Leaderboard

You are just angry at something that you can't change , all companies do the same , they release an update and then they give the change notes after a while , or go meet Microsoft , they won't tell you what changed. or say hello to Steam I don't represent ESET , and I don't work for them , but a delay of a bit or few hours after being posted in their download page and after that to their forum , it doesn't mean anything bad , they have posted it they didn't hide them , It's just a matter of a little bit of time delaying the upgrade so you can read the notes and after than initiate your upgrade or delay it for next version.

It's enabled for newly created and modified by default which is enough. Moreover, web access, email protection, startup scanner and idle-state scanner have it enabled by default too.

Hello, this option is already available in ESET Cloud Administrator console. Currently, as agents are updated via "Components upgrade task", which does not differentiate between agents, and other components of the ESMC infrastructure (server / webconsole) this option was disabled. However, in Cloud the server is fully hosted / maintained by ESET, so "one click agent updates" are possible. Please note, that for the future releases we work on "automatic agent upgrades", meaning agents would automatically upgrade themselves to the version compatible / matching with the server.

Simple answer here folks is Eset normal channel release updates are region specific. Select countries will see the release prior to other countries. It has always been this way.

ESMC is a complex mission-critical product and it's important for administrators that it runs reliably all the time. Upgrade should be performed after backing up the database and at the time when administrators can afford to solve possible issues should something go haywire during upgrade. Likewise administrators do not let server systems upgrade automatically and immediately after the OS maker releases updates not addressing critical vulnerabilities.

Got it, Turns out I had made the change already. My memory just isn't what it used to be. Getting old isn't fun at all, but it beats the alternative. Thanks to both of you for your help.

Hello, Our service provider is currently having issues with deliverability to certain email domains, yours included; they have raised an issue with their upstream email provider. In the meantime, we apologize for the inconvenience. Tomas

Since this forum is not a channel for disputing detections and url blocks. we'll draw this topic to a close. Only the security malware lab is entitled to make decisions about url blocks. In this case, the blocks appear to be ok. Aggressive or misleading ads are subject to detection as well.

I want to add to this that this also happened to me on two computers that I was testing the upgrade on where it immediately performed a scan after the upgrade was completed and promptly shut down the computers. The event log confirmed it was an ESET-initiated shutdown after a scan completion. This is the same as the others have reported, but not a scheduled task, and not on demand, but immediately after the upgrade. Being located 1700 miles away from the office, and during a pandemic where no one else is in the office on a regular basis, it took a full week to get someone in there to turn these computers on. Fortunately, they were computers that were not in use by anyone, so were perfect candidates for this upgrade. Of course, I can't risk updating any other computers to 7.3 until this is confirmed as resolved.

Mobile Security needs some kind of permissions for Anti-Phishing to work properly , have you enabled that?

This doesn't work! Any profile based scan auto scans registry and WMI. Doesn't bode well for anyone that has set up Eset scheduled scans, Only thing that appears to bypass the registry and WMI scanning is a Custom scan with of course, those options not selected.

It's possible to use the PASSWORD="%password%" parameter (https://help.eset.com/era/53/en-US/idh_ra_remoteinst_commandline.html) from the command-line.

I will also add that in-product updating is always a more secure update method that manual updating; contrary to popular belief. Manual updating opens one up to a phishing attack. A recent example is the WastedLocker ransomware that deployed a fake Google Chrome update request.

I guess the wording could be better and read "Consumed seats" and "Available seats" or something along that line. "Available devices" means that you can activate the license on 1 more device.

If you ran a custom scan, make sure that you didn't enable scan without cleaning:

As far as I know, it's a rule of thumb that vendors publish changelogs with the release which also happened this time. In the course of testing a new version, changes may not be final and may still occur to the final version.

Microsoft releases every month updates to the Office 365 suite and posts changelog here: https://docs.microsoft.com/en-us/officeupdates/update-history-microsoft365-apps-by-date It does SEVERAL hours after the updates are available. You can check next week (patch tuesday). Many other Software vendors do the same. Please calm down and move on.

If you don't need to control access to removable devices, keep Device control disabled.

Since figuring out the root cause of the issue will require further troubleshooting and also more information will be required, I would strongly recommend opening a ticket with your local ESET support to ensure that the case is tracked and dealt with properly.

First, just what is KMS-R@1n.exe? https://www.quora.com/What-is-KMS-R-1n-exe-Does-it-affect-my-computer?share=1 If you are using a "cracked"; i.e. illegal version, of the Windows OS or any other legit Microsoft software, removal of KMS components will cause all licenses associated with them to become invalid. If all your software licenses are legit paid ones from the software manufacturer, then there is no reason for KMS associated components to remain on your PC. This situation is also a classic example of why Eset does not enable the potentially unwanted software option by default. Eset's stance to date is they are not the "software license police." The previous said, using of cracked software these days is a risky undertaking since the crack installers are increasing being used to push malware on installed devices.

Maybe it has something to do with the license you've used for activation. We do not sell to Iran. What is the public ID of the license you've used?

The issue is with adding drivers to the driver store: Error 0xe0000242: The publisher of an Authenticode(tm) signed catalog has not yet been established as trusted. Try installing this update: https://support.microsoft.com/en-ie/help/3004394/support-for-urgent-trusted-root-updates-for-windows-root-certificate-p Also read https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/dn265983(v=ws.11)?redirectedfrom=MSDN Last but not least I'd recommend installing the latest v7.3.2036 instead of v7.1.

For 6000 clients I would recommend using a dedicated server running the http proxy, especially if you would like to extend your license and take advantage of ESET Dynamic Threat Defense to substantially improve protection of your endpoints against ransomware and other malware.

1, Automatic program update will be supported. While the differential so-called uPCU update has been implemented in our security products for a long time, ESMC is not prepared for it 100% yet. It is one of our top priorities to have this in the next version of ESMC also with regard to Windows 10 21H1 update which will require Endpoint 7.3 or newer. 2, Sending a software install task to clients and getting Endpoint updated shouldn't take long as long as you use a http proxy to cache updates and installers. What could happen is that you didn't use an http proxy and you sent a software install task to many clients at once. Then agent on each client started to download installers which congested your Internet bandwidth. 3, Http proxy generally helps with caching update files and installers. It helps save traffic when you send a software install task, when clients download updates and will also help minimize the traffic when we will release a uPCU program updates in the future as well.

The issue has been fixed. A new Banking and payment protection module 1190 with the fix is now available on pre-release update servers.

Hello. I never use the pre-release channel yet I got the new version late this morning UK time.

Hello @Cp3p0, thank you for your feedback. I have forwarded it to the responsible product managers and UX experts. All of the issues you have highlighted are not user-errors, and we plan to address them in the future releases of EMA 2 (especially option to automatically hide suspended sites, de-provisioning of customers (incl. replication of such changes into ESMC) and adding settings with the option for auto deactivation. We do not however plan to allow retroactive creation of a trial license per customer where full license was already present due to the potential of license misuse. However I do agree that the noisy records of cancelled license should be hidden / removed. That is AFAIK planned as well as some other improvements in the user behavior.

This may happen if the previous version was not uninstalled properly and there are some leftovers in the registry. Try running the Uninstall tool in safe mode first: https://support.eset.com/en/kb2289-uninstall-eset-manually-using-the-eset-uninstaller-tool

https://www.eset.com/us/about/contact/

There has been a few changes implemented in DNS servers that should possibly help with this case, as problematic data center should be used only as a fallback for connections from Germany.

Please use "MS SQL Server" db instead of "MS SQL Server via Windows authentication".

Yep, but the option is and has been there in the policy settings since I've been selling ESET (circa v6). If the option doesn't work it shouldn't be there, but it really is an option that we need. Every other vendor has had automatic program updates for aeons.

Hi @Cameron. Yes, you can easily setup a new ESMC server, deploy couple of endpoints. If you activate those endpoints, they will add to the total of your license, meaning if you for example have 100 licenses, and 95 are used on the "current ESMC", then you have 5 seats to use on the new ESMC instance.

Yes. Anti-Phishing is merely an extension of the standard url blacklist.

Tobil has an article about excessive CPU use caused by AV scanners here: https://help.tobii.com/hc/en-us/articles/115004039965-High-CPU-usage . Since the article is 3 years old, it is not a new issue. It appears the present Eset real-time performance exclusion might be be the best current mitigation until Eset can research the issue and find a fix. You might want to open a technical support request to Eset so the issue is documented. I also noticed in the VirusTotal analysis that this is a .Net app and a lot of downloading occurs from it. Suspect the scanning of these downloads is why CPU acitvity spikes.

Do you have Eset Gamer mode enabled in Computer protection section? Another possibility is Eset Webcam protection in the same section. Eset might be somehow treating this eye interaction device as a webcam.

If you purchased the license from an authorized distributor the license must be legitimate and work. Please provide your public license ID or drop me a personal message with the license key enclosed.

License sharing is possible via my.eset.com but only for Windows consumer products.

All's well that ends well Since you are new to ESET, I would also like to inform you about our offerings that you might be interested in. For small business and enterprise customers we offer additional cloud protection ESET Dynamic Threat Defense. In a nutshell, this is an extra paid service that enables ESET Security products to detect new, never-yet-seen threats by uploading files potentially carrying malware to the ESET EDTD cloud where we utilize 3 different machine learning models to evaluate the submitted file. Afterwards the sample is run through a full sandbox which simulates user behavior to trick anti-evasive techniques. Finally all clients within your organization receive information about the result of analysis, typically within 5 minutes since the file was submitted. Mail server products utilizing EDTD defer delivery of email until the result of analysis is received. You can also configure ESET to temporarily block files downloaded from the Internet or received by email until results of analysis are received. EDTD is also an additional protection layer against ransomware besides the Ransomware shield that is included in our security products by default. EDTD doesn't require any additional software or hardware, just extension of the license if it's not already included in the pack. For more information, please read https://www.eset.com/int/business/dynamic-threat-defense/. For enterprise users we offer ESET Enterprise Inspector which enables granular visibility and identification of anomalous behavior and breaches in your network, risk assessment, incident response, investigation and effective remediation. For more information, please read https://www.eset.com/int/business/enterprise-inspector/ Besides that we also offer products such as Full Disk Encryption, ESET Secure Authentication or EEI-related services ESET Threat Monitoring and ESET Threat Hunting. If you have any questions, don't hesitate to ask.

I use Ubuntu 20.04 LTS + MySQL 8.0.20 + ODBC from recommended link https://dev.mysql.com/downloads/connector/odbc/5.2.html - but after selecting Ubuntu Linux 20.04 there is only one version - mysql-connector-odbc_8.0.20-1ubuntu20.04_amd64.deb In april I've upgraded Ubuntu from 18.04 LTS to 20.04 LTS. Works perfectly with EMCS 7.1.503.0. Couple days ago I wanted to upgrade EMCS to 7.2.2233.0 via WebConsole. But upgrade was not sucessfull. From logs I read that I have no SUPER right for DB user. I've given this right but EMCS just not worked. I can't repeat update via WebConsole. I downloaded EMCS installer from Web, but instalation failed - with error sth like "corupted DB". I deleted DB and restored from backup and once again - run installer. Instalation was successfull, but EMCS service failed. Port 2222 was not open, few seconds after start eraserver - server crashed. After many different tries, I wrote to polish Eset support (Dagma). I've got simple answer (without any log analysis) - something like "you use unsupported Ubuntu version. Try on supported version and contact us if it will not work". Today I do clean install EMCS (without certs create). Install was successfull but... EMCS stil crashes few seconds after start. I can send you full logs and crashdumps, but I prefer not to publish logs on public forum. Sorry for my English. Regards deg EDIT: Oups! I have deleted some earlier logs (before clean install), but I send these logs to polish Eset support - ticket number #0675574.

Usually these software aren't recommended by Microsoft , as they tend to touch the registry and sometimes they could break off things Automatic Maintenance in Windows does probably just the same , as still you have the Disk Cleanup which changed to another name by Microsoft recently. Then CCleaner when moved to Avast if I am not mistaken , they were hacked , yea it happens to all , but still I just dropped the application at all.

Never heard of it, but ccleaner is free and probably does as much as this paid application.

Hi guys. I did not found similar topic, if exists - please link to them. Thanks. ISSUE ESET blocking installing external device driver setup Creative Sound Blaster in Windows 10 and system forcing using legacy generic driver here. This issue meaning that application Sound Blaster for management audio devices did not find device (missing properitary driver from Creative Labs). Bug error showing: `Operation Requires Interactive Windows Station (Code 28) Error` And thats it. WORKAROUND Remove from system ESET product completly. Reboot. Install Creative driver software and reboot for properly setup. Driver will be installed fine. Install ESET product again. My setup: ESET IS lastest. Windows 10 build 20H1 10.0.19041.329

Indeed only DER format is supported for both import and export of CA certificates. We will have to check whether it is clearly communicated.

Not really. Ransomware typically removes itself after it has finished encryption. It's the ransomware note which contains information necessary to obtain a decryptor for ransom.

The default setting for the Win Update service in Win 10 1909 and I assume 2004, is manual(triggered). In other words, the OS starts the service as needed and then terminates when Win Updating completes. The service is set this way on my Win 10 1909 build and I have had no issues with Win Updating with EIS 13.1.21 installed. My opinion is for anyone having issues with Win Updates, the issue is not with Eset SSL/TLS protocol scanning but rather with the Win Update feature itself. Win Updating on all OS versions is notoriously buggy and frequently becomes corrupted for various reasons.

If it's a pre-installed application, it cannot be removed, only disabled.

I think this is resolved in just-released ESMC 7.2 where it look like this:

This is not true. It makes good sense to have both static and dynamic groups and users use both a lot. Unlike static groups dynamic groups are evaluated by agent on clients. For instance, with static groups only, it would not be possible to change the membership and run specific tasks on clients if they were not reporting to ESMC (e.g. roaming clients) and an unhandled threat would be detected.