-
Posts
38,006 -
Joined
-
Last visited
-
Days Won
1,507
Everything posted by Marcos
-
esmc server not talking to itself
Marcos replied to roga's topic in ESET PROTECT On-prem (Remote Management)
Do you have ESMC Agent installed on the server? Are there any errors in C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html or trace.log? -
ESET File Security is intended for file servers; it does not include a personal firewall.
-
Plenty of Spam from outlook.com
Marcos replied to Jacksun's topic in ESET Products for Windows Servers
A link to instructions how to collect logs with ELC can be found at the right hand side of this forum, in my signature or simply go to https://support.eset.com/kb3466/. Besides providing ELC logs here, also create a support ticket and provide your local customer care with the logs as well. Adding an exclusion for a domain should generally work. -
Endpoint install does not run services
Marcos replied to 6B Support's topic in ESET Endpoint Products
Please collect logs with ESET Logs Collector and provide me with the generated archive. Did you already activate the product? -
Nowadays more and more malware communicates over SSL so scanning the communication is critical for keeping the system safe and malware free. Abandoning SSL scanning would substantially deteriorate protection capabilities of particular AV products. If Microsoft provided a better way of scanning SSL communication, we would not be forced to do SSL introspection.
-
It depends on how sensitive documents and files were on the machine. For instance, if it was a computer in a bank with customers' data, I'd prefer re-deploying the OS from a clean image than just cleaning the malware itself if it was running there and the actions and changes to the system were not tracked, e.g. using an EDR solution. If it was just a home computer, I'd trust the antivirus that it has cleaned the malware completely. Also you mentioned that you had uninstalled the malware. However, malware does not install in the OS and does not appear in the list of installed programs so I assume you might have meant a potentially unwanted application and not actual malware.
-
Since you have posted in the ESET Endpoint Encryption forum, is the issue actually related to that product or you had the issue with Endpoint Security or Endpoint Antivirus?
-
I always recommend turning it on and exclude any such application by the detection name if it begins to be detected then and is intentionally used for legitimate purposes by the user. PUsA also cover tools that can be used by attackers to stop or uninstall AV in case of a breach via RDP for instance.
-
This is offtopic but ok, let's answer it. There's nothing wrong with ESET, we're better and better day by day. Recently we've achieved top results in a test of a prestigious testing company. As you probably know, taking part in a test costs really a lot of money so AV companies have to carefully decide which tests they will take part it. As for AV Test, we continue to be tested in private tests where we already receive excellent score.
-
What kind of information are you referring to? If you mean how we get new malware, there are many sources from which AV companies receive it and also the companies share a portion of samples with other ones. A very valuable source of samples are those submitted automatically from users via the LiveGrid Feedback System which helps us react instantly to new borne malware. Of course, in order to take advantage of that, you'd need to use the last version of our products that support streamed updates and have also other security features not present in older versions that help us proactively react to suspicious behavior without updates. Besides that, we offer ESET Dynamic Threat Defense for corporate users which performs instant analysis of suspicious files in a sandbox and samples are evaluated using Augur, our machine learning system and by other mechanisms for maximum accuracy. For a list of ESET's technologies that protect our users, please read https://www.eset.com/int/about/technology/
-
Not sure what you would like to know about these updates. The engine as well as some other modules are updated 6 times a day to cover recently discovered malware.
-
Old versions like Endpoint v5 update 6 times during work days. The latest version of Endpoint (v7) updates every 10 minutes besides standard modules updates that I've already mentioned. The task should be run as soon as the client connects to the ERA Server. With ESMC, it's performed instantly after sending a wake-up call.
-
Virus Signature DB update issue.
Marcos replied to Abhisheksinghal's topic in ESET Endpoint Products
The updater has never returned the error you've mentioned. It sounds like an error returned by ERA. Please run update manually on a client and provide us with the error message you get. -
I would suggest the following: - reboot the machine - enable advanced logging under Help and support -> Details for customer care - reproduce the issue - disable logging - collect logs with ESET Log Collector - open a support ticket with your local customer care and provide them with archive the generated by ELC.
-
Virus Signature DB update issue.
Marcos replied to Abhisheksinghal's topic in ESET Endpoint Products
What error is reported on such clients if you run update manually? Do they update from ESET's update servers? Do you use a proxy? I'd strongly recommend upgrading Endpoint to v7 and ERA v5 to ESMC for maximum protection against current threats as soon as possible. -
For instructions how to report blocked but already cleaned URLs, please refer to " Please read this before you post". Having said that, we'll draw this topic to a close.