-
Posts
37,942 -
Joined
-
Last visited
-
Days Won
1,504
Everything posted by Marcos
-
Tray Icon Disappear after Upgrade to 6.6.2046
Marcos replied to Ignacio Sanchez-Cruzat's topic in ESET Endpoint Products
Does the ESET splash screen appear at all when Windows starts? Personally I've seen at least one similar case with an older version of Endpoint where a standard API function turned out to have been failing. I would suggest contacting your local customer care to ensure the case is properly tracked and providing them with the following stuff for investigation: 1, ELC logs, 2. A Procmon boot log. -
ESET False Alarm Win32/Filecoder.FS troian
Marcos replied to laurentiu's topic in Malware Finding and Cleaning
Are you positive it's still detected? To my best knowledge, the detection was fixed about 2-3 before you posted. -
I'd create a restore point when everything works and then: - remove all security programs that you may have installed (you've mentioned Spybot at least) - uninstall ESET and then also run the ESET Uninstall tool in safe mode If Internet connection works, download and install the latest v10.1. Let us know if the problem persists.
-
Endpoint Security 6.6 - Modules Update Failed
Marcos replied to satellite360's topic in ESET Endpoint Products
Probably a problem with the proxy (192.168.240.5:3128). I'd need a Wireshark pcap log from an update attempt for investigation (ideally 2 aligned pcap logs from the same time, one from the proxy and the other from the client). Did you try to update directly from ESET's servers? -
If you've upgraded from v9, I'd suggest uninstalling EAV, removing "HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security" from the registry and then installing it from scratch. Alternatively you can run the ESET Uninstall tool in safe mode as per the instructions at http://support.eset.sk/kb2289.
-
Do the problematic computers update from ESET's servers or from a mirror created by another Endpoint 6.6? If the former, do they connect directly or through a proxy server? What we'd need you to do: - enable advanced update engine logging under tools -> diagnostics in the advanced setup - start logging with Process Monitor (for instructions, see the FAQ section at the right-hand side of this forum) - run manual update - stop logging (both) - collect logs with ELC - compress the Procmon log and upload it along with the zip archive generated by ELC to a safe location and pm me the download links.
-
Yes, ESET is able to detect fileless malware in the registry. Personally I've come across several cases where REG/something was detected in the registry.
-
It's a potentially unwanted application. A detection for the first variant (JS/Mindspark.A) was added in 2015 so the last one seems to be more popular than the previous ones. If there's a problem cleaning it even with strict cleaning set, provide me with ELC logs from the particular computer. You can also choose to keep the extension and not to detect this particular PUA anymore. This is possible either via the advanced options in the yellow alert window (Exclude from detection), or via an ERA policy (Exlusions).
-
Windows Security Center alert in EEA 6.6
Marcos replied to SandipThanki's topic in ESET Endpoint Products
Answered in https://forum.eset.com/topic/13072-web-and-mail-protocol-filtering-is-non-functional/ : Make sure that the Security Center service is started and it's set to start automatically, -
Web and Mail protocol Filtering is Non-Functional.
Marcos replied to SandipThanki's topic in ESET Endpoint Products
No logs were attached. Please drop me a pm with the archive generated by ELC attached. If too big to attach, upload it to a safe location an pm me a download link. Also make sure that the Security Center service is started and is set to be started automatically. -
During installation a copy of the msi installer is stored in c:\windows\installer. I assume that if this msi file is removed, the installer attempts to search for it in the user temp folder when you attempt to install a newer version over an older one or uninstall the existing version. If the installer was removed from both foldersyou are prompted for the path to the installer. Please use the Uninstall tool in safe mode to remove the existing version as per http://support.eset.sk/kb2289 and install the latest v10.1 from scratch.
-
I assume the above was not taken from a computer that hasn't been connecting to ERAS, wasn't it? I'm referring to your statement: ""Also some clients are not connecting to the Eset Remote Administrator to get the updated settings." As for the problem with settings not being applied, please shoot a video or provide screen shots to illustrate what exactly you did and what doesn't work.
-
ESET Endpoint Security Web Protection issues
Marcos replied to SysEra Technologies's topic in ESET Endpoint Products
See my reply above. The bug will be fixed in the next Endpoint v6.6 release. I assume you should be able to set up url groups via an ERA policy. -
Do you use ERA v5 or ERA v6? If the latter, does C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html show any error on clients that ceased to connect to ERAS? As for the scans, do those client still connect to ERAS? Did you change settings for the on-demand scan profile that you actually used for the scan task?
-
Please enable advanced update engine logging in the advanced setup -> tools -> diagnostics. Then run manual update and disable logging. Next collect logs with ESET Log Collector and attach the generated zip archive to a pm for me. If too big to attach, upload it to a safe location and pm me a download link.
-
If you renew / extend your license, it will work for any of the supported versions of the product that you purchased.