Marcos
-
Posts
36,136 -
Joined
-
Last visited
-
Days Won
1,439
Posts posted by Marcos
-
-
Please report possible false positives as per the instructions at https://support.eset.com/kb141/.
-
Not malware but a game tool. We'll add detection as a potentially unsafe application. The application doesn't pose any security risk.
-
You can find the latest version of particular components on the download page:
-
My understanding is that this should be possible with application control when integrated into products in the future.
-
ESET Endpoint products (ie. for licenses with 5 and more seats) can update from an offline mirror and can also be activated using an offline license key generated via the ela.eset.com portal.
-
You can exclude specific addresses from an IDS detection in the IDS exceptions setup (available in the policy editor too):
Alternatively you can right-click the appropriate record in the firewall log and select "Do not block similar events in the future":
-
No, EIS requires Internet connection both for activation and update of modules.
-
2 hours ago, Samoréen said:
Does enabling advanced logging affect system performances ?
The "I" icon in that window, on the right of the "Create Advanced Logs" button is grayed. No effect. No information displayed.
It may have negligible effect on performance. Create advanced logs should always be clickable, at least I can't think of a scenario when it would be greyed out (at least as long as you have administrator permissions).
-
After deploying Agent to endpoints (e.g. via GPO as per the instructions at https://support.eset.com/kb3675/), Agent should start reporting to ERAS.
-
As for email protection, with the Dynamic Threat Defense feature that is going to be introduced in Endpoint v7 suspicious files (e.g. attachments) will be analyzed in an off-premise cloud sandbox, leveraging machine learning and behavior-based detection to evaluate the dangerousness of the file which will remove the gap between a new malware appears and a detection is added or the file is blocked by LiveGrid.
-
We'll also need the content of the c:\ProgramData\ESET\Updfiles and c:\program files\eset\eset security\modules folders from the time when the error occurs. When reproducing the issue, enable advanced logging in the main gui -> help and support -> details for customer care. After reproducing the issue, disable advanced logging, gather logs with ELC and also provide the content of the above mentioned folders.
-
So what persuaded you to go for ESET rather than MSE ?
-
No. If you scan them with PUA detection enabled, they won't be detected.
-
Both 32 and 64-bit installers require entering a valid username and password since they don't activate afterwards. You can try downloading the installer from https://www.eset.com/int/business/endpoint-security/linux-antivirus/download/ if there's an issue with the German website.
-
Please enable advanced logging under Help and support -> Details for customer care and attempt to update. Then disable logging at the same place and gather all logs using ESET Log Collector. Upload the generated archive to a safe location (e.g. Dropbox, OneDrive, etc.) and provide me with a download link.
Prior to gathering logs, please quit any browsers and network-aware applications to minimize the amount of captured data.
-
If Internet connection is established when you are getting the error, then something is blocking the communication with LiveGrid servers. If you have EIS 11.1.54 installed, in the main gui navigate to Help and support -> Details for customer care and click "Create advanced logs". Next reproduce the error and then stop logging. Gather logs with ESET Log Collector, upload the generated archive to a safe location and drop me a message with a download link.
-
-
It doesn't matter if the OP has purchased the product or not. Probably he or she did and we don't have any reason to question it. The thing is v8 will have reached its EOL by the end of this year which means:
- Regular detection engine updates may continue but are not guaranteed.
- No technical support or patches are available for this version. Basic Support may continue but is not guaranteed.
Generally we strongly recommend using the latest version for maximum protection. For instance, v8 lacks several important features, including advanced scanning of scripts, AMSI scanner, UEFI scanner, Ransomware shield, streaming updates and some other. For more information about ESET technology and protection features, please read https://www.eset.com/int/about/technology/.
-
I'd suggest contacting customer care so that the case is tracked properly. In the mean time, you can try disabling automatic scan of removable media in the advanced setup:
-
It's an obfuscated AutoHotkey script so it's hard to tell what the variant you encountered exactly did.
-
We're going to report the issue to Microsoft since loading dlls using a standard API function is failing with ERROR_NO_SYSTEM_RESOURCES (Insufficient system resources exist to complete the requested service).
-
Will those computers be completely isolated from the Internet? Will they have visibility to the machine running the ERA Server? Are all those computers in a domain?
-
There is a problem with your license. Please provide me with logs gathered by ESET Log Collector.
-
It appears you have ESET NOD32 Antivirus v8 or older installed. Since V8 will have reached its EOL by the end of this year and does not provide complete protection against emerging threats as new versions, we urge users to upgrade to a newer version, ideally to v11.1.54.
ESET not detect trojan QTXWPF.exe
in Malware Finding and Cleaning
Posted
Did you debug the file and analyze its code that you are saying it's a dangerous trojan? Based on what did you make the assumption that it's dangerous?