Marcos
-
Content Count
22,735 -
Joined
-
Last visited
-
Days Won
955
Posts posted by Marcos
-
-
Scanning archives by real-time protection doesn't make sense regardless of the AV, it would render the machine unusable. Just imagine that archives would be locked for several minutes or hours during the scan on each access.
-
I confirm there is an obfuscated JS on the website which is what ESET detected and blocked:
-
How many clients are reporting to the ESET PROTECT server?
What is the hw configuration of the server?
What db do you use? Is the db on the same server or another one? If the latter, what is the hw configuration of the db server?
Have you created a policy that enabled additional reporting, such as all installed applications, websites allowed by Web Control, etc.? -
I would recommend opening a support ticket with your local ESET distributor to find out if it's an issue that has been fixed recently and the fix will be included in EFSW v8.
-
I'd recommend opening a support ticket with your local ESET support and providing them with:
- an email containing an xlsx which is deleted
- logs collected with ESET Log Collector (beforehand reproduce the issue with diagnostic logging enabled) -
Unfortunately it's not possible. As for HIPS rules, you can either apply it to all or specific applications with a path. Likewise fFirewall rules currently require the full path to an application.
-
Edge 89 is not currently supported. We should know soon whether and when it will be supported.
-
How is this query connected with ESET? Are you attempting to install ESET PROTECT or another ESET software on an machine in Azure?
-
I assume there are technical reasons / limitations why it's not possible. Please open a support ticket with your local ESET distributor for further investigation.
-
-
It was authentication failing on servers in a particular data center which caused the issue.
-
You can ignore it for now since we have managed to find a temporary solution for affected products and systems. Yet we strongly recommend upgrading to the latest version as soon as possible since we won't be able to guarantee that Microsoft will trust the certificate for long enough. The notifications are going to be updated accordingly soon.
-
4 minutes ago, Outcast said:
Sounds to me like ESET's failover was manual and not automatic
In case of authentication issues fall-over cannot be automatic. Otherwise in case of an invalid / expired license the client would have to try to connect to each of the servers to make sure it's rejected on all of them which would take time and create an unnecessary burden on servers (a kind of DoS attack) if dozens of thousands clients would do that.
This issue is not common at all and was resolved quickly.
-
Brave is not a supported browser (https://help.eset.com/glossary/en-US/technology_online_protection.html). If you use any of the supported browsers, IE won't open.
-
3 minutes ago, RicardoDeLoco said:
Understood. Other machines are still experiencing the issue though. Any advise?
That's weird since the communication was redirected to other data centers with servers that work alright.
Please carry on as follows:
- enable advanced Web Control logging in the advanced setup -> tools -> diagnostics on a machine where the issue persists
- open an arbitrary website in a browser
- disable logging
- collect logs with ESET Log Collector and upload the generated archive here. -
6 minutes ago, RicardoDeLoco said:
Though I see this issue as solved I still see issues on my company. I fixed my laptop upgrading to ESET 8 but why would I need to do it on all other machine that have 7.3? Is there a delay on the Authentication servers?
Upgrade to v8 is not necessary (yet recommended), however, it would have no effect on this issue.
-
It's been confirmed that there was a problem with the Parental/Web Control database in one of the data centers. It was fixed at 4:15 PM CET. Are you still experiencing issues?
-
What logs are you referring to? Could you please post a screen shot for clarification?
-
I was unable to find any license registered with your forum email address. Please provide your public license ID in the form of XXX-XXX-XXX.
-
32 minutes ago, BastiFantasti said:
The same problem in our organization.
and with other modules like Web Blocker.
I was able to find only already expired licenses registered with your forum email address. Please provide your public license ID in the form of XXX-XXX-XXX.
-
17 minutes ago, mcrouse said:
I'm getting a similar message on some of my endpoint security deployments except it says "web control not fully functional because of a license problem". The warnings come and go but it notifies the users each time so it's very annoying. It would be nice to get some sort of confirmation from ESET's end that they are having server issues so I don't waste my time trying to diagnose an issue I can't fix
I was able to find only a trial version of ESET NOD32 Antivirus registered with your forum email address. Please provide logs collected with ESET Log Collector on the machine with ESET Endpoint Security installed.
-
Please provide a couple of records from the log. Are they logged in the Network protection log?
-
You have received a response from samples[at]eset.com. We don't have most of the files with the listed hashes so we can't tell if they are detected or not or if particular files are subject to detection at all.
b75f163ca9b9240bf4b37ad92bc7556b40a17e27c2b8ed5c8991385fe07d17d0 will be detected as ASP/SecChecker.A.
-
Just now, me myself and i said:
No idea?
It's not possible. I'd recommend contacting your local ESET distributor; they can report it to ESET HQ as a customer requirement.
False positive
in Malware Finding and Cleaning
Posted
It's a web threat and as such may not be detected by ESET at VT. We use various mechanisms to detect and block malware.