Jump to content

Marcos

Administrators
  • Content Count

    15,459
  • Joined

  • Last visited

  • Days Won

    666

Kudos

  1. Upvote
    Marcos received kudos from Modify in Warning window period, transparency setting disappears in new version   
    Looks like your Configuration Engine module didn't update. After installing v12.2 the screen in question should look like as follows:
     

    Please collect logs with ESET Log Collector and provide me with the generated archive.
  2. Upvote
    Marcos received kudos from 100 in ESET issue with Sandboxie - Persistent holding of registry keys   
    We don't release modules to all users at once but gradually in batches so that in case of issues we can stop the release and revert the module to mitigate the impact on users.
    Modules are released as follows:
    1. wave: released for QA testing
    2. wave: released for internal testing on a bigger group of production machines and for beta versions
    3. wave: released for users with pre-release update channel set
    4. wave: released in batches gradually to all users
    5. wave: released for all users.
  3. Upvote
    Marcos received kudos from Leonardo in Upgraded to version 12.2.23.0   
  4. Upvote
    Marcos received kudos from spid3r001 in I can not activate or do updates. I also can not update livegrid   
    Do the machines connect directly to the Internet or through a proxy? If the latter, is the proxy configured properly in Endpoint and agent? Do you use a firewall? If so, are the necessary addresses allowed as per https://support.eset.com/kb332/?
  5. Upvote
    Marcos received kudos from DW43 in Scan Log Query   
    The files were exclusively being open by the operating system so other applications could not access them. It's perfectly normal and ok.
  6. Upvote
    Marcos received kudos from itman in Cylance vs Eset antiransomware protection level   
    https://www.vice.com/en_us/article/9kxp83/researchers-easily-trick-cylances-ai-based-antivirus-into-thinking-malware-is-goodware
    Every AV company must not rely on machine learning itself. We use a combination of different approaches, including AI and ML, as also mentioned at https://www.eset.com/int/about/technology/.
     
    Related documents and articles:
    https://www.eset.com/blog/enterprise/is-the-ai-hype-muddling-the-meaning-of-machine-learning/
    https://cdn1.esetstatic.com/ESET/BLOG/Whitepapers/2018/ESET_AI_hype.pdf
    https://www.welivesecurity.com/wp-content/uploads/2019/02/ESET_MACHINE_LEARNING_ERA.pdf
     
  7. Upvote
    Marcos received kudos from Leonardo in New version 12.2.23.0 ?   
    Currently you can enable pre-release updates in the advanced update setup and run update manually or wait for upgrade to the new version to be offered to you.
  8. Upvote
    Marcos received kudos from Leonardo in New version 12.2.23.0 ?   
    Will be available when released for all users, probably next week.
  9. Upvote
    Marcos received kudos from karlisi in Why are ESET Endpoint version 7.1.2053 released silently?   
    We are very sorry for the delayed announcement.  It is our goal to post announcements on time with the release of new product versions so that you have all information about the releases at your disposal on time.
    We can assure you that we're working on improvements in this field to prevent this from happening in the future.
  10. Upvote
    Marcos received kudos from SeriousHoax in Lack of details and options in the new phising page detection alert in version 12.2.23.0   
    Yes, I still have it there too:

    The page with the alert "Website blocked" was not a phishing page but most likely a malicious one which was added by ESET on the blacklist. For such websites we didn't offer the option to report them in older versions either.
  11. Upvote
    Marcos received kudos from BeanSlappers in Eset AMSI DLL Issue on Win 10 x(64) 1903   
    As of v12.2, eamsi.dll is signed by Microsoft, hence the error should not be logged any more. Anyways, it doesn't affect protection whatsoever and script scanning via AMSI worked in older versions without issues.
  12. Upvote
    Marcos received kudos from BeanSlappers in BPP Now Blocks John Hancock Financial   
    Not sure what the problem is, I didn't have any problem opening the website in Firefox 68. The site has never been marked to open in a secure browser automatically.

  13. Upvote
    Marcos received kudos from tommy456 in EIS started blocking Outlook POP3s recieving   
    We've reverted the Cryptographic support module to the previous version while the issue is being investigated and a solution prepared. You should now have version 1028.2 of the module which didn't cause the issue.
  14. Upvote
    Marcos received kudos from cusiek in EIS started blocking Outlook POP3s recieving   
    We've reverted the Cryptographic support module to the previous version while the issue is being investigated and a solution prepared. You should now have version 1028.2 of the module which didn't cause the issue.
  15. Upvote
    Marcos received kudos from Peter Randziak in EIS started blocking Outlook POP3s recieving   
    We've reverted the Cryptographic support module to the previous version while the issue is being investigated and a solution prepared. You should now have version 1028.2 of the module which didn't cause the issue.
  16. Upvote
    Marcos received kudos from BeanSlappers in Eset Mobile security   
    Never heard of such issue. Settings are preserved after a reboot under normal circumstances. Please contact customer care through the built-in form so that logs are submitted and a support ticket is created.
  17. Upvote
    Marcos received kudos from Boris0FF in Сканирование сети (Network scan)   
    First of all, we kindly ask you to post in English since this is an English forum and moderators and most of user will not understand you and be able to help otherwise.
    As to your question, network scan is not forbidden in a public network (otherwise you would not be able to run it at all) but it's not recommended. Since the feature checks for weak passwords and scans remote devices, it might be incorrectly evaluated as an attack by the others.
  18. Upvote
    Marcos received kudos from BeanSlappers in Lack of details and options in the new phising page detection alert in version 12.2.23.0   
    As I wrote, the blocked page was not a phishing page, hence it was blocked without the option to report it. The behavior was same with older versions.
  19. Upvote
    Marcos received kudos from Peter Randziak in List of hardware of all managed clients   
    Clicking "hw report" on the top of this topic will show you another topic with a similar question. If that is what you are after, then creating such report is not currently possible but we track it and possibly it will be implemented in one of future versions.
  20. Upvote
    Marcos received kudos from 0xDEADBEEF in ESET Smart Caching Questions   
    It's all just about smart optimization, nothing else and nothing more. It's caused by obfuscation that the txt file was not detected.
    1, Advanced heuristics doesn't scan scripts, there's a script scanner for that and the command-line (AMSI) scanner on Windows 10.
    2, Scripts are not run sandboxed.
    3, HIPS doesn't monitor file operations but real-time protection does.
    We'll try to address it asap but if turns out to cause more harm then good then we'll probably leave it until it's addressed in a smarter way in the future utilizing HIPS.
  21. Upvote
    Marcos received kudos from Azure Phoenix in Windows 7 vs Windows 10??   
    Also don't forget about AMSI and protected services which were not available prior to Windows 8.1. With the help of AMSI script malware can be more efficiently detected. New script malware may be undetected on systems that don't support AMSI.
  22. Upvote
    Marcos received kudos from Salenai in Bundled.Toolbar.Google.D is this false positive please?   
    It seems you have already contacted samples[at]eset.com as well where you've received a response.
    The detection is correct. The reason why EOS couldn't delete the file could be that you have another AV installed which is protecting files in its folders.
  23. Upvote
    Marcos received kudos from BeanSlappers in Microsoft Edge Chromium   
    You can also set Firefox to use the system trusted root CA certificate store by setting security.enterprise_roots.enabled to true in about:config.
  24. Upvote
    Marcos received kudos from Aryeh Goretsky in how to clean our software false positive by ESET?   
    1, This forum does not serve as a channel for disputing detections as stated also in Please read this before you post.
    2, PUA detections are unlikely to be false positives since they are created after in-depth analysis of particular applications.
    PUA detection is optional and is enabled only with user's consent. If a user thinks that using a particular PUA outweigh possible risks (e.g. ads that the applications may display), the user can exclude it from detection by the detection name.
    Having said that, we'll draw this topic to a close.
     
    By the way, just by a quick look at the application it's annoying to constantly get this pop up to buy some extra gold pack of something that was allegedly offered for free and there's no "No thanks" button next to Buy to refuse the offer. Annoyances like this may contribute to PUA classification besides others. It's a good practice to make the application fulfill AppEsteems criteria to minimize the chances of PUA detection, however, they are not the only ones that must be fulfilled by app makers.

  25. Upvote
    Marcos received kudos from 100 in SSL/TLS filtering doesn't work for many sites   
    If you want to filter the communication on trusted websites, e.g. facebook.com, disable the setting "Exclude communication with trusted domains" in the SSL/TLS filtering setup.
×
×
  • Create New...