Jump to content

Marcos

Administrators
  • Posts

    36,666
  • Joined

  • Last visited

  • Days Won

    1,457

Everything posted by Marcos

  1. The volume is read from the license file so if you install it on the remote server managing 20 clients, it's ok that it reports 70 instead of 20 allowed clients.
  2. I doubt that a signature update would cause this. You can try temporarily disabling automatic updates in Scheduler, restart the computer and see if the issue recurs.
  3. I've seen this message on systems where ESET was working properly so I'd say you can ignore it.
  4. Cracks with a suspicious behavior that are likely to trigger heuristic detection are detected as potentially unsafe applications. Detection of pot. unsafe applications is disabled by default as they mainly cover legit tools that can be misused for malicious purposes in the wrong hands. If you want to keep the PUA detection, you can exclude the dll from scanning. In the future, you can submit samples to ESET as per the instructions here (not necessary in this case as it's apparently a crack / hack tool).
  5. I'd suggest downloading Windows Installer from this link and reinstalling it. Should you still be unable to uninstall v4, run the Uninstall tool in safe mode.
  6. The file won't be submitted if it has already been submitted by somebody else. Basically there's no need to submit us any files detected as "a variant of..." unless you suspect them to be false positives.
  7. In order to block access to https websites, you'll need to enable SSL scanning.
  8. That's probably because the option "Require full administrator rights for limited administrator accounts" enabled under User interface -> Access setup.
  9. The mechanism is smart and it's been improved significantly a couple of months ago. Users with older signature db are now prioritized and are able to update even at times of a high load. The product actually connects to the server and receives information about the current version being served by the server, hence it evaluates the situation and correctly tells that the database is current. I'd like to note that base updates like this occurs about 1-2 times per year so it's not common that you couldn't update on the first attempt.
  10. At the moment, it may take a few attempts to update to the latest version due to a high load on update servers caused by a large base update that has recently been released.
  11. We are in touch with Bohemia Interactive and trying to pinpoint the issue. As soon as we have some news, we'll let you know.
  12. Before reproducing the issue, please enable "Advanced pcap logging" in the IDS setup -> Troubleshooting. When you reproduce the issue, compress the log C:\ProgramData\ESET\ESET Smart Security\Diagnostics\EpfwLog.pcapng and send it to me for analysis.
  13. This has been noted as a suggestion for future versions of EMS.
  14. Isn't there any additional error code displayed?
  15. Does restarting the ERA http server service as follows help? - with elevated admin rights, run "net stop ERA_HTTP_SERVER" - run "net start ERA_HTTP_SERVER"
  16. If you run "sc query ERA_HTTP_SERVER", is the ERA http server actually running or not?
  17. If the clients were configured to report to ERAS, you can simply edit the policy that will be subsequently fetched by clients. Otherwise you'll need to reinstall the ESET product on clients using a proper configuration.
  18. What do you mean in particular? Any software contains certain bugs, including operating systems developed by thousands of engineers. ESET's goal is to provide as flawless products as possible even at the cost of postponing the release if a more serious issue is found. V7 had been thoroughly tested also by users around the world in various system environments for several months before it went gold. Basically the only known bug in v7 is that Antiphishing doesn't get automatically re-enabled from the disabled state as other protection modules do. Then there have been some performance issues with Advanced memory scanner reported which are caused by the behavior of particular applications. These are not bugs but rather something that requires optimization of AMS so that the applications don't cause any issues to AMS.
  19. Hard to say if you had update 9034 installed which contained detections for the latest Reveton variants (Win32/Reveton.V) that was undetected by other AVs at that time. If possible, please send me the file detected by MBAM so that I can determine in which update the detection was added.
  20. Generally loading files should be quick, especially if you let the first-time scan complete. As for PowerArchiver, I'm not aware that the vendor submits new versions for whitelisting. If they use heavily packed files which take a few seconds to scan, any subsequent scans should be quick provided that you didn't disable Smart optimization.
  21. It looks like an alternate data stream. Try this utility to search for ADS and extract them so that you can see their actual content: hxxp://www.nirsoft.net/utils/alternate_data_streams.html 7.0.302.0 is current, the newer version 7.0.302.26 has only EULA updated so basically you don't need to update.
  22. In the advanced setup, navigate to Computer -> HIPS -> Advanced setup and make sure that the "Log all blocked operations" box is unticked.
  23. 1, the virus signature database is outdated (from Sept 12) 2, to test real-world protection, use an up-to-date signature db and download the malware from the web instead of only scanning files on the disk. This way you'll also test web protection which is another important layer of defense. Also an Internet connection and LiveGrid enabled may improve detection of fresh malware.
×
×
  • Create New...