Jump to content

Marcos

Administrators
  • Posts

    24,543
  • Joined

  • Last visited

  • Days Won

    1,025

Everything posted by Marcos

  1. Please provide one more memory dump, however, prior to reproducing the crash run the following as administrator and reboot the machine: verifier /standard /driver eamonm.sys After reproducing BSOD and rebooting the machine, run as administrator and reboot the machine: verifier /reset Compress the memory dump, upload it to a safe location and drop me a personal message with a download link. If possible, check if you can reproduce the crash with consumer products EAV/EIS/ESSP v14.2.
  2. Dobry den, nahrajte sem priklad mailu, ktory bol nespravne vyhodnoteny ako spam. Moze byt v eml alebo msg formate.
  3. You can temporarily switch the firewall to interactive mode and print a test page remotely. When asked about the communication, choose Block and tick the appropriate check-box to create a new rule. Afterwards you can switch back to automatic fw mode.
  4. EDTD should work fine with EFSW 8.0. Is there any error related to activation in the EFSW event log?
  5. If you didn't enable biometric authentication and forgot the PIN or pattern, tap "Forgot your PIN". On the next screen enter your my.eset.com password. If you forgot it, reset your my.eset.com password first. Next choose your new PIN and confirm it. https://support.eset.com/en/kb2949-reset-my-security-password-for-eset-mobile-security-for-android#PIN
  6. The detection is more than a week old so probably they've started using a specific obfuscation. Since it's detected as a suspicious application, it should be safe to create a detection exclusion for it.
  7. Please upload the complete dump to a safe location (OneDrive, Dropbox, Wetransfer.com, etc.) and drop me a personal message with a download link.
  8. Please somebody provide at least a kernel memory dump from the crash.
  9. Does enabling this option make a difference? WEB AND EMAIL -> Email client protection -> EMAIL CLIENTS -> EMAIL CLIENT INTEGRATION -> Disable checking upon inbox content change
  10. It depends on whether you backed up the database and exported certificates before upgrade. If not, you can install the previous version from scratch while losing all data (especially if changes were made to the db schema). Agents would also need to be re-deployed in order to start replicating to the ESET PROTECT server.
  11. Release Date: June 29, 2021 ESET Full Disk Encryption v1.3.0.22 has been released and is available to download. Changelog: Version 1.3.0.22 Added: Automatic update of modules Added: Section within UI to show current installed modules Added: Ability to deploy installer with pre-defined password and keyboard map to start encryption Added: English (Indian) keyboard layout Added: Status message when encryption is paused if system is running on battery power Added: Ability to generate new recovery passwords from ESET Protect console Added: Ability to control FDE authentication via command line Added: Ability to add keyboard layouts via command line Added: Status message when system has an unsupported dynamic disk Added: Ability to retry encryption from ESET Protect console if encryption has failed Improved: Encryption percentage symbol is on the same line in all languages Improved: Various localization improvements Fixed: Disks do not show as RAW in UI when service is not running Fixed: Postponing FDE does not result in the system being incompatible with EFDE Fixed: License info now correctly displays in UI prior to initial install reboot Fixed: UI window focus now behaves correctly Fixed: Recovery password index is now correct after re-encryption Fixed: UI latency issues in certain network environments Fixed: A problem with SafeStart on Lenovo devices Fixed: Various issues with UI scaling, snapping, naming & shortcuts Fixed: Presentation mode state is not reset after service restart Support Resources ESET provides support in the form of Online Help (user guides), fully localized application and Online Help, online Knowledgebase, and applicable to your region, chat, email or phone support. Online Help (user guides) Visit www.eset.com/contact to email ESET technical support
  12. The out-of-band update fixes a remote code execution flaw affecting the Windows Print Spooler service The post Microsoft issues patch to fix PrintNightmare zero‑day bug appeared first on WeLiveSecurity View the full article
  13. If there's an issue with Open VPN there is no connection with submission of samples. Therefore I would strongly recommend trying what I suggested and if temporarily uninstalling ESET makes a difference, open a support ticket with your local ESET distributor for further troubleshooting.
  14. You can keep just advanced update engine logging enabled, however, it may not be enough, depending on the cause.
  15. This topic was about submission of suspicious files. If you are having a problem with Open VPN, please narrow it down by disabling particular settings and features, such as the firewall, protocol filtering, HIPS, etc. Does the issue go away at all after temporarily uninstalling ESET? If so, please open a support ticket with your local ESET distributor for further troubleshooting.
  16. You have posted a screen shot of the All-in-One installer. Agent live installer is a batch file PROTECTAgentInstaller.bat. You can create one in the Installers pane. It contains also information about the ESET PROTECT server, port as well as certificates: echo.P_HOSTNAME=192.168.1.10 >> "%installConfigFile%" echo.P_PORT=2222 >> "%installConfigFile%"
  17. We are currently testing a deployment procedure via JAMF which will avoid the dialogs related to extension installation. We should have it ready for publishing soon.
  18. It is not true that the machine must be infected with malware if the shutdown or system start takes longer. How much "longer" do you mean? If ESET doesn't find anything, you can run a scan with ESET SysRescue to make sure there's no rootkit running. If no threat is found, it's very likely that the machine is clean and the slowdown is caused by something else.
  19. That's weird. Installation over an existing version of agent enforces new settings and certificates. Does it work if you don't run a live agent installer but run the agent msi installer, run server-assisted installation and specify the server address? The installer should download the certificates from the server. For further troubleshooting please open a support ticket with your local ESET distributor.
  20. There's nothing unusual. 77% of files submitted this month were obfuscated JS from filecrypt.co.
  21. EES6M remote installation is made in two phases. In the first phase customer has to create remote install files by ESET installer. In the second phase user could install EES6M remotely using Apple’s Remote Desktop or another tool that supports installation of standard Mac’s installation packages. Remote Installation Phase 1: Preparing Files Remote installation files are created by EES6M installer. Pic1. Selection of remote installation preparation Customer should select Remote type of installation during local execution of ESET installer opened from DMG container. Then Installer will navigate customer through required setup steps. Pic2. Saving remote installation files Saving setup values finishes the first phase of remote installation. Local installer exits and creates remote installation files in destination folder chosen by user. They are: setup data entered by user in Installer's Setup section - esets_setup.dat setup of selected program components - program_components.dat - (optional, it is created only when user select to not install some program components) remote installation package - esets_remote_install.pkg remote un-installation script - esets_remote_uninstall.sh Pic3. saved file in case that all program components are installed Pic4. saved files in case that user select to not install some program components Phase 2: Installation Remote installation on network targets could be made in two steps by two slightly different ways, it depends on whether user select to install program components or not. Phase 2A: Installation - all product components are installed 1. copy esets_setup.dat to remote target Mac by ‘Copy files or folders…’ command of Apple Remote Desktop NOTE 1: this step must be done before 2nd step, otherwise user settings will not be applied to remotely installed EES6M. NOTE 2: the path and file name must be set as you can see in the picture below: Pic5. Copy setup script command 2. install esets_remote_install.pkg to remote target Mac by ‘Install packages…’ command of Apple’s Remote Desktop. Pic6. Install Packages command settings. Phase 2B: Installation - not all product components are installed 1. copy esets_setup.dat and program_components.dat to remote target Mac by ‘Copy files or folders…’ command of Apple Remote Desktop. NOTE 1: this step must be done before 2nd step, otherwise user settings will not be applied to remotely installed EES6M. NOTE 2: the path and file name must be set as you can see in the picture below: Pic7. Copy setup script and program components command 2. install esets_remote_install.pkg to remote target Mac by ‘Install packages…’ command of Apple’s Remote Desktop. Pic8. Install Packages command settings. Remote Un-installation EES6M remote un-installation is made by executing copied shell script on remote target Mac. Un-installations is made in two steps: 1. remote un-install script has to be copied into target Mac by ‘Copy files or folders…’ command of ARD. Pic9. Copy Items command settings. 2. Copied script must be executed on remote target Mac by command ‘Send a UNIX shell command…’ of ARD. Pic10. Send UNIX shell command settings. If un-installation is finished console log is shown on ARD host computer. Pic11. Example of console log after executing un-installation script. Remote Upgrade Remote upgrade is made by ‘Install packages…’ command of Apple’s Remote Desktop. Note that setup saved in ESET remote install package is not applied on target computers during upgrade process. ESET Remote Administrator should be used to remotely setup EES6M after upgrade. Remote Downgrade Remote downgrade like local downgrade is not supported for ESET products.
  22. Seems to be a known bug which should be fixed in the next service release of ESET PROTECT v8. P_EP-24873
  23. Caught between a rock and a hard place, many ransomware victims cave in to extortion demands. Here’s what might change the calculus. The post Ransomware: To pay or not to pay? Legal or illegal? These are the questions … appeared first on WeLiveSecurity View the full article
  24. That's because you probably have fast startup enabled. If so, shutdown in the Start menu is not a real shutddown but rather a kind of hibernation. That said, the OS doesn't start loading from scratch.
×
×
  • Create New...