Leaderboard

Hello guys, thank you for your feedback. We will add Bitwarden to the list of whitelisted extensions that can be loaded in the protected browser. Regards, Tomas

The latest ESET's products (v13.2 and Endpoint 7.3) are compatible with Windows 10 21H1. There should be no difference in performance after upgrade to Windows 10 21H1.

Making the ransomware note undetected was already considered and pros substantially outweighted cons.

The product in question is correctly classified as PUA since they don't adhere to good practices.

Hi, You're almost there, just need to put a single word Bearer in front of the access token (separated by a space) When using swagger - after you receive an access token, you can Authorize by clicking Authorize button on the top with Bearer {{----token----}} written into text field Using API directly, your call should look like this curl -X GET "https://mspapi.eset.com/api/User/Current" -H "accept: application/json" -H "Authorization: Bearer eyJgbGciOiJSUzI1NiIsImtpZCI6ImU1WTdkMGJEUGtORmFDV094VWlBaUU5MDBDbyIsInR5cCI6IkpXVCIsIng1dCI6ImU1WTdkMGJEUGtORmFDV094VWlBaUU5MDBDbyJ9.eyJuYmYiOjE1OTg4NTk1NDUsImV4cCI6MTU5ODg1OTYwNSwiaXNzIjoiaHR0cHM6Ly9pZGVudGl0eS5lc2V0LmNvbSIsImF1ZCI6WyJodHRwczovL2lkZW50aXR5LmVzZXQuY29tL3Jlc291cmNlcyIsImVtYTJfYXBpIl0sImNsaWVudF9pZCI6IkVzZXQuRU1BLkFQSSIsInN1YiI6IjFjZmFkZTliLggiODUtNGU5Mi04Zjc0LTZhMTY4ZGEzYjdhNyIsImF1dGhfdGltZSI6MTU5ODg1OTU0NSwiaWRwIjoibG9jYWwiLCJzY29wZSI6WyJlbWEyX2FwaSIsIm9mZmxpbmVfYWNjZXNzIl0sImFtciI6WyJjdXN0b20iXX0.sG65OnNxQsstp5Su_Da-i9b25Q3SO_dU4va3IvdRU4m2s7jQ6zm6MqR_JV8d2E4B23HTKuwTl6XJvsVNMtL6KrggrJVmbPkgmR64XodNOtnrfnHtL_dPUy6cmbTMgjdeMGhUMZLKCauj60uK2nLyJbQKVU_VTj5E1eew0G4q3tIAnFtgNlJ3SHD_YAhNoet4Wu7b-dXLKlpFlmvjav1sXp-iSjUxDLS2rjcmNfMqRdW3C1lXL58daKZx3xGkoPSSMXAK7tPJEreFOepPeon-u5JuPqy5fIc1XJ7VDX60arqa7Ejq3z34tbj2vABJ6Qx3M7e1jRZF7v-7Bye0J-jSjVF" Thank you, Martin

Duplicate topic, we'll draw it to a close. The discussion can continue in the original topic.

You need to contact whomever you purchased the license from to straighten this out.

It's most likely Filecoder.STOP. Unfortunately this family of ransomware cannot be decrypted. Do you have C:\Users shared? Most likely the ransomware running on another machine in the network encrypted files in that share.

Please remove already blue micro-hints from EES. Very annoying. There is no option to disable them. Leave them for home users.

The ESET Knowledgebase YouTube Channel celebrates its 10-year anniversary today! https://www.youtube.com/user/ESETKnowledgebase/community Check out the infographic for our lifetime YouTube statistics for the channel. The ESET Knowledgebase channel includes step-by-step video tutorials demonstrating the key processes and features of our ESET products, from ESET NOD32 Antivirus and ESET Internet Security to business products like ESET Security Management Center. In addition, our channel is yet another way for our customers to reach us with feedback and questions. We make every effort to respond to support-related comments and yes, we do take video suggestions!

That's quite an inconvenient way to activate a Gamer Mode any time you start a game. Wouldn't it be better to activate it by a shortcut (`egui.exe --gamer-mode` for example) or by a configurable hotkey?

I looks like the problem is solved! A few minutes ago I suddenly was able to add successfully my license with my EBA credentials!

We are checking it with developers. Will keep you posted about our findings and resolution.

https://www.comparitech.com/blog/vpn-privacy/remote-access-vpn/

I've tried many AVs and kept moving in the past unhappy with them but once I switched to eset I've never looked back. Doesn't hog the system, good detection and good support

This is related to WPAD DNS activity: https://findproxyforurl.com/wpad-introduction/ Appears WPAD has a number of security risks with the recommendation it be permanently disabled if not using IE11 or Edge as your browser: https://auth0.com/blog/heads-up-https-is-not-enough-when-using-wpad/

The firewall logic has not changed over years. We assume that Teams has been updated and now works in the way that a connection is initialized by the server. In automatic mode, all outbound communication is allowed and all non-initiated inbound communication blocked, hence a rule for Teams may need to be created. It is beyond us to have a list of all 3rd party applications where the communication is initiated from outside and maintain the rules for them.

Hi Guys, A quick question are all of these machines that are affected domain joined machines? Also is anyone using wpad to configure a proxy on the machines connecting to the VPN? Regards,

Firewalls in general work with IP addresses, not with hostnames. Since IP addresses may change in time, I would not recommend creating firewall rules to restrict communication of the OS with Microsoft's servers.

No, it's server's syslog messages, like this: INFO: [karlisi] User sends gql request: qroups (192.168.0.111 #id=TASKS:id=CLIENT_TASK_DETAIL;u=48eef0ae-96d2-4bed-ad2b-b5094a07cfe2;p=2:id=TARGETS_TRIGGERS_TASK_WIZARD;tru=be984c29-a03d-4cfa-9e16-d1d713f437a9;tsu=48eef0ae-96d2-4bed-ad2b-b5094a07cfe2) This message is one of many which corresponds to this ESMC audit log entry: Modifying client trigger of type 'Scheduled Trigger' with description 'ASAP; Outdated, Not protected' for task 'AV update to latest'.

ESET Cloud Office Security (ECOS) is going to be released soon, please stay tuned.

That's because you are installing old versions with an old eelam.sys driver. Because of that, the product cannot update and load modules. Please always use the latest installers from the web or repository.

If you are using Eset's Home or office network protection mode, all your local network devices are Trusted. As such, there really is no reason to disable SSDP service since Eset will allow all that type network traffic.

That is exactly running the troubleshooter wizard. Sometimes I've seen stuff blocked but what Marcos is saying is if you've had no issues its best not to go in there and unblock anything. That area is designed so if you find your having problems with something not working you can go in there and see if anything if maybe being blocked and unblock it. You should be fine but it's hard to know exactly why something is being blocked. I did find at one point when using the public network setting in Eset a lot of stuff was blocked in the network troubleshooter that wasn't when switched to home but some do recommend using public. The link below explains how to check and change this setting https://support.eset.com/en/kb3754-change-network-connection-firewall-setting-in-eset-windows-home-products As for the browser control part unsure about this. If it happens again see if you can get a screenshot of the actual message

The user is asked for an action upon detection. While the best would be to detect and log the detection with no cleaning or promting at all, such behavior is not supported. Adding detection without cleaning just for the sake of ransomware notes would be quite expensive in terms of resources.

Any file that is cleaned is also quarantined so that users can restore it if necessary. Moreover, ransomware notes are not cleaned automatically in default cleaning mode.

The license is for ESET Internet Security which entitles users to update also ESET NOD32 Antivirus for Linux desktop. However, we do not sell EAV for Linux desktop licenses directly because of ending support.

That's correct. Limited support basically means that we guarantee module updates for existing versions but do not make any other changes or fixes to the program.

I will contact the conjars.org. Thank you for support.

Blocking bruteforce attacks is an under-the-hood feature that is a part of the network attack protection module and has been added recently through automatic module updates.

Please carry on as follows: - enable logging of blocked operations in the advanced HIPS setup - reproduce the issue - disable logging - collect logs with ESET Log Collector and upload the generated archive here.

Correct. We do not scan PST files with the on-demand scanner. However, with Outlook integration and scanning of read email enabled, any email message that is opened in Outlook will be scanned for possible threats.

Since you are in the official ESET forum, you can expect the only answer Honestly, you won't go wrong with ESET, just purchase ESET Internet Security or ESET Security Premium which provide additional features, such as RDP bruteforce blocking. ESSP also provides a password manager and disk encryption features.

Hello, Why Bitwarden is not whitelisted on secured browser to add as an extension? It is open-sourced password manager and highly recommended because it is open-sourced. In my opinion it is far superior than other password manager because it is open-sourced. So, is there any way to expedite this request to add Bitwarden on your whitelist? Thank you!

Hi mgn, The fact that the uninstall button is replaced by a deactivate button is normal and it is due to the app being registered as device administrator, so that it can monitor and manage some system settings, required to function properly and offer all the protection features. If, for some reason, the app is not on your home screen (this happens sometimes on Android, I have this experience with several apps), you can just add it there again from the list of all apps - find the app, long press on it and place it on the home screen. If you want to uninstall the app, you can tap on Deactivate, go through the deactivation process and then uninstall it.

Does temporarily pausing real-time protection, firewall or protocol filtering make a difference? Does the issue go away after temporarily uninstalling ESET and returns after installing 13.2.18 with default settings?

Protocol filtering is a crucial protection feature that enables web and email protection to work. If you re-enable it does the issue with viewing websites return?

Hello @Chanklish, the migration paths are described at https://help.eset.com/esmc_install/72/en-US/migration_same_version.html so follow the one applicable in you case. Peter

ESET license keys are not bind to version, but to a product / product tier better said. Usually the packs for the endpoints cover EFSW as well, but I would rather check it with your local sales team. EFSW is the product recommended for use on the terminal servers. When it comes to licensing, they are a special case as they should have a license covering the terminal sessions so again I would recommend to check this with your local sales team... Peter

Why would I pay extra when I have an easy and secure(open-sourced) option without paying extra money? Adding an extension is easier and cheaper than your recommendation! I already see some extensions are already approved by Eset.

IKTR, but the thing is when I asked/posted this here, there was no changelog listed available in the advance download page for this latest v13.2.18.0, the last changelog that was available on that time was for the earlier version 13.2.16.0. Orelse, I wouln't asked /posted here. Thanks anyway.

Getting rid of the legacy v4 products is a must. These products are not compatible with modern operating systems and provide substantially weaker protection against malware. 1. A valid license entitles you to download, activate and update any version of the product that you've purchased. We strongly recommend to use the latest version because it addresses issues known from older versions and often bring other improvements, such as new protection features, performance improvements, etc. On a file server you should install the latest ESET File Security v7.1. On clients ESET Endpoint Antivirus 7.3.2039. A correct procedure for upgrading v4 to v7 is as follows: - uninstall v4 - reboot the server - install the latest version of the security product. Upgrades of v7 to newer versions are easier and you can install v7 on top of an older v7. Also we are going to make program updates available to business products most likely later this year. 2. The successor of ESET Endpoint Antivirus 4 BE is ESET Endpoint Antivirus v5 which is now obsolete as well. For file servers we had ESET File Security v4. 3. ESET NOD32 Antivirus 4 Business Edition is at the same category with ESET Endpoint Antivirus. In order to use ESET Endpoint Security which contains also a firewall and antispam you'd need to have a license for that product (it's possible to upgrade EEA licenses to EES). 4, There are no specific requirements for the server except those listed at https://help.eset.com/efsw/7.1/en-US/system_requirements.html. Also I'd like to bring ESET Dynamic Threat Defense into your attention which is an extension of our security products. It provides cloud-based analysis of files to ensure instant response to new threats within your organization and substantially improves protection from ransowmare and other malware.

The stats are counted since ESET was installed or since the counters were reset.

Correct. You can install it on top to preserve current settings. We believe that manual or automatic product updates should be eventually possible as of ESMC 7.3 later this year. It will work the way that the program will download an update (e.g. you will manually check for a new program version), you select to install the update and the update will be installed after the next server reboot. Future versions should be able to install program updates instantly and without requiring a reboot even if drivers are updated.

Unfortunately we have not seen that message yet. If you are experiencing issues, such as with viewing websites, please open a ticket with your local ESET support for further investigation.

A lot of people coming here to this thread - just to see posts about version for big sur. We are waiting

i received a reply now CASE:64149

The license has been cancelled recently. Please contact the seller (ESET LLC) for more details. The license was registered to a user with an Arabic name.

Please drop me a private message with the email address that you used for registration at my.eset.com. In the future, please make sure to: - use a stronger password that is not easy to guess - do not make your browser remember your login - avoid logging in on public machines where keyloggers could be installed.

Description: Checkbox 'Automaticlly Reboot when needed' default set to disabled. / off. Detail: Currently we are executing tasks with no need for a reboot and sometimes we do. But since we also execute tasks on our servers, leaving the default setting 'checked' being quite dangerous. See attatchment. This is the checkbox we would like to be disabled on default.