-
Posts
37,152 -
Joined
-
Last visited
-
Days Won
1,476
Everything posted by Marcos
-
ESET Smart Security Premium 2018 Failed Test
Marcos replied to galaxy's topic in Malware Finding and Cleaning
And also post a hash of the file HelloWorld.exe. It's not a typical name for malware so it could have been crafted to be not detected. One could take any malware and modify it until it becomes undetected by the AV that he or she focuses on so making any conclusions just based on one undetected and probably not real file doesn't make any sense. Knowing a hash of it would help us find out how many users have encountered it. My estimation is 1 or 2 if the "tester" had the LiveGrid feedback system enabled. -
windows 10 spring update
Marcos replied to voyageur2180's topic in ESET Internet Security & ESET Smart Security Premium
We've already got enough memory dumps so no further dumps are needed. As a workaround, you can try disabling Protected service in the HIPS setup and rebooting the machine. The only 100% solution known to date is upgrading Windows 10 RS4 x86 to x64 version. -
Firewall settings
Marcos replied to Andrej's topic in ESET Internet Security & ESET Smart Security Premium
-
You can open logs in a new window that can be stretched to the full screen.
-
Problem pushing out updated EES from ERA6
Marcos replied to Roger Nock's topic in ESET PROTECT On-prem (Remote Management)
It is agent that downloads the Endpoint installer from ESET's repository. if you use a firewall or proxy server, is the client able to reach the repository? Please check https://support.eset.com/kb332 for a list of ports and addresses that need to be allowed. Are you able to download the installer http://repository.eset.com/v1/com/eset/apps/business/ees/windows/v6/6.6.2078.5/ees_nt64_enu.msi directly through a browser using the same proxy settings as those used by ERA agent? -
I'd suggest carrying out as follows: 1, Connect the desired device to a machine. 2, In the Device Control rule editor, click Populate. 3, Select the desired device in the list and click OK. This will create a new Device Control rule with parameters of the device already filled in which will help you also avoid typos in spaces in device information. If that doesn't help, please post a list of DC rules that you have created so that we know what rules they are and what order they are applied in. Also provide device information about devices which are blocked but shouldn't be (copy & paste whole records from the Device Control log).
-
This forum does not serve as a channel for reporting blocked websites. Please follow the instructions at https://support.eset.com/kb141/.
-
[Win 10 & 8.1] What causes this border/shadow glitch?
Marcos replied to Dr. Blythe's topic in ESET NOD32 Antivirus
The alert is like that by design. I get the same with v11.1. -
[Win 10 & 8.1] What causes this border/shadow glitch?
Marcos replied to Dr. Blythe's topic in ESET NOD32 Antivirus
If it's really the shadow that concerns the OP, I'm getting it on any context menu so it doesn't appear to be related to ESET only. -
[Win 10 & 8.1] What causes this border/shadow glitch?
Marcos replied to Dr. Blythe's topic in ESET NOD32 Antivirus
I don't see any issue in the screen shot. -
LiveGrid Not Logging File Submissions
Marcos replied to itman's topic in ESET Internet Security & ESET Smart Security Premium
I don't know what the response from LiveGrid servers was, however, regardless of the response the cached file would have been either deleted or submitted. If it was deleted and nothing was logged, it had to be rejected by LiveGrid servers. Next time you can make a backup copy of such file so that we can investigate it further. -
windows 10 spring update
Marcos replied to voyageur2180's topic in ESET Internet Security & ESET Smart Security Premium
We didn't change anything with regard to the issue and are currently anticipating more information / resolution from Microsoft. -
You don't have to care what action was exactly performed, otherwise you'd have to distinguish between clean files infected with a parasitic virus and other kind of threats that contains only malicious code. The point is that cleaning means removing the malicious code, ie. either the whole file or the malicious code added to otherwise legitimate files and also removing all references to the malicious file from the registry. A copy of the original file is always put into quarantine so that it could be restored later, if needed.
-
Cleaning means: 1, placing a copy of the original file to quarantine 2, deleting the whole malicious file or cleaning the malicious code in case of VBA macro malware or sanitizing the file in case of file infectors (viruses) 3, removing references to the malicious file from the registry as well as fixing possibly malicious modifications in the registry.
-
schedule weekly scan with shutdown
Marcos replied to andy_s's topic in ESET PROTECT On-prem (Remote Management)
This is not currently possible but we'll consider adding this option in the future versions of ESET security products. -
LiveGrid Not Logging File Submissions
Marcos replied to itman's topic in ESET Internet Security & ESET Smart Security Premium
How do you know they were actually submitted? If someone else has submitted them, then the submission was rejected and the files in the cache were deleted. -
It's highly unlikely they would be false positives. Please post the appropriate records from the Detected threats log.
-
Detected Port Scanning Attack - Sonicwall
Marcos replied to Judg3man's topic in ESET PROTECT On-prem (Remote Management)
Please post a screen shot of the IDS exclusion that you have created as well as a screen shot of the firewall log with details about the detection.