-
Posts
37,944 -
Joined
-
Last visited
-
Days Won
1,504
Everything posted by Marcos
-
Again, SSDP related:https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol If you are having no issues, leave it as is. In case of an issue, use the firewall troubleshooting wizard to allow the desired communication.
-
Again, SSDP related: https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol
-
https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol
-
Did you contact ESET LA who provide support for Mexico? Did you get a confirmation email with your ticket ID? If so, please provide the ID so that we can ask staff from the branch office to find out the status of your ticket. They should have asked you for a dump from the crash for further analysis by engineers.
-
I've just downloaded and installed French Canadian ECSP from ESET's website and with French Canadian set as preferred language, it looks ok to me:
-
That's probably not a good example because Hijin25 mentioned a problem with egui crash, not anything related to performance issues. Also nobody else has reported the crash so far but we'll look into it regardless. Still waiting for an answer to my questions, ie. which of the steps listed in my earlier post helps and resolves the issue for you and what operations you are doing when the performance impact is noticeable.
-
Could you please post a screen shot of the Specialized cleaner window that pops up?
-
You can enable it via a policy as shown below. The ESET LiveGrid reputation system queries ESET's servers for reputation information about files to ensure quick response to new threats, possible false positives and to improve performance by omitting trusted (whitelisted) files from scanning. We also recommend to leave the submission of samples and statistics enabled which helps us create better detection and improve cleaning of newly emerging threats. Documents are excluded from submission by default. In environments with strict policies where no file is allowed to leave the network, submission of samples and statistics can be disabled without losing benefits provided by the LiveGrid reputation system.
-
RA Agent not reporting
Marcos replied to PhilGeorge's topic in ESET PROTECT On-prem (Remote Management)
Please check C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html and trace.log for more information about the issue. -
HIPS rule block application not working
Marcos replied to hungtt's topic in ESET PROTECT On-prem (Remote Management)
Unfortunately, you didn't post screen shots of the rule details. Please do so as without knowing details, we can't tell if the rule is set up to block the application or not. As MichalJ noticed in the screen shot, the application is listed as the source application. That means, the rule would prevent SecureCRT.exe from running other applications. Please follow MichalJ's instructions. -
HIPS rule block application on clients from ERA
Marcos replied to hungtt's topic in ESET PROTECT On-prem (Remote Management)
Probably the best would be to connect via RDP or a remote admin tool to find out the location of the desired executable. -
Allegedly disabling "Advanced scanning of browser scripts" could help as ESET would not inject its dll into browsers for advanced script scanning. Of course, we don't recommend doing so. I'd better drop EMET in favor of ESET's advanced protection.
-
Since I assume that no moderator will be able to answer this, I'd recommend asking in the Cisco Support forum at https://supportforums.cisco.com/community/6001/vpn.
-
Not sure if turning off Exploit blocker would suffice, perhaps @itman would be able to tell. If that doesn't help, I'd suggest not using EMET as disabling HIPS completely would also disable Advanced memory scanner as well as Ransomware protection.
-
Update offline via mirror folder
Marcos replied to hungtt's topic in ESET PROTECT On-prem (Remote Management)
I'd suggest distributing update files via an http server instead of local shares to avoid hassles with rights and the limit for the number of concurrent connections that operating systems have. Ideally you should use an http proxy instead of a local mirror which will also reduce the amount of data downloaded from ESET's update servers. -
The detection is correct. The NSIS installer contains a FusionCore dll which is correctly detected as PUA. PUA detection is optional.
-
Only one real-time protection can be enabled at a time.