Jump to content

Marcos

Administrators
  • Posts

    35,853
  • Joined

  • Last visited

  • Days Won

    1,428

Everything posted by Marcos

  1. There's just one installer for ESET Server Security v11. Whether it has the firewall or not depends on the offline license file.
  2. The license for ESET Server Security with a firewall has code 318. Make sure that you generate an offline file for this product and use it. We plan to change the name of this product in EBA to distinguish it from the other product.
  3. ESET NOD32 Antivirus is the only product that doesn't contain network protection and thus doesn't generate a pcap with network traffic either. In that case a pcap log needs to be created with Wireshark. There seems to be a weird communication problem on both machines since even the download of a stand-alone ESET SysInspector by ESET Log Collector was failing: [12:31:29.337] Downloading ESET SysInspector from https://go.eset.com/esi?platform=x64 to C:\Users\xxxxx\Downloads\SysInspector.exe... [12:31:40.386] ERROR: ESET SysInspector download failed (If the problem persists, please download the ESET SysInspector manually and place it to the same location as ESET Log Collector.) Are the users able to download it in a browser from the above link?
  4. It's a detection of a suspicious obfuscation misused by malware. It is up to you if you trust the website or not. If it's trusted, creating an exception should be safe.
  5. You can create a detection exclusions as follows:
  6. I'm not getting any alerts while browsing the website. Most likely the malware has been removed in the mean time.
  7. We break down the fundamentals of threat intelligence and its role in anticipating and countering emerging threatsView the full article
  8. Could you post a screenshot of the error that the user is getting? I can open the site in Edge alright and no AV vendor has blacklisted it either according to VirusTotal.
  9. I was wrong, the result was from 1 hour ago. After re-scanning it, no threat was found and I'm not getting any alert from ESET while browsing the site either.
  10. The website is indeed infected: https://sitecheck.sucuri.net/results/https/peoplesparksolutions.co.uk
  11. Unfortunately I don't remember any handshake issues in the past. If there were issues, then no connection could be established which was not this case.
  12. We only see that handshake is failing, hard to say why. At least they could disable the appropriate application status on the machine so that it doesn't disturb the user. It should not have any effect on protection but some actions from ESET PROTECT or update of license information in the product may take much longer.
  13. Please contact technical support and report it as a request for feature update.
  14. From the screenshot it is not clear if you have set the server address as the IP address or hostname of the server. Is it failing with the IP address entered?
  15. If there's no update to your UEFI firmware that would not contain CompuTrace, you'll need to create a detection exclusion as per https://support.eset.com/en/kb6567.
  16. I'm confused now. The above screnshot is from ESET Endpoint Security but the logs were taken from ESET NOD32 Antivirus. Please clarify.
  17. It's written so in the help so it should be correct. Would you like to block trusted system processes for instance?
  18. This is an Endpoint forum so the users posting about the issue above do not have Anti-Theft.
  19. I'm sorry but I don't understand your question. Perhaps the best course of action would be raising a support ticket.
  20. If you have another cloud instance of ESET PROTECT, export each report template and import it to your instance. If you don't have any, deploy a virtual appliance and export it from there. You can also raise a support ticket and ask to restore the default report templates.
  21. The application is protected with Themida and is most likely not signed to lower the level of suspiciousness. You can submit the file to ESET via the built-in submission form. However, any future version can be detected unless the vendor starts signing the files or quits using Themida.
  22. Please raise a support ticket for help with troubleshooting the issue.
  23. Please raise a support ticket to find out what caused the overuse and how to fix it.
×
×
  • Create New...