Marcos
-
Posts
25,151 -
Joined
-
Last visited
-
Days Won
1,047
Posts posted by Marcos
-
-
You can enable program auto-update so that Endpoint is updated automatically about 2 months after the release of a newer version.
-
Please raise a support ticket with your local ESET distributor. For antispam to work the server must be able to communicate with ESET's servers on UDP port 53535. Couldn't this be the reason that the communication is blocked?
Please carry on as follows:
- enable diagnostic logging
- receive a spam email that is not recognized
- disable diagnostic logging
- collect logs with ESET Log Collector and supply the generated archive to technical support along with the unrecogized spam in the eml or msg format. -
Since this is an English forum, we kindly ask you to post in English.
As for resetting the root MySQL password, have you tried this?
https://phoenixnap.com/kb/how-to-reset-mysql-root-password-windows-linux
-
If you ran a software install task to upgrade Endpoint to the latest v8.1.2037, a restart will always be required.
A restart is not required for the so-called uPCU updates, e.g. if you have an older version of Endpoint v8 and it's configured for auto-update. In such case it would download uPCU to the latest v8.0 which would install after the next computer restart.
-
Yet another APT group that exploited the ProxyLogon vulnerability in March 2021
The post FamousSparrow: A suspicious hotel guest appeared first on WeLiveSecurity
-
I'm not angry about you reporting it. Quite the contrary, we are happy if you report us possible malicious samples or urls.
I just wanted you to point in the right direction, ie. to report stuff directly to samples[at]eset.com according to the KB if you want the submission to receive better attention.
Also I wanted to point out that even if a particular website is not blocked (ie. it may be a completely legitimate one with just somebody posting links to cracks), the point is to detect possible threat in the end no matter how it is achieved, ie. by blocking access to the malicious website or by detecting the malware upon download or execution at latest.
- Nightowl and notimportant
-
2
-
Were you able to find malware which was downloaded and undetected in the end?
-
1, A correct way how to report samples or urls to ESET is via samples[at]eset.com as stated in https://support.eset.com/en/kb141. While submissions from the program are checked, more than 99% of them is just benign stuff which is not subject to detection (images, binary data files, encrypted files, music, etc.).
2, ESET reserves the right to decide if and how samples will be detected and urls blocked.
3, When testing, it's important to have detection of pot. unwanted and unsafe applications enabled; a lot of such websites are detected as scam.
4, It's not possible to download malicious files from the above websites; the download url was always blocked.
-
So you were not connected via RDP or another remote administration tool and didn't install / upgrade Endpoint manually?
Could you post a screenshot of the Protection status window from such Endpoint?
Also please do the following:
- on endpoint where the issue exhibits open the advanced setup and navigate to tools -> diagnostics
- click Create to generate a dump of ekrn
- collect logs with ESET Log Collector
- upload the generated archive to a safe location and drop me a private message with a download link. -
Please provide more details about how you installed or upgraded Endpoint when the warning appeared. Provide the entire warning since it's cut in the screen shot. Also provide a screen shot of the Protection status screen of Endpoint that reports the warning. Did you install ESET Endpoint Security via RDP?
-
Please raise a support ticket with your local ESET distributor since further logs will be needed by developers for investigation.
-
While we don't currently offer application control, you can block files based on a hash via ESET Enterprise Inspector:
-
3 hours ago, kurczak88 said:
screen1: Failure to update modules
Please carry on as follows:
- enable advanced logging under Help and support -> Technical support
- run update
- disable logging
- collect logs with ESET Log Collector and upload the generated archive here. -
There's no general rule neither for servers nor workstations as to how often full disk scans should be run. Just avoid running a disk scan when a machine is being used and cpu / disk intensive operations are being performed.
I'd prefer using the Scheduler in Endpoint to run scan tasks.
-
33 minutes ago, itman said:
Interesting.
Does Eset check IP address/domain name added for malicious status?
Not necessarily malicious but yes, the IP addresses/domains are checked.
-
First of all, since this is an English forum, we kindly ask you to post in English.
Please clarify what the issue is. Is it that you don't see your endpoint in the ESET PROTECT Cloud console?
-
Check if the Security Center service is running:
If it is, you might need to rebuild the WMI repository as per https://techcommunity.microsoft.com/t5/ask-the-performance-team/wmi-rebuilding-the-wmi-repository/ba-p/373846
-
In Endpoint you can set the desired action here:
-
What records are you trying to add to the hosts file?
-
Remove the following lines from C:\Windows\System32\drivers\etc\hosts and reboot the machine:
0.0.0.0 expire.eset.com
0.0.0.0 edf.eset.com -
If you are using ESET PROTECT Cloud, the issue will be fixed automatically soon.
-
Please provide logs collected with ESET Log Collector so that I can check your exclusions.
-
On 9/14/2021 at 6:14 PM, jmcnab said:
So how do you disable web protection and phishing protection and not have it alert within a policy?
You can disable the warning in the application statuses setup:
Again, you do it on your own responsibility and risk and you cannot blame ESET for possible infection after disabling crucial protection features.
-
First of all, please sign up for this ESET forum and after registration re-post in the appropriate product subforum and provide logs collected as follows:
- enable advanced logging under Help and support -> Technical support
- reboot the machine
- disable logging
- collect logs with ESET Log Collector and upload the generated archive here.
How do I disable parntal controls completely and not get any kind of security warning
in ESET Internet Security & ESET Smart Security Premium
Posted
Probably you have disabled also other protection features. Please provide logs collected with ESET Log Collector.