-
Posts
36,872 -
Joined
-
Last visited
-
Days Won
1,464
Posts posted by Marcos
-
-
You can create a blocking rule and put it on top of pre-defined rules that are hidden by default to take precedence over them. Do it on your own risk and in case something stops working it might be because of that.
-
If you have marked your local network as home/office and not as public, sharing via SMB will be allowed within your network but blocked from outside.
https://www.thewindowsclub.com/smb-port-what-is-port-445-port-139-used-for
...it is in our interest to not expose Port 445 to the Internet but like Windows Port 135, Port 445 is deeply embedded in Windows and is hard to close safely. That said, its closure is possible, however, other dependent services such as DHCP (Dynamic Host Configuration Protocol) which is frequently used for automatically obtaining an IP address from the DHCP servers used by many corporations and ISPs, will stop functioning.
-
Please refer to How do I report a false positive or whitelist my software with ESET? in the FAQ.
However, in this case the url will most likely remain blocked.
Since this forum is not meant to be a channel for disputing detections and blocks, we'll draw this topic to a close.
-
Your computer is infected. What version of ESET Endpoint do you have installed? Please remember that even installing an antivirus on Windows XP will not make it safe; we strongly recommend considering upgrade to a modern, safer and fully supported operating system in order to be protected to the maximum possible extent.
-
Please install Wireshark and start logging network communication when you notice high network traffic by ekrn.exe. Also create a complete application dump of ekrn via the advanced setup -> tools -> diagnostics - Create (dump). Beforehand make sure that you have full application dumps enabled. After changing the setting confirm it by clicking OK.
Leave Wireshark logging the network communication for a few minutes while ekrn is communicating. After saving the log, compress it together with the dump, upload the archive to a safe location and drop me a message with a download link.
-
The countersignature method of time stamping allows for signatures to be verified even after the signing certificate has expired or been revoked. The time stamp allows the verifier to reliably know the time that the signature was affixed and thereby trust the signature if it was valid at that time. Therefore you can disregard the SHA1 and SHA256 signatures.
-
For a start please generate a Procmon log during installation and then collect logs with ESET Log Collector. Compress the Procmon log, upload both archives to a safe location and drop me a message with download links. Also I'd recommend opening a support ticket for your local customer care so that the case is properly tracked.
-
On Windows 7 you should be able to use the latest version of Firefox 66.0.5. Is there any reason why you haven't upgraded yet? If disabling protocol filtering doesn't make any difference, then ESET should not be involved and even uninstalling it should not make the issue go away.
-
The next step is to check if the number of files in C:\ProgramData\ESET\ESET Security\Logs\eScan rises each time a scheduled scan is due to run.
-
First of all, I'd like to remind that this forum is not meant to be a substitute for contacting customer care. It was primarily made to share the knowledge with other users and ESET moderators and it doesn't have the functionality of CRM that would allow for tracking issues.
In case you don't receive a response within a reasonable time, we kindly ask you to ask for an update in your post or contact a moderator via the forum messaging system.
I've had a look at the log and all the processor was basically idle (92,28%). 3dsmax.exe utilized 2,78% of the cpu and egui.exe 1,31%.
What is weird is that with v12.1 egui.exe should not run unless you open the main gui through the tray icon. Please make sure that egui.exe is not running after a reboot (only egui_proxy should). Without egui.exe among running processes, launch 3DS Max and check if the issue occurs.
-
What browser did you use? Did you also try opening IE on Windows 7? If you mean the website https://www.wires.co.uk/, it uses an EV certificate which means its not filtered / scanned by default by ESET so disabling SSL filtering should have no effect on it. Did you also try disabling protocol filtering?
-
Things like this must be tracked. You can provide a list of things that don't work as expected and we will create tickets for developers if necessary. However, it would be better if LATAM support did it based on your support ticket in their system so that you could inquire about it at a later time by a reference to your ticket.
-
The best course of action would be to contact LATAM technical support that would subsequently report the issues you have in a ticket for ESET HQ developers.
-
We don't need ELC logs. You'd better create a dump of ekrn through the advanced setup -> tools -> diagnostics. However, whether real-time protection starts or not does not depend on the registry value but on the state that the OS reports. The registry value just tells what state it the system is in, however, we've seen that the actual state often differs from what is in the registry.
-
No problem here with v12.1.34:
Please check if the number of files grows in "C:\ProgramData\ESET\ESET Security\Logs\eScan".
-
Please report it to samples[at]eset.com and provide logs collected with ESET Log Collector as well.
-
-
You can deactivate seats that have not reported to ERA for a longer time either through ELA/EBA or by using a server task "Delete not connecting computers".
-
This registry value should be controlled by Windows each time it starts. Forcing a value manually may have unforseeable effects on the system. There are good reasons why it's checked.
-
By sideloading you mean transferring files from your mobile to your pc? Is it a phone running Android? How do you know it "uploads" spyware? Is it detected on the pc?
-
A secure browser doesn't load add-ons and plug-ins except trusted ones allowed by ESET. Also keystrokes are scrambled to prevent keyloggers from stealing what the user types.
-
25 minutes ago, kamiran.asia said:
And what can be the reason of IMAGE_STATE_UNDEPLOYABLE ?
I'm sorry, we have no clue. I've tried googling for possible reasons to no avail. We've had several cases like this (usually with even a different image state) when we could only suggest reinstalling the OS.
-
Just now, kamiran.asia said:
We are waiting for your update.
I was right, real-time protection doesn't activate because of the image state IMAGE_STATE_UNDEPLOYABLE. There's something wrong with Windows, it should be in IMAGE_STATE_COMPLETE state.
-
The system is in a weird state IMAGE_STATE_UNDEPLOYABLE. I'm just consulting it with developers but this could be the reason for real-time protection not being activated. An expected state is IMAGE_STATE_COMPLETE.
Firewall Blocking My own Computer
in ESET Internet Security & ESET Smart Security Premium
Posted
Please elaborate more on the issue that you are having. What connections are blocked? How does it manifest? Do you have an application that doesn't work properly because of that? Do you use automatic firewall mode without any custom rules? Did you set your local network as home/office (trusted)?