-
Posts
36,336 -
Joined
-
Last visited
-
Days Won
1,445
Everything posted by Marcos
-
Exclude file type from all scanning
Marcos replied to jdashn's topic in ESET PROTECT On-prem (Remote Management)
1, I assume you meant *.doc just as an example since document files often contain malicious macros nowadays and thus they should never be excluded from scanning. 2, As for the cleaning mode, I was not referring to your post but to the other complaint from another user. 3, As I wrote, neither vhd files nor the other formats you mentioned are scanned by real-time protection so basically you shouldn't need to exclude them. If there's a really good reason for excluding them, we would like to hear more details about the issues that occur when those files are not excluded. -
You should not use the Agent deployment task which is intended for deploying agent if not installed yet. To upgrade existing agent to the latest version, use the client task "Security Management Center component upgrade" which you can assign to a dynamic group with outdated agent version, using the Joined dynamic group trigger .
-
This FP existed only for a short time and was already fixed at the time you reported it. It takes a few minutes for the product to get current lists from LiveGrid, hence it took little time until the issue was resolved on your machine.
-
Please follow the instructions for submitting samples at https://support.eset.com/kb141. However, since it's a crack, generally I would not recommend running it regardless of what it does.
-
Regarding the transfer of your license, simply uninstall ESET from the former machine and install it on the new one. During uninstall, deactivation will be performed and the license will be freed for activation on another machine.
-
Are you able to log in to the AT portal from a pc o notebook alright?
-
Hello, Please provide me with the case ID number so that I can check with ESET LLC what happened with the ticket. Regarding your questions: 1, It is very highly unlikely you would have malware that simulates keystrokes or mouse to change your ESET settings. Anyways, you can set a password to protect them, if you wish. I'd suggest exporting the config to xml files and comparing them to see if there are any differences. I assume it's just a gui glitch or whatever. 2, You can create a general block rule, put it on the top of the rules and then creating permissive rules for applications that you allow to communicate over the Internet.
-
There was no issue according to the install log: MSI (c) (C0:D0) [09:13:37:668]: Product: ESET Endpoint Antivirus -- Installation completed successfully.
-
offline update
Marcos replied to Amin El-Zein's topic in ESET Internet Security & ESET Smart Security Premium
The mirror feature for updating offline computers is available only in business products. Products for home users require Internet connection to update. -
Please provide especially install.log. It's mentioned in the KB, step 4: The install path will be inserted into the Run window. Type (space) /lvx* install.log at the end of the install path, and click OK.
-
EFSW is configured to update from ESET's update servers: Is the computer completely offline or it's connected to another computer with Internet connection that creates a mirror? If the latter, it'd be easier and safer (because of LiveGrid) to use an http proxy to update modules and lists from ESET's servers through the proxy.
-
BabylonNG_setup.exe - false positive
Marcos replied to BabylonSoftware's topic in Malware Finding and Cleaning
First of all, we kindly inform you that according to this forum rules this forum is not a channel for disputing detections. The application is correctly detected as potentially unwanted, ie. PUA detection is optional and it's at users' discretion whether they enable detection or not. Even with enabled PUA detection, users can easily exclude a particular PUA from detection if they want to. More information about PUA detection can be found at https://support.eset.com/kb2629. Having said that, we'll draw this topic to a close. -
Please provide an install log from a failed installation as per the instructions at https://support.eset.com/kb406.
-
The only possibly related information are regarding the process mb_warband.exe which has read 2115 bytes of data from C:\Users\Sixxo\Documents\Mount&Blade Warband\rgl_config.txt. There was no write to this file logged. If you want us to analyze what happened, we must receive a correct Procmon log from time when a process modified that file.
-
EIS and scan result windows
Marcos replied to PassingBy's topic in ESET Internet Security & ESET Smart Security Premium
1, You can turn on the filter to filter out non-threat related records, such as problems opening files. 2, This is possible in v12.1 which is currently available for testing within the Insider program. In order to see details about running scans, click "Open scan window" where you will see what threats have been found so far. -
Try reinstalling the agent on a client using current CA and the peer certificate. Should connections to the ESMC server be still refused, please check C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html and the tracelog. You can post status.html here so that we can check the errors.
-
Yes. Do not run the game longer than necessary since Procmon will log a lot of data and the log will grow quickly. When done, save the log, compress it, upload it to a safe location (e.g. DropBox, OneDrive, etc.) and drop me a message with a download link along with the full path to the file was modified.
-
Yahoo.com sets off router hacked warning suddenly
Marcos replied to MickeyMoose's topic in Malware Finding and Cleaning
Yes, I confirm it's a false positive. The IP address was blocked by a robot almost a day ago. It's been fixed, you can reboot the machine to enforce download of current url lists.