-
Posts
37,945 -
Joined
-
Last visited
-
Days Won
1,504
Everything posted by Marcos
-
No problems here with automatic import. Try the following: - disable SSL/TLS filtering in the advanced ESET setup - make sure there is no ESET certificate present in the trusted root CA certificate store - restart the computer - without launching any application, open the advanced setup and re-enable SSL/TLS filtering - launch Thunderbird and check if an ESET root certificate is present in the trusted root CA certificate store.
-
When SSL/TLS filtering is enabled in ESET products, the root certificate is automatically imported into Mozilla Thunderbird's trusted root CA certificate store. You don't need to do that manually. To view the root certificate, open the advanced ESET setup, navigate to Web and email -> SSL/TLS -> View certificate. To export it, on the Details tab click "Copy to file" and follow the wizard.
-
Blocked Webpage Message
Marcos replied to Jessraea's topic in ESET PROTECT On-prem (Remote Management)
To put it right, you should get a pop-up alert even on https sites as shown below. It's just that the browser will throw an "SSL_ERROR_ACCESS_DENIED_ALERT" error. I've tested it with ESS v10 but it should be similar with Web Control in Endpoint v6. -
Blocked Webpage Message
Marcos replied to Jessraea's topic in ESET PROTECT On-prem (Remote Management)
HTTPS websites are blocked without any message as the block occurs during handshake and not afterwards. -
Fasle Positive W32/Kryptik.BIV trojan
Marcos replied to aviben's topic in Malware Finding and Cleaning
This is a very old Kryptik detection triggered on an incomplete Nvidia file. Ie. the file cannot be executed and is corrupted. We'll see what we can do about it. You can temporarily exclude C:\ProgramData\NVIDIA Corporation\Downloader from scanning. -
I would start with uninstalling EAV 5.0 (e.g. remotely, using a software uninstall task), at least to avoid installing EES in the EEA folder. There's a chance that a fresh install will work alright. If not, you could connect remotely via RD or another remote administration software and try to install EES v6 manually. This will also enable you to generate an install log by running "ees_nt64.msi /lvx* log_name" which may shed more light if the install fails.
-
This was confirmed by developers as a bug. We plan to look into it tomorrow. Anyways, I was unable to reproduce it with v8 and that option did not appear in the HIPS rule editor no matter what I tried. V10 contains various enhancements and optimizations to make scanning faster and to use less memory. Better performance was also proved by testing organizations. We will be happy to assist you with resolving issue. To start off, we'd need to know if temporarily disabling real-time protection or HIPS (requires a computer restart) makes a difference in order to narrow it down. Endpoint does not have any special HIPS rules included. It was our Dutch partner who prepared a set of rules for administrators to improve protection against ransomware. However, since the rules may also prevent running legitimate scripts and applications, they should be applied only in environments where administrators are aware of possible issues and know how to react to them by editing the appropriate rule.
-
I merely added *youtube.com* to the exception list with the action set to Block. Although I tested it with ESS, it shouldn't be any different with Endpoint.
-
I can't seem to reproduce it. Youtube is blocked if I add a block exception for my account in the Parental Control setup:
-
Please install ESS v10 or EIS v10 (without Anti-Theft). The new version has many bugs from v8 fixed so it's likely it will also solve this issue too. According to http://support.eset.com/kb3678, we provide limited support for v8 which means in particular: Availability of regular virus signature database updates and module updates Severe problems, such as when the product or its main functionality is not working or is causing an instability of the system or contains a major vulnerability, addressed with patches and Service Releases Customer Care is available but not all bugs will be fixed No support of new versions of operating systems
-
What version of Chrome do you use? 32 or 64-bit? Do you use blocking by category or by url? Do you have SSL/TLS scanning enabled?
-
Allow Internet Access Only with VPN
Marcos replied to Manikandan R's topic in ESET Endpoint Products
This was already discussed at https://forum.eset.com/topic/10923-allow-internet-access-only-with-vpn/. -
I can't find such operation in my v8 HIPS rule editor. "Potential ransomware behavior" is not supposed to be there and I can't imagine how you made it appear in the list. It's a matter of fact that v8 cannot provide as good protection as v10 does. It misses a lot of new features, such as the AMSI and script scanner, network (botnet) protection, ransomware protection, etc.
-
Release date for 6.5?
Marcos replied to whitelistCMD's topic in ESET PROTECT On-prem (Remote Management)
It was mentioned in another topic that the release of ERA and Endpoint v6.5 is planned towards the end of February.