Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by pronto

  1. Servus Community, the displayed versions may differ significantly from each other. In the remote console, for example, my Windows workstation is displayed with a yellow warning at 'last connected', which tells me that the client has not reported to the server for two days, but it has already updated the virus detection signature today. Two different versions of the detection routine are displayed in the client itself. On the page Computerscan a virus signature from 19.11.2018 is displayed and on the page Update one from today (21.11.18). How do I get this synchronously and what do I have to do so that the client regularly gets the updates from the server. This doesn't affect all clients but a few already. Thanks in advance for your attention & Bye Tom
  2. Servus Community, we have disabled mail security in the default client policy, because we use Exchange servers with installed antivirus programs, but then warnings are displayed on the clients. In another thread we read that we get rid of these warnings when we leave an email client that we are actually not using activated. That works. But the question is whether to leave email protection enabled even though Exchange scanners are already scanning for viruses. Or can unwanted cross over effects occur under certain circumstances? There is currently no ESET program running on the Exchangers... Thx & Bye Tom
  3. Servus Marcos, >Unfortunately, I was unable to find any information about what Datev is and what is its purpose. DATEV is a financial accounting program but that is not the issue, I know which directories have to be excluded. The actual question is whether it is enough to set up the directories in the 'Dectection Engine - Exclusions' dialog to exclude them both in the Real Time Scan (which works) and in the Background Scan or Idle State Scan, I think this is called ESET. See attached screenshot... Thx & Bye Tom
  4. Hi Community, is there a best practice tutorial for DATEV clients available? I found a tutorial for an earlier ESET version (NOD32) but neither for version 6 nor for version 7. Datev wants on it's server based desktop clients to exclude two directories from the real-time scanner as well as from a possibly background scanner. (C:\DATEV\*.* and C:\WINDVSW1\*.*) Any help is appreciated :-) Thx & Bye Tom
  5. Servus Michalj, I installed another machine right now and there were no more issues about activation... Thx a lot & Bye Tom
  6. Servus Michalj, where can I find the exact error code? But what worked now was to run a task on the client that is doing the activation. This worked without any problems. I try to reproduce the entire process with another client tomorrow, perhaps I can then serve with the exact error codes... Thx & Bye Tom
  7. Hi Community, yesterday we build an installation package which includes a valid license and all clients we installed yesterday became automatically activated. Today I installed another client locally with the same installer and now I got a lot of warnings, both on the client and the server, that the product is not activated[1]. The client is shown in the Security Management Center and is allready moved in the specified target group. The only thing I changed was that I renamed the default policy which applies to the default group, where the clinet is moved during installation. What else can I miss or happend from yesterday till now...? How can I fix it? Thx & Bye Tom
  8. Servus Martin, as far as I have noticed the 'Remote Administrator' has been renamed to 'Security Management Center' in the latest version, is that right? There is actually a (parent) task called 'Security Management Center Components Upgrade' but there is only one task in, it called 'Agent Upgrade' with the settings linked below. I think this task was used yesterday because it applies to one of our test machines. Maybe there was such a task in the old version or you might see another suspicious candidate in the task list... Thx & Bye Tom
  9. Servus Martin, it works, thanks a lot... :-) Bye Tom
  10. Servus Community, yesterday I had a two-hour TeamViewer session with a systems engineer from the distributor and he first updated all the components to the latest versions, because there was quite a mix up. However, the Java version was not an issue. Anyway, it works now, but that doesn't mean anything, it worked for a week before and then suddenly it didn't work anymore. Let's see how it turns out... Thx for your attention & Bye Tom
  11. Hi Community, I have some clients in the management console twice, these are the ones I manually added to the group but then installed the agent locally. The ones with OK status are the ones I installed locally and want to keep and the other two are the ones I would like to get rid of. Can I just delete them and if so, which option to delete should I use. Thx & Bye Tom
  12. Hi Community, I have found a temporary solution, when the Apache service is running under the local system account, the web server is running, as default the network service was set. It is possible that I created now a significant security problem because the local system account has much more privileges. Can someone verify under which account your Apache web server is running on Windows? Thx & Bye Tom
  13. Hi Community, since this morning it is no longer possible to log on to the ESET remote console, the Apache service is not running and cannot be started. The attempt to start fails with the following error message: "The ApacheHttpProxy service could not be started on Local Computer. Error 1069: The service could not be started due to a failed logon" (analogously, the error message was translated from German). We had similar problems with the installation of the remote console, but we fixed them by reinstalling the web server, but now it just stopped, although it ran without problems for a week. Does anyone know what went wrong and how to fix it? The server is a Windows Server 2016 and the Apache Tomcat Webserver is Version 2.4.28 Thx & Bye Tom
  14. Servus Marcos, >No, there is no such option. Only malicious macros are sanitized. Okay, thanks for your attention... Bye Tom
  15. Servus Marcos, >1, Mail server products enable you to create a rule to remove attachments with documents containing a macro regardless whether it's malicious or not. We misunderstand each other. It makes a difference whether I remove an attachment completely or remove a macro from an attachment, then deliver the attachment without macro (if no other rule apply). Removing the whole attachment is not an option. With our former AV solution this option was called 'Delete all macros detected by advanced macro scan'. Thx & Bye Tom
  16. Servus Marcos, as I can see from the KB article [1], it doesn't seem to be possible to remove each macro from every Office document sent by e-mail, regardless of whether the macro is harmful or not, and still deliver the document afterwards, as long as no other rules apply? In our daily business it is not necessary to send office documents with macros and if we do, we have instructed the senders to pack these documents into a password protected zip file. We also stopped the automatic execution of macros via group policy, but with the strategy to remove macros in general, we have done quite well and had no false positives so far. >To improve protection from malware in documents, we strongly recommend purchasing ESET Dynamic Threat Defense (EDTD) which will enable ESET Mail Security to upload documents with macros and other suspicious attachments to ESET's cloud sandbox[...] I can't automatically upload documents to a cloud or sandbox without approving or reviewing the content for data protection reasons, it could be highly sensitive data of our management. This is not an option... [1] https://help.eset.com/emsx/7.0/en-US/idh_wizard_rule_action.html Thx & Bye Tom
  17. Hi Community, we are currently evaluating ESET as a replacement for our current Trend Micro virus scanner. With Trend Micro, we could search in Office documents for embedded makros in incoming emails and then remove those makros. In addition, a number of file types could be blocked in general, both in e-mails and in normal browser downloads. Is that also possible in ESET? Thx & Bye Pronto
  • Create New...