Jump to content

Marcos

Administrators
  • Content Count

    22,669
  • Joined

  • Last visited

  • Days Won

    952

Posts posted by Marcos

  1. Unfortunately you didn't mention the website you visited when revoked cert. was reported. However, it's unlikely to be a false positive.

    In case of revoked certificates it is a security risk to visit the website since there must have been a good reason for certificate revocation. If the issue had been fixed, an owner of the website would have replaced the cert. with a valid one.

    It's like complaining that ESET doesn't allow you to run a crack because you think it's safe but in fact it would be a malicious trojan disguised as crack.

  2. OOBE check has been there since EFSW 7.1. As for the issue after upgrade to v7.3, did you upgrade from an older version (7.0, 6.5) that didn't check the OOBE status?  That said, after upgrade to v7.3 from v7.1 or 7.2 you shouldn't end up with non-functional real-time protection.

    According to developers, the status is determined through a Windows API function and registry values are unreliable.

  3. Startup scan tasks are an important protection layer. Unlike real-time protection, they also scan operating memory and other file-less malware locations, such as the registry autorun keys or the WMI repository.

    First of all, please upgrade EFSW to the latest version 7.3 and let us know if makes a difference.

    If not, enable advanced oper. system logging in the advanced setup -> tools -> diagnostics, reproduce the issue, then disable logging. Do not leave logging enabled for more than 5 minutes so that the generated log is not too big to process. The log will grow quickly; it can reach 1 GB in less than 5 minutes.

    When done, collect logs with ESET Log Collector, upload the generated archive to a safe location and drop me a personal message with a download link.

    Also let us know if disabling the startup scan after user logon makes a difference.

  4. When the issue occurs, please enable advanced operating system logging in the advanced setup -> tools -> diagnostics, leave it logging for 2-3 minutes and then disable it.

    Then click "Create" in the Diagnostics section of the advanced setup to generate an ekrn dump. Next collect logs with ESET Log Collector, upload the generated archive to a safe location and drop me a personal message with a download link.

  5. Release Date: February 11, 2021

    ESET PROTECT 8.0.19.0 has been released and is available to download.

    Changelog:

    Version 8.0.19.0 (hotfix)

    • IMPROVED: An explanation message is displayed when trying to insert a bundle license that must be inserted to ESET Business Account first
    • FIXED: License synchronization fails after upgrade to ESET PROTECT 8.0 when multiple EBA/EMA accounts containing the same license are linked to ESET PROTECT
    • FIXED: Offline licenses are not displayed after upgrade from ESET Security Management Center to ESET PROTECT
    • FIXED: Issue with opening/reading PDF reports sent by email (base64-encoded) 
    • FIXED: Synchronization of static groups could cause a crash during the removal of duplicates or end with errors about recreated computers
    • FIXED: Custom Apache configuration is overwritten during the upgrade
    • FIXED: In some cases, Detail in the "Audit Log" overlapping other lines
    • FIXED: Unwanted Timestamps in filenames of reports
    • FIXED: Various other bug fixes

     

    Upgrade to Latest Version

    Upgrade my ESMC server to the latest version

     

    Support Resources

    ESET provides support in the form of Online Help (user guides), fully localized application and Online Help, online Knowledgebase, and applicable to your region, chat, email or phone support.

  6. 28 minutes ago, peteyt said:

    @MarcosI know I believe some AVs allow you to right click on their icon and click unblock last AV but not sure if this would be considered too easy and so too risky.

    Exactly. Sometimes we receive complaints that ESET blocks a particular website and other AVs don't so it must be a false positive. However, subsequently checking the website it turns out that the website was compromised and ESET detects actual malware there. Giving the user an easy option to continue to a blocked website could result in infection of the system.

    By contrast, PUA websites provide the user with an option to continue to the website since PUAs do not pose actual danger to user's system.

×
×
  • Create New...