Jump to content

mathisbilgi

Members
  • Posts

    27
  • Joined

About mathisbilgi

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Turkey

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hi All, I have discovered that Ecos does not scan attachments in tar archives that contain a .bat trojan downloader. While I understand it's challenging for Ecos to scan every type of archive, I noticed it also does not submit these for analysis via Liveguard. Consequently, an email with such an attachment was delivered to the user's mailbox without detection. Could we consider enhancing this aspect to improve security?
  2. Marcos, you missed the key point. If you upgrade Apache HTTP Proxy, ESET Protect setup has started to clean files under C:\programdata\apache http proxy 2.4.53\cache\ directory. while eset protect setup doing this delete operation, it uses the del command and deletes thousands cache files one by one. So think that there is thousands cache file under C:\programdata\apache http proxy\cache\ folder and think that del command will delete one by one and it will write console output for every file. like this del C:\programdata\apache http proxy 2.4.53\cache\xyz deleted C:\programdata\apache http proxy 2.4.53\cache\xyq deleted It takes massive time. if you haven't heard 1-2 hours installation time, I could send the anydesk record of protect upgrade.
  3. ESET Protect setup is deleting apache http proxy cache from disk while upgrading apache http proxy. the problem is that method it uses to delete files is tooo slow. sometimes it takes 1-2 hours to remove files if disk there is iops bottleneck. This situation has been causing pain for 5 years. except this one, eset protect is perfect product.
  4. Hi All, I see that the uPCU update starts only when update is triggered via egui. the update that triggered via task scheduler, esmc update task, ermm do not start uPCU update, just signature update. All update methods pointing same update profile. Is this a known behaviour? How can I solve it?
  5. @Marcos, I am using EFSW to download mirror. For months, there is no any uPCU files downloaded Mirror folder. Is there anything additional I need to know to download uPCU files over EFSW?
  6. Hello, It seems ESET has becoming detect Dahua Webplugin as PUA. It is very old file and it is detected by only ESET. I would like to know if could be a FP ? If not, could i have information about its PUA behaviour? Thank you The sample is attached. webplugin.exe » NSIS » npPlugin.dll - a variant of Win32/WebPlugin.A potentially unwanted application - retained webplugin.exe » NSIS » webActiveX.exe - a variant of Win32/WebPlugin.A potentially unwanted application - retained webplugin.rar
  7. 11. Did you get accurate answers to your forum queries for the last year? I don't know why but some forum posts were never answered.
  8. I don't understand why this question is not answered. I really need this information and I couldn't find it in the docs. @Marcos please help.
  9. Hi Marcos, Is it possible to distribute Pcu update via Mirror?
  10. Thank for your reply @labynko. I have activated as you described. Any official fix yet ?
  11. +1 same isssue. Cannot activate 8.1 with ESET Protect task but endpoint activated locally with offline license. if you need remote connection to inspect problem. please pm me. this topic is posted in 4 july, today is 13 july. still no any official response. i am in amazement
  12. Hi All, There is a phishing URL coming with a spam email. the url is hxxps://ssde345sdfgyju.ru . I see that ESET Endpoint Security web filter detects the URL as malicious but the spam email that contains the URL classified as Clean by EMSX. Does EMSX not check URL in mail body against blacklist? Is that possible? I have checked common things. EMSX database updated. Livegrid and EDTD is accesible. I have confirmed the email scanned by EMSX.
  13. Hi All, Has the retro rule feature been removed from ETI ? If yes, how can I access old data matching the yara rule?
  14. I think Apache HTTP Proxy is a very clever solution that simplifies the structure in ESMC architecture. But since the first release of ERA 6, the most problematic component has been "Apache HTTP Proxy". It still is. Apache HTTP Proxy causes a lot of problem when you deploy ESET packages. ESMC Agent cannot download properly files via Apache Http Proxy and deployments failing. You should try again and again. It is cannot properly handle EDTD requests when the networks is is large. It is problematic when multiple agents make request for uncached file at the same time. So I would like to know if there is more stable way to use apache http proxy.
×
×
  • Create New...