Jump to content

Marcos

Administrators
  • Posts

    24,541
  • Joined

  • Last visited

  • Days Won

    1,025

Everything posted by Marcos

  1. The detection will be changed to aggressive so it won't be detected unless you change the detection sensitivity threshold for suspicious applications.
  2. That explains it - nobody else has it so it was it was submitted because it fulfilled certain criteria for submission.
  3. Maybe you were among the first to receive an update of emule. Had such file already been submitted by someone else, it wouldn't have been submitted from your machine.
  4. It appears that everything has been said and continuing the topic makes no sense for other users either. Having said that, we'll draw it to a close.
  5. Updates are downloaded via http but files are digitally signed to prevent tampering. Update and download servers are located in several countries around the globe; obviously some servers must be also in the US since it's a country with many ESET users and some of the update servers must be close to them. Since you are from Europe, ESET should route the communication to the nearest servers instead of connecting to the US.
  6. Lessons to learn from the Kaseya cyberincident to protect your business' data when doing business with a MSP. The post Choosing your MSP: What the Kaseya incident tells us about third‑party cyber risk appeared first on WeLiveSecurity View the full article
  7. Is ESET generating high CPU utilization during a long period that it would cause increase of battery consumption? You can temporarily uninstall ESET and leave Windows Defender protect your system for some time to find out if it actually makes a difference.
  8. Please open a support ticket with your local ESET distributor. They will provide you with a logging version of the Outlook plug-in and instructions to follow. The log will then be submitted by ESET UK to ESET HQ for perusal.
  9. You may be getting sync issues on older messages that are already in inbox. It may take longer to remove the EsetMessageFlag from existing messages after enabling DisableInboxChangesChecking if there are many of them in inbox. Newly received messages will not have that property.
  10. However, using a loose url exclusion for any detection is not safe.
  11. Probably because the first two are not supported browsers and you may need to enable SSL filtering for them + import the ESET root CA certificate into their trusted root CA cert. store manually if the system trusted root CA cert. store is not used.
  12. Unfortunately we don't know the app PR Doc Module so we can't tell if allowing access was safe or not.
  13. How can organizations mitigate the risk of damaging cyberattacks while juggling the constantly changing mix of office and off-site workers? The post The hybrid workplace: What does it mean for cybersecurity? appeared first on WeLiveSecurity View the full article
  14. If you can reproduce the BSOD please let us know and we will provide you with a batch file that will enable a special pool that will help us locate the troubling driver overwriting or corrupting memory allocated by ESET which results in BSOD.
  15. Component-based remote installation via Apple Remote Desktop is described here: https://help.eset.com/ees_mac/6.10/en-US/remote_installation_package.html 1, Create an installation package using the Remote installation mode in which you can select the components to install. 2.Copy the following files using Copy filer or folder in Apple Remote Desktop to the /tmp folder on the target computer: If you are installing all components, copy: - esets_setup.dat If you are not installing all product components, copy: - esets_setup.dat - product_components.dat
  16. It's there: https://www.eset.com/int/business/download/eset-protect/#standalone
  17. Currently you have 2 options: 1, Exclude the detection on any website. The detection covers a specific obfuscation so it may be triggered on legitimate (e.g. ad-enabled) websites. 2, Add the hostname or the whole or partial url to the list of websites excluded from content filtering. However, there's a risk that other possible malware on the excluded url would not be detected if the website is not 100% trusted.
  18. You can request and work only with the configuration from a particular endpoint. It is not possible to download the config from multiple machines and merge them into one.
  19. Strange. For me the following exclusion works and the detection is not triggered on the CDN urls listed in the list that @Brple54provided.
  20. If you use a firewall, make sure that ekrn.exe can communicate on TCP and UDP port 53535.
  21. I'd recommend reproducing it with advanced device control logging enabled (adv. setup -> tools -> diagnostics) and subsequently providing logs collected with ESET Log Collector to customer care for perusal.
  22. You can also create a detection exclusion from logs: Afterwards you can make the exclusion safer by editing it and setting the path to https://cdn-*-prod.pogospike.com/*
  23. You can click "Do not remind me again" in the notification:
  24. After it starts it can scan any files, including drivers. A driver itself cannot scan files or drivers.
  25. It's ekrn.exe which scans files for threats.
×
×
  • Create New...