-
Posts
37,943 -
Joined
-
Last visited
-
Days Won
1,504
Everything posted by Marcos
-
V6.5 or older products cannot create a mirror for Endpoint v6.6. We strongly recommend using an http proxy instead of a mirror which would also save traffic. Currently you can use another Endpoint 6.6 to create a compatible mirror. We plan to update the Mirror tool to support the new format of modules used in Endpoint 6.6. EFSW v7 and other v7 server products will support creation of mirror for Endpoint 6.6 and newer.
-
Suspicious adware File not detect in ESET.
Marcos replied to SandipThanki's topic in Malware Finding and Cleaning
This forum is not a means for reporting samples to ESET. Please follow the instructions at the right-hand side of this forum. Having said that, we'll draw this topic to a close. -
-
No, don't use a mirror unless inevitable. If you have more computers in your network and want to save traffic, use an http proxy rather than a mirror. In order to troubleshoot update issues, make sure that you have Endpoint 6.6 installed and then enable advanced update engine logging in the advanced setup -> Tools -> Diagnostis, run manual update and then provide the appropriate etl file created in the Diagnostics folder. It should be reasonably small so you should be able to attach it to a post here.
-
There are many factors that affect scan speed. Usually it's that users have large archives (e.g. iso files) that have to be unpacked during a scan which is a time consuming operation. You can try disabling archives in the on-demand scanner profile that you use for scanning. Since you have the setup password protected and you don't know the password, I'd suggest uninstalling ESET in safe mode using the Uninstall tool and then installing the latest v10.1 from scratch.
-
Probably you meant Endpoint 6.6. It's a known bug in Endpoint 6.6 which will be fixed in the next version.
-
Already reported here: https://forum.eset.com/topic/13026-eset-blocks-onedrive/ We'll draw this topic to a close.
-
A 3rd party FP from a shared url blacklist. It was already fixed. We apologize for the inconvenience.
-
You don't have to. But you can if there are no problems running the two products together.
-
We still don't know if the stuff detected by MBAM is really subject to detection. It could be a false positive, innocuous registry remnants or files, etc.
-
Endpoint Security 6.6 - Modules Update Failed
Marcos replied to satellite360's topic in ESET Endpoint Products
No. A mirror created by Endpoint 6.6 is compatible only with Endpoint 6.6 and newer versions as well as with future v7 server products. -
ESS 5.0 is very old. ESS 5.2 reached its end of life in December 2015. Please uninstall it and install ESET Internet Security 10.1 instead.
-
How to scan computers on the network using ESET Endpoint
Marcos replied to Lachezar Lazarov's topic in ESET Endpoint Products
This is not possible. You can only scan files on mapped network drives on demand. -
First of all, you made this conclusion without knowing all facts. We don't know how ESET was configured, if the user had a recent version of the program installed, if it wasn't disabled by an attacker or malware due to being run with administrator rights, etc. Believing that there's a security solution that detects 100% of malware is utopia. You could search for such AV until the end of life and you'd always got disappointed that every AV failed to detect some threat.
-
Please carry on as follows to generate a new root certificate and to import it to the Trusted root CA certificate store: - restart Windows - without launching any application, disable SSL/TLS filtering in the advanced setup and click OK - re-enable SSL/TLS filtering in the advanced setup and click OK - lauch Outlook and see if the problem's gone.
-
We added a detection in update 16011 yesterday morning. In LiveGrid it was blocked at about 8:10 CEST. It wasn't blocked earlier because the file failed to run 6 times out of 10.
-
It was Locky ransomware that encrypts files. ESET is very good at detecting it as well as other Filecoders. First of all, there's no security solution that could protect users from 100% of threats. Especially if ransomware downloaders spread quickly and download payload from fresh urls. There are many variables and factors that may affect detection, such as old AV product, misconfigured AV, an attacker remoting in via RDP and disabling AV, etc. If possible, get ELC logs as per the instructions in the FAQ section at the right-hand side of this forum, run it on your customer's computer and provide me with the generated zip file.