Marcos
-
Posts
36,507 -
Joined
-
Last visited
-
Days Won
1,453
Posts posted by Marcos
-
-
Quote
According to the below, only IP addresses are allowed for a proxy server:
I don't think this is true. The help says "address", not "IP address" and I didn't find it mentioned anywhere that entering a hostname instead of an IP address shouldn't work.
-
1 hour ago, kittenofd00m said:
I am having the same issue.
I can only repeat what I have already stated: The issue has been already fixed in v12.2 beta.
-
Please create a support ticket since this is something that cannot be solved here in the forum.
-
Are you positive that nslookup can resolve the hostname but if entered correctly in the EAV advanced setup -> tools -> proxy server neither updates nor LiveGrid checks work ?
-
It's nothing unusual, I have several similar records as well:
Time;Application;Operation;Target;Action;Rule;Additional information
5/28/2019 4:38:13 PM;C:\Windows\System32\svchost.exe;Get access to another application;C:\Windows\System32\winlogon.exe;blocked;Self-Defense: Do not allow modification of system processes;Modify state of another applicationSo unless you are experiencing issues caused by SD, consider it normal.
-
The product will work without activation because it doesn't support it. A brand new version of Endpoint for Linux with the activation system will be available probably next year.
If you plan to update the computer from a mirror, just set the path to the mirror through a policy. If the client will access it through a network share, also the username and password for authentication to the mirror folder will be needed which is not needed if the mirror is accessible via http.
If the machine has Internet connection and you plan to update it from ESET's update servers, just send a software install task to the client and the agent will add a username/password for authentication against ESET's update servers in the configuration.
-
For those who have a license for ESET Dynamic Threat Defense and connect through a firewall with the communication restricted to IP addresses, as of June 3 we are going to add a new server in the US which also brings a change of the IP addresses of EDTD servers as follows:
https://support.eset.com/kb332/#EDTD:
Hostname IP address r.edtd.eset.com 137.117.138.135 (Europe)
13.83.244.211 (USA)
d.edtd.eset.com 137.117.138.135 (Europe)
13.83.244.211 (USA)
The nearest server for communication will be picked based on your IP address. We recommend allowing communication with both IP addresses.
-
Good to hear that you've nailed it down. Please do not hide a topic when an issue has been resolved since other users may come across it as well and search for an answer here.
-
The current version of Endpoint for Linux does not support activation yet. If you want to update it from a mirror, you just enter the path to it in the update setup and that's it. In case the machine has visibility to the ESMC server, you can manage it and change settings via a policy.
-
What happens if you enter the license key in the activation window under Help and support -> Change license?
-
It is. If it is causing an issue to your system, we'd like you to elaborate more on it so that we can further investigate it.
-
No, it shouldn't. We protect our services and no other process should be allowed to tamper with them in any way.
Please disable logging of all blocked operations since besides bigger logs debug logging has also adverse effect on performance.
-
If you are having an issue with Self-defense, please elaborate more on it. Otherwise disable logging of blocked operations in the advanced HIPS setup which should only be enabled while troubleshooting HIPS-related issues.
-
Please create a support ticket via the internal form so that logs from Parental Control are submitted to ESET for perusal.
-
There are currently no such plans.
-
Chrome OS is not supported. Parental Control can only be installed on Android. It's also part of ESET Internet Security and ESET Smart Security Premium for Windows.
-
It's enabled by default in HIPS setup:
-
It will be fixed in v12.2. I reckon the beta version has it already fixed.
-
Please check https://forum.eset.com/topic/19566-dynamic-group-to-pick-up-multiple-old-versions-of-eset/ for information how to create a dynamic group with computers running an older version of ESET security product. Subsequently you can send a software install task to the group to upgrade the security product to the latest version.
-
By default ESET security products check for new version of modules in 1 hour interval plus we also employ streamed updates and LiveGrid check for maximum protection.
If you mean program updates, currently you need to create and send a software install task on clients when you want to upgrade a security product to a newer version. However, we now have so-called micro program component updates ready which will allow for automatic update to the latest version if you configure program updates to be installed automatically.
-
Of course the bug when Ransomware shield detection is not logged on clients manifests every time a suspicious (encrypted) file has been created by renaming, however, that's the only bug related to your report.
I don't see any problems with the records you marked with the red rectangle. Please clarify and post a screen shot with alarm details.
-
5 hours ago, ebudihar said:
what about for Cambodia? Do you have a special price for non profit organization education based?
Please contact your local distributor to answer your questions. For contact information, refer to https://www.eset.com/kh/about/contact/.
-
Ok, so this is most likely what happened:
- the support agent received encrypted files from a customer
- upon saving the encrypted files on a disk, Ransomware shield detected a suspicious behavior and triggered a detection which was not logged locally in the Detection log due to a bug but it was reported to EEIWhat I would suggest:
- Excluding the ESET folder in which files from customers are saved to
- Editing ACL and denying the permission to read & execute files in the folder to prevent the support agent from executing malicious files that might be saved there. -
0b36728a48fbff17a45be400c628052e6dca95fc - NSIS/CoinMiner.T trojan
NsCpuCNMiner32.exe - a variant of Win32/CoinMiner.DQ potentially unwanted application
NsCpuCNMiner64.exe - a variant of Win64/CoinMiner.CZ potentially unwanted applicationThe first one is a NSIS archive, the detection was added in April 2018. The other 2 executables (PUAs) are inside the NSIS archive, the detection was added in July 2017.
NOD32 Antivirus and HDDs help
in ESET NOD32 Antivirus
Posted
Do you have ESET installed on the SSD? Do the disks start spinning up right after double clicking the ESET icon in the tray?