Marcos
-
Posts
36,189 -
Joined
-
Last visited
-
Days Won
1,440
Posts posted by Marcos
-
-
The files were suspicious for some reason and therefore were uploaded to LG. In the advanced setup you can lower the size limit of submitted files which is 64 MB by default. Please collect logs with ELC and drop me a personal message with the generated archive attached.
-
I would recommend disabling the option for remote router administration from the Internet. If there was a vulnerability in your router or if a weak password was used, somebody could hack it.
-
The email was sent to the registration email address associated with your license. Please contact your local customer care if you need to change the registration email address.
-
Are you running an http server that is accessible from the Internet? Please post a screen shot of the message with details expanded.
-
Most likely it's pre-installed. In such case you should be able to disable the app in the system setup.
-
Please drop me a personal message with your license key included. To my best knowledge, it if forbidden for resellers to sell on ebay.
-
Wildcards are not supported. Excluding javaw.exe from protocol filtering is not safe since any communication of a possible java (jar) malware would not be scanned either. As an interim solution try excluding particular IP addresses and report the issue to customer care .
-
If there's at least one computer in the network with Internet connection, use the HTTP Proxy for caching update files and installers:
https://support.eset.com/kb5950/
Another way is updating from a mirror, however, this is not recommended since a lot of unnecessary files are downloaded with each update:
https://support.eset.com/kb3641
https://help.eset.com/era_install/65/en-US/mirror_tool_linux.html
-
First of all, I'd recommend installing the latest version 4.0.90 that is downloadable from ESET's website.
Should you come across the issue again, please contact customer care and provide logs collected as per the instructions at https://support.eset.com/kb6159/.
-
Are you positive that strict cleaning is set for the Context menu scan profile?
-
After cleaning a website, it's usually necessary to report it to ESET and ask for a review as per https://support.eset.com/kb141/.
The website has been removed from blacklist.
-
Not sure what it was, I can only assume it was a glitch with the activation servers. Should it happen again, let us know.
-
I'd suggest supplying a complete memory dump from a crash to customer care so that the case is properly tracked and analyzed by developers.
-
It's normal I'd say. During the initial scan all local drives are scanned and there's no information about the whitelist status yet. Subsequent scans should be faster.
-
Neobux.com uses an EV certificate and those are excluded from filtering by default.
-
Actual threats cannot be excluded from detection via gui for security reasons; this is possible only for detection of potentially unsafe or unwanted applications.
-
HTTP/2 is not supported (will be soon). If you want to use HTTP/2 for connections to your website, exclude the certificate used by your website from scanning in the meantime.
-
5 minutes ago, Justin said:
Thanks Marcos. Can we expect App control in v7.
Hard to say. Definitely not in v7.0.
-
No. The process name is the same as the file name so it wouldn't help you either. A solution is application control which is not available yet but will be in future versions.
-
Although ESET is the only AV to detect the html code, I can assure you it is not a false positive:
It contains an obfuscated javascript that loads another javascript (malicious jquery.js) from another server. That url doesn't seem to work any more.
-
Yes, you can ignore it. We cannot affect what is reported in the WD Security Center.
ESET firewall is an advanced one and provides additional features, such as: IDS and exploit detection, dynamic firewall profiles, learning mode support, monitoring of changes in network-aware applications, etc. A part of the firewall is Botnet protection and Network protection. While the former serves to detect malicious communication of bots and thus can detect and block brand new malware not detected by other protection layers, the latter protects the computer from exploits exploiting vulnerabilities in network protocols. They are not included in ESET Endpoint Antivirus. However, these features are not disabled by disabling the firewall in the advanced setup.
-
This is ok and this panel is fully under control of the OS. You should see this in the firewall setup:
The good thing is that even with the firewall disabled, Botnet protection and Network protection modules remain enabled. Thanks to that the computer will remain protection from possible attacks via vulnerabilities in network protocols coming from unpatched computers.
-
As for notifications about missing updates, my Windows 10 is currently fully up to date so I can't test it right now. However, I don't think that any changes have been made in this regard that could stop the notifications from working.
Re. notifications about module updates, if you installed v11.2.49 from scratch you need to enable them in the advanced update setup. They are disabled by default.
-
If the computers are in a domain, I'd strongly recommend installing agent via GPO which should be hassle-free. If that is not an option, use the ESET Remote Deployment tool.
Realtime Protection disabled after Rebooting (Endpoint Antivirus)
in ESET Endpoint Products
Posted
It is important to know if it is a 32 or 64-bit Windows 10. Please collect logs with ELC and drop me a personal message with the generated archive attached.