-
Posts
37,944 -
Joined
-
Last visited
-
Days Won
1,504
Everything posted by Marcos
-
Eset File Security PDF/Phishing.A.Gen
Marcos replied to Matthew Kent's topic in ESET Products for Windows Servers
Upgrades-v2.pdf contains a link to a non-existing domain with phishing. Since it doesn't pose any risk any more, we'll unblock it as well as the link blocked in the other PDFs. In less than 30 minutes the files should not be detected. In case you come across possible FPs, please report them to samples[at]eset.com. -
Eset File Security PDF/Phishing.A.Gen
Marcos replied to Matthew Kent's topic in ESET Products for Windows Servers
Yes, that's correct. PDF files with functional links to phishing are detected as PDF/Phishing.A.Gen. It's not possible to turn off the detection but you can exclude particular files from scanning. What's the purpose of having PDFs with phishing links deliberately on a machine? -
How to check ticket resolution details
Marcos replied to GS@One's topic in ESET Cyber Security (for Mac)
Please contact your local ESET customer care for more information about why your ticket was closed. -
Please post a screen shot of the setting where you changed the port. If you did it at a wrong place, you could disable web access protection.
-
Please create a Process Monitor boot log as per the instructions linked in my signature, compress it, upload it to a safe location and pm me a download link. Also enclose logs from ESET Log Collector. As for Epfwlwf.sys, this driver is not supposed to be installed if you use Windows 8 or newer and have ESET v10 installed.
-
Virus signature database out of date but won't update
Marcos replied to quartet1977's topic in ESET NOD32 Antivirus
Please see my signature for a link to instructions how to collect logs with ELC. -
ESET doesn't provide freeware products. For home users, we provide 30-day trial versions. After the trial period, users must either uninstall it or purchase a license. For mobile devices with Android, we provide ESET Mobile Security that can work with certain limitations in freemium mode or you can purchase a license to activate advanced features.
-
You can have only 1 ERA Server. In branches install ERA Proxy that will act as a mediator between distant clients and the ERA server. See http://help.eset.com/era_install/65/en-US/remote_branches_with_proxies.htm.
-
Please collect logs with ELC as per the instructions linked in my signature, upload the zip archive to a safe location and pm me a download link. This issue can be caused by ESET not being activated, by corrupted engine or by insufficient free RAM to name some reasons that have occurred me.The logs should reveal more info so we'll see. I'm quite optimistic about that we will be able to figure out the culprit.
-
There are currently no plans to use it in home products as administrators are usually technically savvy enough to be able to handle increased number of false positives which cannot be said about majority of home users.
-
Web Access and Anti-Phishing not enabled
Marcos replied to winstonsmith84's topic in ESET Endpoint Products
To start off, please provide me with ELC logs as well as with the output from the attached tool. Run the tool as an administrator with the following syntax and provide me with log.txt: EpfwWfpRegV10.1.2.exe /unreg EpfwWfpRegV10.1.2.exe /reg > log.txt -
You can simply disable shares on particular computers or limit permissions to read-only to prevent encryption if ransomware happens to run on a computer in your network. It often happens that in larger networks users have shares shared for Everyone with full permissions which is not secure. It's better to grant Everyone only read permissions and full permissions only to specific users who really need them and are protected to the maximum possible extent.
-
EFSW 6.5.12010.0 only for 2003 & 2008?
Marcos replied to roga's topic in ESET PROTECT On-prem (Remote Management)
Please disregard that info. Agent will decide automatically whether a 32-bit or 64-bit version of EFSW will be downloaded and installed. The thing is the description of the file in repository that is displayed is for the 32-bit version (Windows Server 2012 and 2016 are only 64-bit) but as I wrote it doesn't matter as it's agent that will decide which to download. -
It's a feature that is being fine tuned to reduce false positives and was not supposed to be seen by users yet.
-
hxxp://www.kcsoftwares.com/files/sumo_lite.exe
Marcos replied to novice's topic in Malware Finding and Cleaning
We take liberty to remind you that this forum is not a means for disputing PUA detections. To report a false positive or to dispute PUA detection, follow the instructions at http://support.eset.com/kb141/. Having said that, we'll draw this topic to a close. -
Warnings about uefi:\\xxxx files - What's that ?
Marcos replied to Samoréen's topic in ESET NOD32 Antivirus
Those files are not a part of Windows and do not pose any risk. Files are submitted only once; if somebody else had already submitted them, they would not have been submitted again. Simply ignore these records or better disable logging as users tend to worry they are infected if some files get submitted just because they were interesting or suspicious to ESET for some reason. -
Warnings about uefi:\\xxxx files - What's that ?
Marcos replied to Samoréen's topic in ESET NOD32 Antivirus
These are not warnings, only notifications about submitted files that are not logged by default. You can disable logging under Tools -> ESET LiveGrid and turn off "Enable logging" .