Jump to content

Marcos

Administrators
  • Content Count

    16,850
  • Joined

  • Last visited

  • Days Won

    715

Everything posted by Marcos

  1. They will need to make all agents connect to the HQ ESMC server. We recommend installing HTTP Proxy in each subsidiary and configure Endpoint and agent to connect through it.
  2. If you don't want to have Endpoint managed, simply download ESET Endpoint Antivirus or ESET Endpoint Security (depending on your license), install it and activate it during installation or afterwards via gui.
  3. You can temporarily enable logging of blocked operations in the advanced HIPS setup and reproduce the issue. Then disable logging, check the HIPS log for details about blocked operations and adjust the blocking HIPS rule accordingly or create a new permissive rule.
  4. Are the machines able to reach the activation servers as per the KB https://support.eset.com/kb332/? Couldn't it be that a firewall or proxy is preventing ekrn.exe from communicating with activation servers?
  5. If you trust the remote computer, exclude it from ARP cache poisoning detection.
  6. Check the Filtered websites log to find out what application attempted to access the blocked url.
  7. The license was purchased on Oct 31, 2019 and is valid until Oct 30, 2020. If you think this is not correct, contact Adaox, the distributor from whom you purchased your license.
  8. Do you actually use ESET Internet Security on a laptop or ESET Mobile Security on a mobile phone? The position of a device can be reliably detected only using GPS on mobile phones.
  9. Simply uninstall ESET from the former phone and install it on the new one.
  10. Scanning archives is a resource intensive operation since each file from an archive or installer has to be unpacked first and then scanned. Smaller files are unpacked in memory, bigger files on a disk. It is obvious that big archives, containers or images, such as iso or img that are gigabytes in size cannot be unpacked and scanned in the blink of an eye and the more such files are on a disk, the more files they contain and the bigger they are, the longer it will take to scan them. Therefore it is not unusual that in extreme cases scanning whole disks may take even a day or more.
  11. V prvom rade si nainstalujte skusobnu verziu ESET Internet Security, zaktualizujte ju a preskenujte vsetky jednotky. ESET Online Scanner. Tiez by bolo vhodne, keby ste sem nahrali snimok obrazovky s danou detekciou, kde je vidno aj cestu k suboru. Samotny subor potom vyskusajte skontrolovat na www.virustotal.com a prilozte sem linku k vysledkom.
  12. Try disabling archives and see how much faster the scan will be. We continually add support for additional types of archives and installers which causes more and more files to be scanned over time. Then you can also disable advanced machine learning for a test which may also have effect on the scan time.
  13. I don't think this is possible since it would be a bad idea to notify spammers about undelivered spam to existing actual email addresses.
  14. We didn't brake anything. Advanced Machine Learning was added in v13 which also contributes to the said performance problem. You could theoretically disable AML but you don't need to do that since it's much safer to exclude the particular file than the whole protection feature. The issue is specific to utorrent, the way it is packed and unpacked on execution. We are not aware of such issues with any other applications.
  15. I'd strongly recommend raising a support ticket with your local customer care.
  16. I'd suggest the following: - Remove all custom rules - Switch the firewall to learning mode - Connect to the media server from another machine - Switch the firewall to automatic mode - Review the rules and edit them as necessary. Test communication after making changes in particular rules. If that doesn't help: - enable advanced network protection logging under Tool -> Diagnostics - reboot the machine - reproduce the issue with blocked communication - disable logging - collect fresh logs with ELC and provide them for perusal. Also include information about the IP address from which the media server was accessed and the communication was blocked.
  17. If you previously deployed agent via GPO, uninstall it via GPO first prior to re-deploying it using the current CA and agent peer certificates. Also keep in mind that if re-deploying agent over an older version of the agent, it needs to be done twice. First agent upgrades to the latest version and in the course of the second run certificates are updated. In case of issues, please check C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html and trace.log for possible errors.
  18. Sounds like a device with multiple adapters and sharing the same IP address responds to ARP queries. Hover the mouse cursor over "computer" and if you trust the device, click "Change handling of this threat" and exclude the detection for the particular IP address.
  19. So far we have not received reports about such issues. Are you able to start Windows in safe mode? In safe mode ESET's drivers are not loaded.
  20. As long as a malicious application is recognized and detected, it cannot be installed without disabling ESET's protection.
  21. What do you mean by locking drives? The only feature capable of blocking external drives is Device Control with an appropriate block rule created. Try disabling Device Control, reboot the machine and see if the issue goes away.
  22. It is weird that the issue occurs also with the CE module 1745.13. Would it be possible to get a complete memory dump (or active memory dump on newer OS's) from the state when the system is unresponsive? For instructions, please refer to https://support.eset.com/kb380/.
×
×
  • Create New...