Arakasi

Also, if all the endpoints have been deployed, you must now resort to a policy to adjust your settings now, as the cfg file is only used for initial deployment or export of current settings.

Default check in with the server is 10min and can be adjusted accordingly.

Hello The problem is the configuration you pushed out did not have the ERAC set correctly, so your clients will never check in for a new policy change. You have to push out a new installation with the correct address of the host for ERA.

Hello, No need to submit the(your) file, and here is why !! ESET already detects the variant as you stated by blocking and providing a dialogue that stated Potentially harmful application. You can easily allow this download by checking in the advanced setup to ensure that detection of potentially unwanted applications and unsafe, are unchecked. Then try the download again, without having to disable the entire protection module. It is highly likely this is not a fp since PUPS are usually handled on a case by case basis, and if there is a detection, its most likely falling into a category already specified. The root problem is the package you received for WinZip 18.5 was a bundled package or msi that contained additional software besides Winzip, and this is what ESET detected.

Keep in mind Marcos is a handle/alias. Marcos isn't even correct.

1. Read quote carefully, i was speaking in general: "Create firewall exceptions, and/or HIPS exceptions" 2. Thanks.

I think the break is when you utilize another 3rd party app to change the theme. @Marcus : Were you unable to reproduce using Tuneup Utilities to change the theme, or did you go through control panel ?

While agree with sandbox, i think the protection from ESET is stronge enough to not require it. The primary customer base however, does not want ESET to switch to the bulky app embedded software protection like most, and i would stress the importance of that in relation to sandbox. I would ask for a web browser sandbox only. Thanks

Hello My suggestion, which is usually taken highly, would be not to disable self-defense, but create exceptions for Tuneup. Create firewall exceptions, and/or HIPS exceptions which will tell "ESET" to allow the Tuneup to make changes it needs to make to the system. As far as my opinion on system utilities is concerned, if you are an IT Tech, you don't require these utilities due to the fact we already know how to do all of it without the tool. Also there are a plethora of fake tune utils. However , i can speak highly for Tuneup Utilities as a very good program for system maintenance outside of the normal windows operations, but it may be the only one i recommend aside from CCleaner which is still a preference. Good luck, glad your issue is "explained and understood as not a problem".

True fact, but its apparent that there was an installation problem, or glitch that has caused this. A reinstall should fix the issue. However we also can't determine if any ntfs junction points or drive letter configs are corrupt or being used etc. We would need to really take a look at whats going on, but i would just reinstall.

Smart Security has an option named TCP overload detection, which will prevent similar intrusions or attacks. Now days it takes distributed efforts to perform good dos attacks, most switches and routers protect against multiple sessions from the same subnet, or they only allow a certain size to be let through. We had a discussion before on udp floods and i am not sure ESET responded officially on that. But a standard tcp dos attack, will be prevented by ESS, as well as version 8 now has botnet protection, so if your PC is being used as a client for a DDoS, i believe ESET will prevent that as well based on heuristic behavior, hips, and certain analyzed activities.

Its the only logical explaination. Maybe ESET can check the code behind decompression or at least the API being used in the background, if updates come compressed for smaller size.

Hello, Usually if they request that you disable vital components, it is at the behest of troubleshooting. The main reason is to ascertain if the disabled vital component is the core of the problem or not, so they know where to start working. Not a permanent solution. I would double check you dont have any conflicting net drivers, Does your speed tests also conclude with 50mbps www.speedtest.net ? Now please answer this question. Do you have SSL protocol filtering mode on or off ? On the HTTP, HTTPS area of Web and email, make sure HTTPS is set to "Do not use HTTPS protocol checking". See if it resolves the issue

If you are making a connection designated as a secure port by the server, the handshake will have cert and key tradeoffs regardless. You wont connect to the server without the key. Have a look at this Google support page and to be hasteful i have added some answers found therein. https://support.google.com/a/answer/176600?hl=en server: aspmx.l.google.com ( Although you mentioned the port 25 being blocked by ISP's - Solution: USE A VPN ) - Port 25 - TLS not required server: smtp-relay.gmail.com ( - Also have to use port 25 ) -Port 25, 465, or 587 SSL/TLS optional. Also the port 25 issue, but there are ways around your ISP block. Good luck !

Try checking that the correct ESET services are running on the server. They all should have ESET in the name of service, i think 1 stays on manual, like the mirror or http service. Are the clients checking in and listed in the clients tab ? I assume they are. Did you go through and open the right ports after installation too ?

Hello again, In regards to your response, i give great credit for the time and passion put forth to explain your side. We like to read around here. The dumb statement regarding allowing an unknown questionable connection for the "user" who if classified as inexperienced or little to no understanding of IT, the recommendation should always be to block any unknown sources until you can find out what it is. Shall we take this one step further and evaluate how firewalls work when placed in such a scenario where the user is in full control when placed in a conditional, dialogue prompt that is interactive such as Allow or Deny ? The firewall will automatically block or hold the connection until a choice is made. If you want to go research while its on the screen sure, but some connections will timeout, depending on type. My simple response nonetheless is still similar to safe browsing tactics. If you do not know, "DONT" until you find out. Thats all.

I dont think there is any embedded code for accepting wmi

LOL

Open Sysinspector first. Then load that xml

How hard is it to delete a created rule. Dumb rule of thumb to just allow things that are questionable. Dont make a habbit of allowing the unknown according to "not_satisfied_with_life". If you are unsure, block it if short notice, research after and delete the block if necessary. Seems to be safe traffic though according to encyclopedia-satisfied. Good luck. Good to be cautious and ask for assistance!

Well its a host process. Not really windows, but using windows. Me personally i would hunt down where its coming from and whats causing it. Start with Task Scheduler, and move to startup entries, browser extensions, proxies in your net adapters, browsers, drivers etc. Check the vendors of your net adapters too. Move to the registry and look for it there too. Thats just me though. I know my personal system better than habits of family members. With ESET scans coming back clean, your most likely free of malware. Intusions are a totally different ballpark. Good luck.

German company. hxxp://en.wikipedia.org/wiki/Tinet hxxp://www.gtt.net/ It seems like a legitimate company, but if it is not your internet service provider, and the fact its on port 80, i would just create a deny rule permanently next time it pops up, and do a reset on your browsers. All of them. Check for any programs installed by Tinet It doesnt really confirm or deny you have malware. Do a full In-depth scan with ESET and post results.

Hello, Never used Kaseya. Never even heard of it in fact. As far as deployment, i have used sccm, pdqdeploy, grouppolicy, ESET's era for security, Altiris, WDS, and even Vsphere for vm's built on esxi or similar to name a few. After reading, it sounds awsome. Would like to play with a test environment if possible. lol

Hello, Run Sysinspector, and give us a list of drivers on your system, you may have a conflicting network driver. If you prefer, PM a mod your list.

Can you copy directories from another machine that has the latest? Or will self defense need to be disabled as well as permissions on certain directories ?