-
Posts
37,945 -
Joined
-
Last visited
-
Days Won
1,504
Everything posted by Marcos
-
Please provide me with logs as follows: 1, Enable advanced firewall logging in the advanced setup -> Tools -> Diagnostics 2, Reproduce the issue 3, Collect logs with ELC as per the instructions in the KB in my signature 4, Disable advanced logging. Then drop me a pm with the output archive from ELC attached. If too large to attach, upload it to a safe location and pm me a download link. You can also run Firewall troubleshooting wizard to get a list of recently blocked communications which will enable you to create the appropriate allowing rule with a few clicks. You can also download the LiveInstaller from ESET's website which will install ESS version 10 over v9. V10 provides better protection, has lower memory consumption as well as other new features and improvements under the hood.
-
Cyber Security / Pro has an old GUI and lacks features
Marcos replied to Pankaj's topic in ESET Cyber Security Pro (for Mac)
This topic is being discussed in https://forum.eset.com/topic/10406-when-can-we-expect-a-major-upgrade-for-eset-cspro-mac-like-ssp-v10/. Therefore we'll draw this one to a close. -
What browser do you use? Maybe the root certificate could not be imported to a trusted root CA certificate store which would cause issues when opening https websites. Try the following: - restart Windows - do not launch any application and open the advanced setup - navigate to Web and Email -> SSL/TLS, disable SSL/TLS filtering and click ok - re-enable SSL/TLS filtering - wait a few seconds, then open an https website in a browser. Let us know if the https website opens alright.
-
Please drop me a pm with the output from ELC attached. See my signature for a link to a KB with instructions.
-
ESET Mail Security for Microsoft Exchange Server
Marcos replied to Duncan's topic in ESET Products for Windows Servers
Apache is either used as an HTTP proxy server (it's part of the ERA all-in-one installer) or as an http server for distributing updates downloaded by the Mirror tool. If you have only a handful of machines, you don't need to use Apache at all and you'll probably download updates directly from ESET's servers. SQL Server is used by ESET Remote Administrator. If you don't use it, you don't have to care about it. -
To exclude Quickbooks from SSL/TLS filtering, open the advanced setup, navigate to Web and Email -> SSL/TLS -> List of SSL/TLS filtered applications and change the scan action for Quickbooks to "Ignore".
-
It was a link to another ad-related site previously infected with malware that was blocked. It seems they have already cleaned it so it will removed from blacklist.
-
A license renewal should take effect virtually immediately, it's just that it may take a few minutes or hours at maximum for a correct expiration date to be displayed in the product. The username/password don't matter as you don't enter them in the program setup. What matters is the license number which should remain same and therefore the program should continue updating without your intervention.
-
Good to see that Presumably the new automatically generated GenKryptik generic detections as well as hard work of our detection engineers has borne fruit.
-
Do they use firewall in automatic mode? Do they have some custom firewall rules created? Please continue as follows: - in the advanced setup -> Tools -> Diagnostics enable advanced firewall logging - reproduce the issue - disable logging - collect logs with ELC (see my signature for a link to a KB with instructions) - drop me a pm with the output archive attached. As a quick solution they can use the firewall troubleshooting wizard to get a list of recently blocked communications which also allows for creation of the appropriate permitting rule with a few clicks.
-
We don't have a scanner for quickly scanning uploaded files nor incoming emails on a server. Such use of the scanner would be also against EULA.
-
In the "Known networks" setup, make sure there's only one network if several ones have been created due to a changing DNS server. Next, on the Network tab select "Home or office network". Then open the Network identification tab and make sure that network settings that change over time are not selected for identification of the network. In the case of OpenDNS, at least DNS server should not be selected.
-
V4.2 is way too old. The latest version is Endpoint v6.4 for business users. I assume that scans with ecls are actually fast, however, loading modules takes several seconds. It is normal as all modules need to be loaded and only the engine itself is ~50 MB in size. Please elaborate more what you would like to achieve and why you mind the little delay when ecmd is started.
-
The problem appears to be in the wfplwfs!L2802_3ParseMacHeader function as it reads more bytes from the output of NdisGetDataBuffer than requested. We will talk to Microsoft and open a support ticket with them. We assume that the issue should not occur with v9 as it uses epfwlwf which does not register in Microsoft's wfplwfs driver. Could you confirm?
-
Using Machine SID for Web Control
Marcos replied to whitelistCMD's topic in ESET PROTECT On-prem (Remote Management)
I'm afraid this would not be possible without ERA being able to request a list of local users and agent that would support it. It's similar to populating the list of connected devices on remote computers. -
After installing a driver the file is flushed from disk cache to ensure that it's saved properly before the computer is restarted or turned off. I'd recommend upgrading to EPv6 as it not only provides better protection than EPv5 but also has many bugs from EPv5 fixed and contains further enhancements under the hood as well. We're about to release ERA v6.5 together with Endpoint 6.5 soon so you might want to give it a try then.
-
Have you tried installing EPv6? It should call flushing a file after installation of a driver to prevent this.
-
We kindly ask you to stop reporting the block here. We have already replied that the block is correct and will remain. Samples or potential FPs should be reported as per the instructions at http://support.eset.com/kb141/. Having said that, we'll draw this topic to a close.