
  13. IDS detections are blocked automatically. In Endpoint's log you should see the action Blocked. Unfortunately, the message is translated by ESMC as "Detected" which may cause confusion. This will be fixed in ESMC v7.1 at latest to my best knowledge. To prevent network attacks, if you are behind a router / firewall also make sure that ESET (ideally Endpoint v7) is installed on every machine and that arbitrary machines cannot connect to the network. Every machine in the LAN should be fully patched.
  14. Download interrupted means that the communication was actually interrupted, e.g. by a proxy server or due to networking issues (e.g. in case of wi-fi outages or weak signal). Try connecting through a cable if you use wi-fi, connecting through a different router or even ISP.