• Content count

  • Joined

  • Last visited

  • Days Won


Marcos last won the day on January 18

Marcos had the most liked content!


About Marcos

  • Rank

Profile Information

  • Gender
    Not Telling

Recent Profile Visitors

1,892 profile views
  1. Do they use firewall in automatic mode? Do they have some custom firewall rules created? Please continue as follows: - in the advanced setup -> Tools -> Diagnostics enable advanced firewall logging - reproduce the issue - disable logging - collect logs with ELC (see my signature for a link to a KB with instructions) - drop me a pm with the output archive attached. As a quick solution they can use the firewall troubleshooting wizard to get a list of recently blocked communications which also allows for creation of the appropriate permitting rule with a few clicks.
  2. We don't have a scanner for quickly scanning uploaded files nor incoming emails on a server. Such use of the scanner would be also against EULA.
  3. Epfwlwf.sys is the firewall driver used by v9. V10 doesn't use it on newer Windows. We don't need you to do anything as it will be Microsoft's turn after we report the problem (probable Windows bug) to them.
  4. In the "Known networks" setup, make sure there's only one network if several ones have been created due to a changing DNS server. Next, on the Network tab select "Home or office network". Then open the Network identification tab and make sure that network settings that change over time are not selected for identification of the network. In the case of OpenDNS, at least DNS server should not be selected.
  5. In v8 a scheduler task is created for the initial scan. However, instead of editing it I would personally rather run a smart scan which is just 1-3 clicks away. The initial scan is same as any other scans run manually.
  6. V4.2 is way too old. The latest version is Endpoint v6.4 for business users. I assume that scans with ecls are actually fast, however, loading modules takes several seconds. It is normal as all modules need to be loaded and only the engine itself is ~50 MB in size. Please elaborate more what you would like to achieve and why you mind the little delay when ecmd is started.
  7. The problem appears to be in the wfplwfs!L2802_3ParseMacHeader function as it reads more bytes from the output of NdisGetDataBuffer than requested. We will talk to Microsoft and open a support ticket with them. We assume that the issue should not occur with v9 as it uses epfwlwf which does not register in Microsoft's wfplwfs driver. Could you confirm?
  8. I'm afraid this would not be possible without ERA being able to request a list of local users and agent that would support it. It's similar to populating the list of connected devices on remote computers.
  9. After installing a driver the file is flushed from disk cache to ensure that it's saved properly before the computer is restarted or turned off. I'd recommend upgrading to EPv6 as it not only provides better protection than EPv5 but also has many bugs from EPv5 fixed and contains further enhancements under the hood as well. We're about to release ERA v6.5 together with Endpoint 6.5 soon so you might want to give it a try then.
  10. Couldn't it be that you changed the modules folder to a folder in the encrypted profile folder during installation? With default folder pointing to the ESET install folder/modules in "Program Files" no issues should occur.
  11. Have you tried installing EPv6? It should call flushing a file after installation of a driver to prevent this.
  12. We kindly ask you to stop reporting the block here. We have already replied that the block is correct and will remain. Samples or potential FPs should be reported as per the instructions at Having said that, we'll draw this topic to a close.
  13. The reason why Proxifier does not work with ESET is that by default ekrn runs as a protected service by default. The protected service prevents Proxifier from getting into ESET's Winsock stack. Currently the solution is disabling Protected service in the HIPS setup and restarting the computer.
  14. The initial scan is meant to improve performance by skipping whitelisted files during future scans. It starts with some delay after installation. How long does it take on your machine to download the initial update? You can run Smart scan if you cancel the initial scan.
  15. We have come across numerous cases when issues began to manifest after installing ESET but the root of the problem was elsewhere. It used to be either a badly written 3rd party software, a bug in the software and at least 2-3 times it was a bug in Windows itself.