-
Posts
36,212 -
Joined
-
Last visited
-
Days Won
1,440
Posts posted by Marcos
-
-
Does temporarily disabling the firewall make a difference? Did you mark the detected network as home/office trusted network upon detection?
-
This forum is rather meant for sharing knowledge and does not substitute contacting customer care. Reports here cannot be tracked and also tackling certain issues may require several iterations with developers during which various logs or dumps may be requested.
-
Please contact your local customer care to troubleshoot the issue.
However, the fact that EP6.3 can update indicates that you have downloaded files for EP6-EP6.5, not for EP6.6 which uses a different format of update files. If you use both older versions of Endpoint and EP6.6, you'll need to create 2 mirrors.
-
If it's locked because you marked it as missing in the Anti-Theft portal, simply unmark it there.
-
Try the following:
- disable SSL/TLS filtering
- reboot the system
- without launching any browser, re-enable SSL/TLS filtering -
That's not possible. However, for scheduled scans you can choose whether users will be able to pause or cancel them. I for one don't see any sense in having such option; scans would then always end before they are completed if they started at a fixed time and had to be terminated at a fixed time too.
Do the users have a lot of big archives or images on disks that scans take more than 7 hours?
-
Please remove all exclusions seen they are entered incorrectly. A full path must be used and exclusions like *.log will not work but may rather cause issues. The ERA CE validator will need to be adjusted to prevent such exclusions from being entered.
If you want to exclude the mentioned PUA from detection completely, use an exclusion like this:
-
Please post the appropriate records from the Detected threats log as well as a screen shot of your exclusion setup.
-
Isn't it possible to exclude just the IP address of the server or application from protocol filtering?
-
Does temporarily disabling protocol filtering in the advanced setup make a difference?
-
With the change of the ISO to isohybrid, we stopped providing a SysRescue medium creator.
Use an arbitrary application for that, such as UNetbootin, Etcher, Rufus, etc.
-
8 hours ago, claudiu said:
How is this relevant???? If an antivirus has a mechanism based on HIPS /behavior analysis the detection is supposed to be generic.
We already kindly asked you to stop trolling. If you are not satisfied with no 100% detection, you can use any AV you like. However, we live in a real world and there's no security software that could 100% protect you from malware so sooner or later you'll get disappointed with other AVs too if you don't accept that fact and if you don't contribute to safety by practicing safe computing.
Here are some tips that one should practice to stay safe:
1, Patch, Patch, PATCH
2, Back up, back up, BACK UP
3, Install protective software and keep both the program and modules updated. Do not disable any of the protection modules.
4, Choose strong passwords.
5, Control access to your machine.
6, Use email and the internet safely, do not open unknown emails and attachments.
7, Use secure connections.
8, Protect sensitive data, use encryption.
9. Most importantly, stay informed.Since everything has been said, we'll draw this topic to a close.
-
The detection is correct. The application is correctly classified as potentially unwanted. If you want to continue using it, in the yellow window with action selection expand advanced options and select "Exclude signature from detection" which is safer than disabling PUA detection completely:
-
In case of issues with SSL related to ESET's root certificate, start off by carrying out the following procedure:
- disable SSL/TLS filtering
- restart Windows
- without launching any browser or email application, re-enable SSL/TLS filtering
- after 2-3 seconds, launch a browser and check if the issue has been solved. -
17 minutes ago, mma64 said:
Well done, ESET. The "unknown operation" HIPS log bug has been fixed with HIPS V1322-20180613, rolled out ("to me") on 20180702, see the following screenshot: (1) PC is starting, wrong field content, (2) an AV update with (3) HIPS module update gets automatically installed at 22:36:27, (4) immediately (22:36:29) after that all HIPS log entries with correct field content (5) (6).
(Remains the question why the rollout to the ESET users takes a whopping ~19 days: V1322-20180613 <-> 20180702...)
Since HIPS is a very sensitive module that may cause sever system issues if released with a serious bug, its releases are staggered and it may take up to one month until all users will receive the updated module.
-
We'd need a complete memory dump from the point when the system is unresponsive to confirm it's indeed caused by a clash with MBAM. For instructions how to configure Windows to generate memory dumps and how to initiate a system crash manually, please refer to https://support.eset.com/kb380.
-
20 minutes ago, JbRbV said:
Can i still work with my computer (i have EIS 11.1) or does it has a serious problem?
Since HIPS doesn't work, neither other HIPS-dependent modules Exploit Blocker, Self-defense, Ransomware shield do. No vendor can guarantee that their programs will work with newer Insider Preview builds of Windows 10. Therefore Insider Preview builds should not be installed on production computers or computers where security matters.
-
6 minutes ago, JbRbV said:
Hi Marcos, does ESET has a solution yet? I really like to use W10 Build 17704 with ESET EIS 11.1 again.
No. This was asked 2 days ago during weekend and today is the first work day after the weekend. It's not matter of minutes to make changes to the program code, test it and release it. We are working on it and will let you know once an updated module has been released on pre-release update servers.
-
Did you use a wrong topic name and you actually meant "Installing ESET Secure Authentication" or do you have any issues installing the ERA Server as well?
-
Was that a fresh install or upgrade? At any rate, try running the Uninstall tool in safe mode and then installing ESET from scratch.
Should the problem persist, we'll need a Procmon log created during an install attempt and fresh ELC logs.
-
If you don't want any action to be taken at the end of the scan, select "No action" in the above screen.
-
Simply ignore them. Even if you run a scan as an administrator, there will be plenty of files that are exclusively being used by the operating system so no application has access to them, be it a legitimate AV scanner or malware.
-
I would check the list of installed applications and remove those that you don't 100% trust. It doesn't have to be necessarily malware, maybe it's just the ring sound played by an application for some reason.
-
I don't think that excluding any files or folders in ESET would prevent possible clashes. When troubleshooting issues, the only way how to 100% confirm or rule out involvement of a particular sw in the issue is by temporarily uninstalling it.
Some components are non-founctional
in ESET Endpoint Products
Posted
You have some old v4.2 drivers running with EES 6.6. How did you upgrade to v6.6? Did you reboot the machine? Was v4.2 previously installed in the default or a custom folder, e.g. on other then the c: drive?
I'd suggest uninstalling EES and installing it from scratch. Should the problem persist, after uninstalling EES also run the Uninstall tool in safe mode prior to installing EES from scratch.