Marcos

Administrators
  • Content count

    11,059
  • Joined

  • Last visited

  • Days Won

    498

Kudos

  1. Peter Randziak liked a post in a topic by Marcos in JS/Retefe.T trojan from SkypeBrowserHost.exe   
    Appears to be FP. We've stopped offering the latest update for now.
  2. voLwy liked a post in a topic by Marcos in JS/Retefe.T trojan from SkypeBrowserHost.exe   
    Please see my comment above. Updates were stopped and the detection will be removed momentarily.
  3. Peter Randziak liked a post in a topic by Marcos in Device Control Whitelist   
    I think this is what you are after. It's a new feature of ERA v7 and Endpoint v7 which will be unveiled later this year:

  4. Peter Randziak liked a post in a topic by Marcos in Eset Internet Security v11.0.159.9 update to v11.1.42   
    I don't see anything wrong with that. As long as the LiveGrid feedback is enabled, it is normal that nfi files may be created in the charon folder. Please provide me with the nfi file for perusal.
  5. Peter Randziak liked a post in a topic by Marcos in Eset Internet Security v11.0.159.9 update to v11.1.42   
    The interval has been about 15-20 minutes for a quite long time already so it's nothing new in v11. Of course, the program may query LiveGrid servers for information about specific objects  as needed.
  6. Peter Randziak liked a post in a topic by Marcos in In- depth scans v 11.0.59.9   
    In-depth scans doesn't use Smart optimization by default and scans every file you have on a disk. Try enabling Smart optimization in the In-depth scan profile; the scan time should be reduced quite a lot.
  7. Peter Randziak liked a post in a topic by Marcos in Apache http proxy   
    You can list the content of cache using htcacheclean when run with -A and -p%path_to_cache% options as stated at https://httpd.apache.org/docs/2.4/programs/htcacheclean.html
  8. badzydy007 liked a post in a topic by Marcos in Malware? As.eu.angsrvr.com   
    Are you getting the pop-up only when launching IE or other browsers as well?
    Please provide me with logs collected by ELC to start off.
  9. Peter Randziak liked a post in a topic by Marcos in Eset Internet Security v11.0.159.9 update to v11.1.42   
    Currently the latest available version is 11.0.159. We will resume updates to v11.1 (probably v11.1.52) soon. New v11.1 installers have passed QA tests and will be released within the next few days.
    If you want to install v11.1 manually now, download it from the links posted above and install it over your current version.
  10. Peter Randziak liked a post in a topic by Marcos in Device Control Whitelist   
    I think this is what you are after. It's a new feature of ERA v7 and Endpoint v7 which will be unveiled later this year:

  11. Peter Randziak liked a post in a topic by Marcos in Windows Updates not installing using ESET   
    Windows Updates are excluded from https scanning so ESET should not prevent them from being downloaded. We are not aware of any issues with Windows updates that would be caused by ESET.
  12. Peter Randziak liked a post in a topic by Marcos in Windows Updates not installing using ESET   
    Windows Updates are excluded from https scanning so ESET should not prevent them from being downloaded. We are not aware of any issues with Windows updates that would be caused by ESET.
  13. Peter Randziak liked a post in a topic by Marcos in agent deploy failed to start task   
    Have you tried deploying the agent via GPO or SCCM as per the instructions at https://support.eset.com/kb3675/?
  14. Peter Randziak liked a post in a topic by Marcos in Multi Device how it works   
    Having a multi-user license doesn't mean that you are entitled to install ESET on any number of devices. The number of devices has to be chosen during the purchase process.

    From FAQ below this selection:
    One ESET Multi-Device Security licence can cover up to 5 of your devices. You should choose number of covered devices at the first stage of your buying process. You can transfer protection to another device at any time without the hassle of getting new licence. You can easily check your licence usage through our Licence Manager site at my.eset.com portal.
    If there's something unclear about this type of license or should you need to correct your order, please contact ESET UK.
  15. Peter Randziak liked a post in a topic by Marcos in Eset Internet Security v11.0.159.9 update to v11.1.42   
    We use whichever protocol is available. If IPv6 is not available, we communicate over IPv4. Nothing has changed in this regard for ages I would say.
  16. Peter Randziak liked a post in a topic by Marcos in [Critical] ESET can not clean Win32/Agent.TXV   
    Please collect logs with ELC on that machine and provide me with the generated archive for perusal.
  17. Peter Randziak liked a post in a topic by Marcos in Windows Updates not installing using ESET   
    Windows Updates are excluded from https scanning so ESET should not prevent them from being downloaded. We are not aware of any issues with Windows updates that would be caused by ESET.
  18. Peter Randziak liked a post in a topic by Marcos in ESET hiding PC from printer/scanner, can't send scans to PC   
    1, Make sure that the VPN network is trusted. The first time the computer connected to the VPN, you should have been offered an option to mark it as home/office (trusted) network or public. Later you can change it in the advanced setup -> firewall -> known networks.
    2, As the name suggests, in interactive mode you are asked whether to allow or block particular communications. It's possible to create the necessary rules in interactive mode and then switch back to automatic mode. Or use learning mode to create rules first and then switch to interactive mode for instance. In your case I assume that marking the VPN connection as trusted will resolve possible issues with firewall blocking desired communication.
    3, I assume that temporarily pausing firewall makes a difference and that marking the network as trusted would also resolve this issue. In untrusted (public) networks, sharing and some other communications are disabled. Should the problem persist, create a separate topic for this. We'll need you to: 1, enable advanced firewall logging in tools -> diagnostics, 2. reboot the computer, 3. reproduce the issue, 4. disable logging and collect logs with ELC.
  19. Peter Randziak liked a post in a topic by Marcos in Unable to do a manual computer scan?   
    If you would like to install EIS 11.1.51 release candidate, you can download it from:
    ESET Internet Security 32-bit
    ESET Internet Security 64-bit
    This version has passed QA testing and will be released very soon, probably as version 11.1.52. It addresses all known issues reported with v11.1.42.
  20. Peter Randziak liked a post in a topic by Marcos in ESET service isnt starting after shutdown?   
    As the logs showed, you have Sophos installed and running. Try running the batch file listed at https://support.home.sophos.com/hc/en-us/articles/115005679923-Unable-to-uninstall-Sophos-Home   ii in safe mode.
  21. Peter Randziak liked a post in a topic by Marcos in unable to isntall ERA_Installer_x86_en_US.exe (Error code - msi.1920)   
    I found an error "Activation context generation failed for "C:\Program Files\ESET\ESET Security\ekrn.exe".Error in manifest or policy file "C:\Program Files\ESET\ESET Security\ekrn.exe" on line 0. Invalid Xml syntax." in your event log.
    Please continue as follows:
    - Run "sxstrace.exe trace -logfile:sxstrace.etl" in a commandline console. You should see:
    C:\LOG>sxstrace.exe trace -logfile:sxstrace.etl
    Tracing started. Trace will be saved to file sxstrace.etl.
    Press Enter to stop tracing...
    - attempt to start ekrn.exe from the Services console or by running "net start ekrn"
    - press enter in the commandline console to stop logging
    - provide me with sxstrace.etl.
    Then you can also provide me with fresh ELC and Procmon logs for me to check that the malware c:\windows\rss\csrss.exe is not running any more.
  22. Peter Randziak liked a post in a topic by Marcos in ARP poisoning attack   
    Do you have only 2 computers connected via a router or hub ? An ARP poisoning attack is detected if more responses with different MAC addresses are received to a broadcasted ARP request.
  23. Peter Randziak liked a post in a topic by Marcos in Licensing and versions   
    It's not that difficult as it seems. You basically choose between:
    1, ESET NOD32 Antivirus
    2, ESET Internet Security (EAV + firewall + antispam + Anti-Theft + Parental Control + Network protection)
    3, ESET Smart Security Premium (EIS + Password Manager + Disk encryption)
    Depending on the country, if you have more devices you can purchase a multi-license pack or Family pack. E.g. in the US and UK, you can purchase a multi-license pack (2-5 devices), not a Family pack. In Slovakia, we don't sell the multi-license pack but a Family pack for 4 devices.
    As for version numbers, it's not difficult either. The latest version is v11 and we provide it as a service (the same way as Microsoft provides Windows 10 updates),  ie. we release product updates on a regular basis to ensure that users have the latest version with new features and fixes. We don't use version numbering like 2017, 2018, etc., except for marketing purposes.
  24. Peter Randziak liked a post in a topic by Marcos in Unable to do a manual computer scan?   
    If the scan progress hangs like in your screen shot, then it's a known issue of v11.1.42 which has been fixed in the mean time. It will be addressed in the next service build of v11.1 which should be released some time soon.
  25. Peter Randziak liked a post in a topic by Marcos in Unable to do a manual computer scan?   
    If the scan progress hangs like in your screen shot, then it's a known issue of v11.1.42 which has been fixed in the mean time. It will be addressed in the next service build of v11.1 which should be released some time soon.