-
Posts
37,915 -
Joined
-
Last visited
-
Days Won
1,503
Everything posted by Marcos
-
This is probably not possible, wildcards in this form are not supported. I was unable to accomplish it either. It works fine for me. Please post the warning you're getting and let us know what browser and its version you use. Try the following: - with web browsers and email clients closed, disable SSL scanning - enable SSL scanning - launch the browser
-
If certain communication is blocked, carry on as follows: - enable logging of blocked communications in the IDS setup - reproduce the issue - check the firewall log for more details about the blocked communication (copy the recent records and paste them here). - disable logging.
- 4 replies
-
- firewall
- exclusions
-
(and 1 more)
Tagged with:
-
It seems you enabled SSL scanning but import of the root certificate into your browsers or email clients failed. Feel free to disable SSL scanning.
-
DirtyDecrypt.exe file locking ransomware virus
Marcos replied to Jad's topic in Malware Finding and Cleaning
Ransoware encrypting files on a disk is not something new. The recent variant you've mentioned is currently being analyzed so at the moment we're not able to tell if it'd be technically feasible to decrypt them. -
JS/SecurityDisabler.A.Gen potentially unwanted application
Marcos replied to dst-ap's topic in ESET NOD32 Antivirus
Please submit prefs-1.js to ESET as per the instruction here and with a link to this topic enclosed. Although it's unlikely to be false positive, we'd like to check it out to make sure. -
You can check the signature database version number in the Update section of the main gui. You can also try running an online scan.
-
It sounds like the java script is located on a url that you previously blocked access to it and thus the script cannot be loaded. Carry on as follows: - untick the "Allow access only to URL addresses in the list of allowed addresses" box - add * to the list of blocked addresses and tick the "Notify when applying address from the list" box Now if you open the website with the java script blocked, you should get a notification with the url containing the script that was blocked.
-
Did you run a full scan with the most current signature database 8631?
-
Please provide step-by-step instructions how to reproduce the problem. Also provide more information about your oper. system, browser and ESET's modules that are installed.
-
I don't think there's anything secret in that message, this information is also available on ESET's website.
-
Information from LiveGrid might be misleading in case of malware as they would show for the process malware is injected in, ie. not for the malware itself. That said, a user would see ESET recommending them to allow the action based on the data from LiveGrid but in fact they'd allow malware to perform its action.
-
NOD 32 seems to be causing freeze during boot
Marcos replied to cutting_edgetech's topic in ESET NOD32 Antivirus
There's no evidence that ESET is causing the freeze. Even if renaming the drivers (ehdrv.sys, eamonm.sys) in safe mode made a difference, it wouldn't necessarily mean ESET is the culprit. If the system freezes, please generate a complete memory dump and convey it to ESET for perusal. Based on the dump, we'll be able to tell if there's a problem with ESET's driver or if it's another driver / sw that you have installed which causes the issue. -
This shouldn't normally happen. Make sure you don't have logging of all blocked communications enabled which should only be used with care when troubleshooting connectivity issues. The filter enables you to filter records according to certain text they contain in specified columns plus you can specify the severity of the records to filter as well as the time period. If you need more advanced filtering, you can export the log to a text file and use other tools to filter the desired records.
-
Remote boot time scan with ERA Server
Marcos replied to a topic in ESET PROTECT On-prem (Remote Management)
ESET uses startup scans to scan objects and files run when a computer starts. This also increases the chance of catching new born malware not detected by signatures yet. -
If importing the root certificate doesn't resolve the issue, we'd need to get further logs for investigation. Let us know about your findings so that I can provide you with further instructions if the advice given doesn't help.