Jump to content

Marcos

Administrators
  • Content Count

    15,422
  • Joined

  • Last visited

  • Days Won

    665

Kudos

  1. Upvote
    Marcos received kudos from justme12 in Attempt to add root cert. Failed   
    In order to investigate the issue, please provide:
    - Logs collected with ESET Log Collector when the error occurs
    - A Procmon log from time when you disable and re-enable SSL filtering after a reboot. Stop logging when an error importing the root certificate pops up.
  2. Upvote
    Marcos received kudos from TomFace in Forum Feedback   
    The instructions are indeed at one place: https://support.eset.com/kb141/
    Moreover, we link this KB article in the FAQ block on this forum as well.
  3. Upvote
    Marcos received kudos from Scachi in ESET keeps stealing focus from Firefox   
    Thank you for reporting the issue and the video you've provided. We have eventually pinpointed the issue and a fix will be included in the next version of v12 products.
  4. Upvote
    Marcos received kudos from deloppoled in ESET keeps stealing focus from Firefox   
    Thank you for reporting the issue and the video you've provided. We have eventually pinpointed the issue and a fix will be included in the next version of v12 products.
  5. Upvote
    Marcos received kudos from pps in Horizon - Endpoint Antivirus   
    You should reply them that the memory dump from a crash has been already analyzed by an AV vendor and Microsoft and both confirmed a bug in a VMWare driver which is unrelated to the mentioned exclusions. We at ESET are willing to help them and provide details about the problem. You as a customer of VMWare could provide them with a memory dump for perusal.
  6. Upvote
    Marcos received kudos from Peter Randziak in Horizon - Endpoint Antivirus   
    You should reply them that the memory dump from a crash has been already analyzed by an AV vendor and Microsoft and both confirmed a bug in a VMWare driver which is unrelated to the mentioned exclusions. We at ESET are willing to help them and provide details about the problem. You as a customer of VMWare could provide them with a memory dump for perusal.
  7. Upvote
    Marcos received kudos from Peter Randziak in Horizon - Endpoint Antivirus   
    I'm not aware of any public statement by Microsoft re. this issue. We analyzed a dump from such crash and concluded that it was caused by a VMWare driver which was also confirmed by Microsoft when we consulted it with their developers. If VMWare contacts us, we can provide them with information that data that would help them fix the issue.
  8. Upvote
    Marcos received kudos from Peter Randziak in Horizon - Endpoint Antivirus   
    This is a known issue with VMWare drivers which was also confirmed by Microsoft. We recommend contacting VMWare re. the issue. If necessary, we can provide more details about the issue to their programmers.
  9. Upvote
    Marcos received kudos from Beech Horn in EFS 7.0.12014.0 - MSSQL ERROR   
    You can disable automatic exclusions completely or only for desired applications in the advanced setup. Installed applications are detected automatically so the list may look differently on your server:

  10. Upvote
    Marcos received kudos from Judex6 in Future changes to ESET web portals   
    Hello,
    The goal of this message thread is to provide ESET with specific feedback on changes and new features you would like to see in future versions of ESET web portals. Please use the following format when providing feedback:
    Description: A very-specific one-line description of your feedback.
    Detail: A more detailed explanation of your feedback. Please feel free to make this any length, but be sure to use terms everyone can understand. If your suggestion is an extension or update to an existing discussion, please include a link to it in your message.
     
    Here is an example:
    Description:  Configuring consumer ESET products via my.eset.com
    Detail:  It would be handy if ESET consumer products could be configurable via the my.eset.com portal.
    You are welcome to discuss the merits of each and every suggestion, but keep your comments on topic, concise and thoughtful.  There are other parts of the forum to discuss issues.
    NOTE:  When making your requests do not offer general suggestions. Requests must be actionable:  If you have a specific feature or functionality you would like to see added (or improved) please post it here, but general requests, such as to "make gui better" are not helpful because they do not give ESET detailed enough information.  Thank you for your understanding.
  11. Upvote
    Marcos received kudos from jamess3973 in Future changes to ESET Internet Security and ESET Smart Security Premium   
    ESET's products are install-and-forget. You don't have to care about setting up anything and it will protect you in the background. It can't be easier than it already is in my opinion.
  12. Upvote
    Marcos received kudos from Azure Phoenix in Future changes to ESET Internet Security and ESET Smart Security Premium   
    Actually advanced users love the ability to customize numerous settings. Common users don't need to go to the advanced setup at all since ESET products provide well-balanced protection out of the box.
  13. Upvote
    Marcos received kudos from persian-boy in Future changes to ESET Internet Security and ESET Smart Security Premium   
    Actually advanced users love the ability to customize numerous settings. Common users don't need to go to the advanced setup at all since ESET products provide well-balanced protection out of the box.
  14. Upvote
    Marcos received kudos from galaxy in Future changes to ESET Internet Security and ESET Smart Security Premium   
    Actually advanced users love the ability to customize numerous settings. Common users don't need to go to the advanced setup at all since ESET products provide well-balanced protection out of the box.
  15. Upvote
    Marcos received kudos from Peter Randziak in Future changes to ESET Internet Security and ESET Smart Security Premium   
    This is not possible since only IP addresses are known to the firewall. Unlike firewall, web access protection works at the highest application level in the OSI model and has information about hostnames as well.

    You can try enabling SSL/TLS filtering for all applications under Web and email -> SSL/TLS -> Filtering mode: Policy mode.
    In case of any issues with SSL/TLS filtering in certain applications, you can adjust SSL/TLS scan mode for particular applications:

     
  16. Upvote
    Marcos received kudos from Azure Phoenix in Future changes to ESET Internet Security and ESET Smart Security Premium   
    Keystrokes are already scrambled in a secure browser to prevent keyloggers from stealing what you type.
  17. Upvote
    Marcos received kudos from sindbad in Future changes to ESET Security Management Center / ESET Remote Administrator   
    That's how it works in ESMC (ERA v7) which is currently in the phase of beta testing and will be released soon.
  18. Upvote
    Marcos received kudos from MichalJ in Future changes to ESET Security Management Center / ESET Remote Administrator   
    That's how it works in ESMC (ERA v7) which is currently in the phase of beta testing and will be released soon.
  19. Upvote
    Marcos received kudos from Bedders in Future changes to ESET Security Management Center / ESET Remote Administrator   
    This will change as of ESMC (ERA v7) in the way that handled threats will be resolved automatically.
  20. Upvote
    Marcos received kudos from MichalJ in Future changes to ESET Security Management Center / ESET Remote Administrator   
    This will change as of ESMC (ERA v7) in the way that handled threats will be resolved automatically.
  21. Upvote
    Marcos received kudos from galaxy in Future changes to ESET Internet Security and ESET Smart Security Premium   
    Try clearing browser's cache. Please do not report issues in this "Future changes..." forum since this is intended only for posting suggestions for future versions.
  22. Upvote
    Marcos received kudos from katycomputersystems in Future changes to ESET Security Management Center / ESET Remote Administrator   
    The problem with this is that there's no unified location for storing information about license expiration dates of installed software.
  23. Upvote
    Marcos received kudos from galaxy in Request for feedback on a plan to change handling of Potentially Unwanted & Unsafe Applications   
    Dear forum members,
    We are considering a change in the product's behavior but before doing that, we would like to consult you, our field experts with regards to the problem and suggested change.
    We kindly ask you to:
    Read this message carefully Talk with other people of your support staff, whether they are aware of issues related to current behavior Provide any comments (supportive / negative) towards the proposed change As of now, one of the issues that our customers are facing is the behavior of products in managed environment, related to handling of detections and cleaning of Potentially Unwanted and Potentially Unsafe Applications (hereafter referenced as PUA)
    The following are prerequisites of the behavior:
    Default cleaning settings on the Endpoints (normal cleaning) Detection of PUA is enabled. With these settings we were reported the following problems by several customers and resellers / MSPs that we have interacted with directly during a customer research.
     
    Main problems are:
    End users on local machines are forced to respond to an „interactive window“ that is asking for action in case of a PUA detection, which can by triggered by protection modules or the on-demand scanner. They offer the „ignore & continue“ action even in managed environments where the end user should not make decision. Users can try to install a PUA which usually ends with multiple interactive windows appearing. If a PUA is already in the system and you schedule an on-demand scan, it will be reported to the user again and a dialog with action selection is shown to the user. If this happens on a server, it will be never resolved; the dialog eventually expires, and then will be reported again and again to the server upon re-scanning. The only solution currently is to set an exclusion or to set cleaning mode to strict which will automatically remove the PUA detection without asking.
     
    What are we planning to do:
    We are planning to change the product behavior in a way that our endpoints will automatically block / clean PUA detections in managed environments according to the option selected by an administrator, meaning that the end users will never see interactive windows. Alerts (only one) will be reported to the ERA, and it will be up to the security administrator to either set an exclusion or acknowledge such detection. After exclusion, reinstall of the affected PUA will be needed on the target system; restore from quarantine is not enough since „cleaning“ also removes references which are not restoreable (this is valid also now, when Exclusion is „cleaned“).  
    We would like to hear from you and ask for feedback whether you consider this change as risky from the perspective of customer expectations. We do perceive the problem as serious and would like to change the behavior even for existing users by means of a module update. An alternative approach is to change it only in new versions of our products, meaning Endpoint V7 and eventually backport it to a new 6.6 hotfix if that happens in the foreseeable future.
    How the interactive window looks:

    How it looks in the logs:

    How it looks in the ESET Remote Administrator:

    Please note that we are also bringing a lot of changes into the ESMC:
    Cleaned „threats“ are automatically going to be marked as resolved (once the behavior is implemented, you will automatically get the PUA cleaned at the „first detection“) and will be automatically „resolved“ in ESMC (no duplicated entries when one clicks „no action“) You will be able to set exclusions directly from the threats section, basically by „one click“; there will be also an option to set „exclusion by HASH“ in EES.  
    Thank you for your feedback & support.
  24. Upvote
    Marcos received kudos from Aryeh Goretsky in Request for feedback on a plan to change handling of Potentially Unwanted & Unsafe Applications   
    Dear forum members,
    We are considering a change in the product's behavior but before doing that, we would like to consult you, our field experts with regards to the problem and suggested change.
    We kindly ask you to:
    Read this message carefully Talk with other people of your support staff, whether they are aware of issues related to current behavior Provide any comments (supportive / negative) towards the proposed change As of now, one of the issues that our customers are facing is the behavior of products in managed environment, related to handling of detections and cleaning of Potentially Unwanted and Potentially Unsafe Applications (hereafter referenced as PUA)
    The following are prerequisites of the behavior:
    Default cleaning settings on the Endpoints (normal cleaning) Detection of PUA is enabled. With these settings we were reported the following problems by several customers and resellers / MSPs that we have interacted with directly during a customer research.
     
    Main problems are:
    End users on local machines are forced to respond to an „interactive window“ that is asking for action in case of a PUA detection, which can by triggered by protection modules or the on-demand scanner. They offer the „ignore & continue“ action even in managed environments where the end user should not make decision. Users can try to install a PUA which usually ends with multiple interactive windows appearing. If a PUA is already in the system and you schedule an on-demand scan, it will be reported to the user again and a dialog with action selection is shown to the user. If this happens on a server, it will be never resolved; the dialog eventually expires, and then will be reported again and again to the server upon re-scanning. The only solution currently is to set an exclusion or to set cleaning mode to strict which will automatically remove the PUA detection without asking.
     
    What are we planning to do:
    We are planning to change the product behavior in a way that our endpoints will automatically block / clean PUA detections in managed environments according to the option selected by an administrator, meaning that the end users will never see interactive windows. Alerts (only one) will be reported to the ERA, and it will be up to the security administrator to either set an exclusion or acknowledge such detection. After exclusion, reinstall of the affected PUA will be needed on the target system; restore from quarantine is not enough since „cleaning“ also removes references which are not restoreable (this is valid also now, when Exclusion is „cleaned“).  
    We would like to hear from you and ask for feedback whether you consider this change as risky from the perspective of customer expectations. We do perceive the problem as serious and would like to change the behavior even for existing users by means of a module update. An alternative approach is to change it only in new versions of our products, meaning Endpoint V7 and eventually backport it to a new 6.6 hotfix if that happens in the foreseeable future.
    How the interactive window looks:

    How it looks in the logs:

    How it looks in the ESET Remote Administrator:

    Please note that we are also bringing a lot of changes into the ESMC:
    Cleaned „threats“ are automatically going to be marked as resolved (once the behavior is implemented, you will automatically get the PUA cleaned at the „first detection“) and will be automatically „resolved“ in ESMC (no duplicated entries when one clicks „no action“) You will be able to set exclusions directly from the threats section, basically by „one click“; there will be also an option to set „exclusion by HASH“ in EES.  
    Thank you for your feedback & support.
  25. Upvote
    Marcos received kudos from galaxy in Future changes to ESET Internet Security and ESET Smart Security Premium   
    Please open a new topic and provide more information, including hashes of the malicious files. It is not true that ESET is bad at protecting against ransomware, quite the contrary. Of course, if you have a weak overall protection and an attacker with admin rights manages to remotes in, no matter what security software you you since with admin rights the attacker can do virtually anything, including disabling the security sw prior to running ransomware. Again, no security software detects 100% of threats and if you claim the opposite, we could prove you to be wrong.
×
×
  • Create New...