Marcos
-
Content Count
20,081 -
Joined
-
Last visited
-
Days Won
870
Posts posted by Marcos
-
-
You can generate an agent Live installer as per https://support.eset.com/en/kb6904-deploy-the-eset-management-agent-to-a-macos-client-using-agent-live-installer-7x and then deploy the generated ESMCAgentinstaller.sh using a 3rd party tool. The procedure should be similar with Linux.
-
-
Please provide logs collected with ESET Log Collector so that we have information about your ESET product version, the OS and most importantly the hash of eamsi.dll. Older products didn't have the dll signed with a Microsoft certificate but newer products have.
As for AMSI\FeatureBits, this setting is meant for testing and may be changed with Windows update by Microsoft. It's not something that vendors should change.
-
2 hours ago, Narcos said:I have two pc. One got the version 13.2.16 two days ago, but the other one is still under 13.2.15.0
I have pre-release updates enabled and update to v13.2.16 was offered:
-
I see that you have no proxy set for the primary "My profile" profile:
That way it should be set only for the secondary "Inetenet update (non-proxy)" profile. Here you should set up your proxy server like as follows:
Since using direct connection if proxy is not available is enabled, also clients outside your network should be able to update using this update profile.
-
IDM supports scanning of downloaded files with a command-line on-demand scanner. It's possible to use ecls for this purpose:
Aryeh Goretsky reacted to this -
The cause of the event is not known yet. Despite the event being logged, AMSI appears to work fine.
-
Please provide ELC logs from a client so that we can check the configuration.
-
1 hour ago, JitzyJT said:As for limiting the connections which I didn't have to do anyway so I'm leaving it as it is.
If you don't do that bigger files downloaded in chunks will not be scanned. It was not a problem with eicar since it's a tiny file which is downloaded at once.
-
Is there any reason for updating from a mirror in your company instead of using an http proxy and updating from ESET's servers? I'm asking because using a mirror is not necessary in network environments where at least one machine has Internet connection. When using a mirror, you can't take advantage of streamed updates which are available when updating through a proxy.
In that case you could simply use the option to update directly if connection through a proxy fails.
-
1, In the list of SSL/TLS filtered applications change "auto" to "scan" for idman.exe:
2, In IDM setup, you may need to change the max. connections number to 1:
-
Web access protection cannot scan files downloaded through download managers. Downloaded files will be scanned by real-time protection or upon extraction from an archive.
-
What issues are you having when gamer mode is deactivated while playing games?
-
If you reboot the computer, how quickly does the memory usage grow? If you temporarily disable startup scan tasks in scheduler and reboot the machine, does the issue go away? Do you have the latest version of EAV 13.2.16 installed?
-
As far as I know, we receive information about available OS updates as well as the category of particular updates from the operating system itself. I'd recommend opening a ticket with your local support to troubleshoot the issue and to confirm that the root cause lies outside of ESET.
Also we kindly ask you to choose a more friendly display name and we'll change it for you. "n1ghtm4n4g3r" is difficult to remember, quote, etc. If there were more users with a similar display name, it would be impossible for everyone to attribute posts to particular users.
-
6 hours ago, Eddie said:I have to close my Outlook client to stop this this threat detection alert from occurring every minute. I even selected "delete emails" under Advanced Setup as posted by ITMAN on June 17.
Please read the instructions for collecting logs above and upload an archive generated by ESET Log Collector here.
-
Do you have ESET NOD32 Antivirus or ESET Internet Security / ESET Premium Security installed? The latter have a firewall so any non-initiated inbound communication must be allowed by a firewall rule. If the former, then there's nothing in the product that could block the communication. Does the issue actually go away after temporarily uninstalling EAV?
-
3 hours ago, Bingoose said:Same thing here. Since updating to the current version scans have been taking a ludicrous amount of time. Currently sitting through one that's at 40 minutes so far.
Select Advanced scans -> Custom scan. Unselect "Registry" and select the drive or path to scan; the scan will be as fast as before.
-
Please provide logs collected with ESET Log Collector from such machine.
-
First of all, please post in English so that moderators and other users can understand you and be able to help.
Please provide more information about what network issue you are having. The firewall troubleshooting wizard is there to help you solve connection issues.
-
Change log to No and that's all. However, rather than creating exceptions I'd suggest putting the machine behind a firewall and allow only the desired communication on the firewall. Otherwise the server will keep being attacked and one day attackers may succeed and get into your network.
-
You have SSL filtering disabled. You can enable it so that the content of https websites is filtered, the test phishing page should be detected then.
-
It depends on what scan profile you select. For instance, the In-depth scan profile has archives enabled and smart optimization disabled to ensure that every file is scanned. On the other hand, in-depth scans may take quite long.
-
Please provide logs collected with ESET Log Collector so that I can check your configuration.
JS/TrojanDownloader.Agent.THG
in Malware Finding and Cleaning
Posted
Please provide logs collected with ESET Log Collector. Prior to collecting logs, select also "quarantined files" in ELC.