-
Posts
38,002 -
Joined
-
Last visited
-
Days Won
1,507
Everything posted by Marcos
-
Getting nowhere on Ticket ID: 138059 please help
Marcos replied to Jeroen1000's topic in ESET NOD32 Antivirus
Check out this demonstration video. Radmin_mem_detection.mp4 -
Getting nowhere on Ticket ID: 138059 please help
Marcos replied to Jeroen1000's topic in ESET NOD32 Antivirus
Make sure the application is properly excluded from scanning. -
If you get a warning that a particular website is on the list of websites blocked by user, it cannot be on the "allowed" list. When troubleshooting issues with url management, it'd be a good idea to enable "Notify when applying address from the list". In this case, enable it for the "allowed" list only. When opening https:// wupos.westernunion.com, you should either get a red alert that access to the website was blocked or you'll receive a notification that access was allowed. You shouldn't get the alert and notification at the same time. I'm available for a remote session between 10:00 - 15:00 GMT, just drop me a pm when ready.
-
Does disabling real-time protection or Device Control integration (followed by a computer restart) make a difference?
-
Firewall doesn´t allow Remote Desktop via Internet 2
Marcos replied to TommyBoy's topic in ESET Endpoint Products
Just to make sure, do you have the firewall set to "Automatic mode with exceptions (user-defined rules)" ? In Automatic mode, your rules would be ignored. -
With regular updates selected, an old Internet protection module is provided. It's not clear what the problem is because you say that https websites are not blocked but your first screen shot shows that it was blocked which is contradictory. I could connect to the computer remotely and check it out myself if you wish.
-
Eset Endpoint Security-Device Control Not Functioning
Marcos replied to 2011wrx's topic in ESET Endpoint Products
According to the output you've mentioned, edevmon.sys was not loaded. BSOD would occur if the Device Control driver edevmon.sys was removed from the Windows\system32\drivers folder but wasn't unregistered properly from the filter chain in the registry. Were these computers restarted or shut down properly or the users made a hard reset / shutdown using the reset / power button? -
ESET Endpoint Security doesn't save settings
Marcos replied to danvaida's topic in ESET Endpoint Products
Try the following: 1, Change the setting, click OK and immediately open the setup and check if the setting is preserved. According to the Procmon log supplied, the setting was actually saved to the registry and wasn't overwritten, reset or removed while Process monitor was capturing operations. 2, If the setting was preserved in the previous step, check it out before a computer restart and immediately after the computer starts. If necessary, I could connect to the computer remotely and check it out myself. -
PROOF that NOD32 v7 is a resource hog
Marcos replied to Super_Spartan's topic in ESET NOD32 Antivirus
We've made a comprehensive test of copying large avi files to an external USB 3.0 HDD on Windows 8.1 x64 but didn't find any difference in speed which was always about 111 MB/s regardless of whether v7 (with default settings) was installed or not. Did you have the hard disk connected to the computer during a boot or you connected it when Windows was already started? -
It's necessary to narrow it down to a particular folder. Let's start with excluding /var/lib/postgresql /home/gjenkins/.m2/repository and see if it makes a difference. If it doesn't help, try excluding each of the main folders in the root folder, one at a time, followed by excluding subfolders until you find the one that, when excluded, the issue doesn't occur.
-
Issue from yesterday with ESET NOD32 5-6-EndPoint
Marcos replied to modessrl's topic in ESET Endpoint Products
Endpoint should download v1096 provided that regular updates are selected. Try switching to pre-release updates, run update (you can terminate it after it's started) and then switch back to regular updates and run update. -
Please compress the memory dump, put your nick at the beginning of the archive's name and upload it to a safe location. If needed, I can provide you with access to our ftp server.
-
ESET Endpoint Security doesn't save settings
Marcos replied to danvaida's topic in ESET Endpoint Products
The Process monitor log showed that the ERA setting was saved properly on the client. A reason why a setting would be reset after a computer restart could be installation of a program like Deep Freeze or Steady State whose aim is to revert the system to a previously stored state upon a restart. -
Ok, so the first screen shot showing wupos.westernunion.com as blocked is misleading then and the problem is that you cannot access the website with Internet protection module 1097. In that case, I'd suggest using regular updates until a newer version of the Internet protection module is available on pre-release servers for testing.
-
Issue from yesterday with ESET NOD32 5-6-EndPoint
Marcos replied to modessrl's topic in ESET Endpoint Products
The version of Internet protection module available on Endpoint release update servers is 1096 which shouldn't be affected by IMAP issues whatsoever (at least we haven't received any reports or complaints since the module release in July 2013. Make sure that pre-release updates are disabled or v1097 of the module would be downloaded. I'll pm you with instructions how to activate logging that might help us figure out what's wrong. -
I'd suggest contacting Customer care on this matter. We'll need you to do the following: - edit esets.cfg and add syslog_class = "error:warning:summ:summall:part:partall:info:debug" to the General section - restart esets_daemon - reproduce the problem - edit esets.cfg and disable logging to syslog - restart esets_daemon - supply us with syslog (lines with avstatus would be enough) and esets.cfg
-
Make sure no IP address from the TZ is listed in the temporary IP address blacklist (Setup -> Network -> View temporary IP address blacklist). If that's not the case, continue as follows: - enable logging of blocked connections in the IDS setup - clear the firewall log - reproduce the problem - disable logging - post your firewall log records here.
-
Nod32 different on Win XP and Win Seven !
Marcos replied to fidelius2's topic in ESET NOD32 Antivirus
Protocol filtering is accomplished differently on Windows XP and Windows Vista+. The latter introduced WIndows Filtering Platform and WFP filter is used instead of a TDI driver. The mentioned settings wouldn't make sense with WFP. As for importing the root certificate into Firefox 10.0.12 ESR, I didn't encounter any problem with this. The root certificate was imported automatically into the last version 17.0.11 as well. -
Does clearing update cache help?
-
I'm sorry, but probably no one will understand if you don't write in English. Should this be a problem for you, please contact your local customer care. According to the screen shot, updates are being downloaded.