-
Posts
35,853 -
Joined
-
Last visited
-
Days Won
1,428
Posts posted by Marcos
-
-
I'd recommend contacting your ESET distributor or reseller who should be able to merge the licenses and subtract the price for the remaining period if upgrading one of the licenses to a higher subscription.
-
It depends on whether you want to protect the host or guest machine. If both, ESET must be installed on both the host and guest which will consume 2 license units.
-
Please provide logs collected with ESET Log Collector from the machine. There's no other reason for detecting excluded stuff than having the option to ignore exclusions enabled for scheduled scan.
-
4 hours ago, JohnnyMusso said:
I see the powershell task in Task manager but can NOT find it using procmon!
Yes, I confirm that PowerShell was not run. I'll try to get more details from developers on how registration of the shell extender is implemented on Windows 11.
-
Unfortunately the root cause of the issue is unknown. I can only recommend raising a support ticket that should be escalated by your local ESET technical support to ESET HQ for investigation.
-
Neither a SysInspector log nor advanced direct cloud logs were generated.
Please enable advanced direct cloud logging under Tools -> Diagnostics in the advanced setup, reproduce the problem, disable logging and collect fresh logs with ELC including a SysInspector log.
-
Performance exclusions - files are not scanned, exclusions are honored by all scanners.
Detection exclusions - files are scanned but the excluded detection name is not reported, exclusions are honored by all scanners. -
Both performance and detection exclusions are honored by all scanners.
Performance exclusions are used as a last resort to resolve performance issues, e.g. if an application is continually logging into a large html file which triggers a re-scan after each write.
Detection exclusions have no effect on performance and serve to silence a particular detection on files or folders.
-
I prefer using SSL Labs' checker which is most reliable according to my experience:
https://www.ssllabs.com/ssltest/analyze.html?d=windows.dns.nextdns.io
-
The address in the screeshot is windows.dns.nextdns.io:
Name: steering.nextdns.io
Addresses: 195.146.2.179
37.252.246.39
Aliases: windows.dns.nextdns.io -
It is not possible to generate a report with the history of particular module updates. Honestly there's not much sense in checking the engine version since detections are updated every 10 minutes via streamed (pico) updates that are not logged whatsoever.
-
It should not be a problem for the store to provide you with a valid activation key if they had kept the box on store for long until it expired. It would be different if you purchased the box long ago and the activation key expired after a couple of years but this doesn't seem to be the case.
-
I'm not getting any warning and SSL Labs report no issues either so it must be a local problem with a revoked cert. or missing a CA root certificate. You can raise a support ticket for investigation as further logs and a list of revoked and installed CA certs will be needed.
-
Is AI companionship the future of not-so-human connection – and even the cure for loneliness?
-
If you are behind a firewall or connect through a proxy, make sure that connection to ESET servers is allowed.
If that's not the case, please provide logs collected with ESET Log Collector.
-
V17.1 is planned for 24Q2.
-
Most likely the scheduled scan is configured to ignore exclusions. Please check it out.
-
I'm afraid that the question is too broad and without more information, such as an article with IoC we won't be able to comment on it. If you have a link to share, please provide it. Generally an antivirus should detected any kind of malware so ESET very likely detects it.
-
Could you try switching to the pre-release update channel at least some of the troublesome machines to check if the issue persists with the latest Configuration module 2099.8?
-
Does this happen with ESET Endpoint Antivirus 7.4.1500.0 installed? Do you have a VPN installed as well?
-
Customer support for home users is provided by an external company in the USA, however, the staff should be trained to handle support cases properly. I've asked colleagues from the US to look into it. The technical support should have helped you create a ticket and at least collect ELC logs and pass them to ESET HQ for assistance with the case.
If PowerShell continues to run after Windows starts. please try to create a Procmon boot log by following the instructions in the linked KB. Beforehand please temporarily disable protected service in the HIPS setup in the advanced setup and reboot the machine. When done, save the Procmon log unfiltered, compress it and supply it to me via a personal message or upload it to a safe location and drop me a message with a download link.
-
Could you please run the ESET Uninstall tool in safe mode at least twice in a row to make sure that ESET is not detected the second time?
I believe the error "Database: C:\ProgramData\ESET\ESET Security\Installer\fix_norepair.mst. Cannot open database file." should not be reported if an old version of ESET was removed from the registry completely.
-
I believe you should be able to extend your license by entering your license key at https://sklep.eset.pl/ and following the on-screen instructions if you purchased your license from the Polish distributor.
-
23 minutes ago, Bobson said:
Hi all. I have exactly the same problem: QNAP TS-h1283XU-RP, ESET Endpoint Security 11.0.2032.0. Any solution?
Please try disabling scanning of network drives in the real-time protection setup. A fix will be included in the next hotfix of Endpoint v11.
Eset Website Certificate Revoked
in ESET Endpoint Products
Posted
The SSL certificate used by one of their web servers was indeed revoked. You can inform the owner of the website about the issue.
https://www.ssllabs.com/ssltest/analyze.html?d=seec.gov.sa&s=194.32.161.69&latest