Leaderboard

One thing that I don't like about LiveGuard is that it seems to send every new file created on the device to LiveGuard upon execution. Even if it's an old, trusted and safe file. As you soon as I try to execute a new file that wasn't on my device before, ESET sends that to LiveGuard. Eg: If I just extract a newly downloaded 7zip installer from a zip file where the installer exe is trusted by literally every AV, as soon as I execute it, it gets blocked and submitted to LiveGuard for analysis. What's the point of this? A ESET's reputation check shows that the file is old with reputation status being Fine & green and the number of users is also high with a green mark. ESET should feed from this LiveGrid status and determine that the file is trusted, whitelisted and not necessary to submit it to LiveGuard for analysis. This alone would massively reduce the load on LiveGuard's server. This type of unnecessary submission needs to be avoided. Kaspersky and Norton makes use of their cloud reputation appropriately, which is something ESET is not doing here. The LiveGrid reputation should mean something. The LiveGrid and the LiveGuard combo should communicate with each other to determine what needs to be submitted and what not. Otherwise, LiveGuard servers are going to be bombarded with excessive unnecessary submission. Unnecessary submission is going to annoy even expert users.

I just checked U.S. prices for Eset. ESSP costs $10 more per year than EIS. As such and for me personally, the increased price is not a major factor. This important LiveGuard feature being included only for ESSP does "leave a bad taste in my mouth." For starters, Eset should have had LiveGuard capability in its consumer product versions long ago. Like feature capability has existed for some time in Eset competitor consumer products as you noted. This includes Microsoft Defender that doesn't cost anything. I also have no need for the extra features ESSP provides and feel upgrading to it for LiveGuard capability is shady marketing tactic. It also should be noted that EIS costs on the average, significantly more than its competitor's equivalent products. Bottom line to Eset - include LiveGuard in EIS or be prepared for a significant loss of your existing EIS product base.

Comments: 7). Will not renew my EIS subscription unless LiveGuard capability is provided in EIS to block and submit for cloud scanning all locally detected suspicious Eset detection's. That is all currently files being submitted to LiveGrid but allowed to run. 8). LiveGuard in ESSP currently does not include the ability to set detection confidence levels and receive a suspicious verdict based on those levels as exists in EDTD. This would also include a display of suspicious factors found. 9). HIPS file wildcard specification capability that I have asked for years.

Hello ESET Endpoint Security / Antivirus users, We are pleased to announce the availability of ESET Endpoint Security / Antivirus 9 BETA for public testing. The new generation of ESET Endpoint products for Windows brings new features and improvements, let us briefly describe the most visible ones. Auto-update – This feature improves the upgrade experience for administrators and makes keeping ESET products on latest version easier. It is enabled by default and works out of the box. Technology was present in Windows Endpoint version already 8.0, EULA approval was replaced with EULA notifications. Brute-force attack protection - Evolution of reputation and blacklist-based password-guessing defense technology, providing further protection for RDP and SMB protocols in business networks. Official ARM64 support for both EES and EEA for Windows on ARM ( Secure Browser, Machine learning protection and Deep behavioral inspection features are not available for ARM64 platform in this version) The new features mentioned are not manageable by ESET PROTECT management console as of now. Please check also the list of Known issues for the first public BETA build, we believe the severity of those is very low so they should not affect your user experience much Device Control: Printing task stays in printing queue when printer is blocked Audit logs contain strings "FeatureId", "OldState", "NewState" Web control: Warn action does not work properly for some websites Secure Browser: Ask me option available for websites in list Secure Browser: Some websites are not loaded correctly in secured browser instance Device Control: Some bluetooth devices are not listed in Populate of Device control The ESET Endpoint Security 9 BETA and ESET Endpoint Antivirus 9 BETA builds are available for download at https://forum.eset.com/files/category/4-ees-eea-9-beta/ Both .msi and .exe installers are available and the ARM64 version for Windows on ARM too. We are looking forward to hearing your feedback and experience with the 9th generation of ESET Endpoint products. For your questions and issue reports, please use this forum directly. As usually the build is in BETA quality so by downloading and using it, you agree with our BETA program agreement, which is available at https://forum.eset.com/files/file/31-eset-beta-program-agreement/ After a week or so of BETA testing, please fill out this short survey for us https://survey.eset.com/index.php?r=survey/index&sid=798153&lang=en so we can evaluate the BETA program and make our offering even better for you. Thank you in advance. Peter Randziak on behalf of teams involved

I hate when things are changed for the sake of change. I like that ESET maintains the same interface throughout multiple versions and yearly updates. Antivirus isn't like an ide that you maybe staring at for a while. It should sit in the background and rarely be interacted with. Last thing anyone should want to do is waste 10 minutes looking for a setting because the interface has been updated.

ESET is a vendor of antivirus software and as such should have a consistent interface with only minor changes over the time to avoid confusion by users after upgrading to newer versions. Moreover, users should not keep the AV's gui open often, watching it for a long time so adding visual effects does not matter unlike in the case of operating system for instance which must attract home users. Last but not least, I'd like to remind that this topic is intended for posting suggestions. It's not for lengthy discussions which would spoil it. If you have a comment or want to discuss something, please create a new topic.

I wonder what you guys meaning of all of this, LiveGuard was introduced probably because there was need for 0-day protection and also Smart Security lacked something special that differs it from Internet Security The complaint here is that LiveGuard does take 1-10 minutes inorder to process what has been sent to Cloud and with that time it's blocked till it gets approved by ESET, even also as been reported that Signed files are even reported and uploaded, Let's not forget that before a while there was an article about Microsoft signing drivers which in the end was a malware LiveGuard is a kind of sandbox analysis server that is available for Smart Security products, which is normal thing for a sandbox to take time to process and analyze and send back information, there was a complaint before that LiveGrid doesn't block/prevent because it didn't have an update for a kind of file/threat , now that what LiveGuard is doing , it's blocking a file that it never seen before , which what people requested in order to prevent never seen before Ransomware files For sure a new feature , it would contain bugs and need to be fixed and optimized more and so the servers are , even if one will go and have EDTD and one endpoint for it , it would take the same amount of time for analysis And probably LiveGuard is powered by EDTD so would be same same. LiveGuard is very nice addition by ESET , it can be fixed and optimized more for sure and I believe by the time passes it's database will be bigger and better, it's still the first public version for it , but for the question to use it or not , well Internet Security is still there if answer is not.

The user must choose whether to enable or disable the LG feedback system. We cannot enable it automatically for legal reasons:

This is similar to Avast's (and AVG) CyberCapture feature, which is available even in the free version. The difference is that cybercapture is dependent on the Mark of the Web similar to Microsoft's Block at First Sight feature, while it seems with ESET it's for every file that is not known to ESET. So this is a nice feature and a good addition. But I can't really justify the decision to not include it in the Internet Security version. ESSP is ridiculously expensive. LiveGuard should've been made available to both EIS and ESSP.

I will add to what marcos has put above by adding over the years, new features have been introduced e.g. ransomware protection, network device monitoring and just with the new version 15, ransomware shield. I have seen other AVs in the past change their UI each year and sometimes it felt like a way to hide there wasn't much new. While I always like to try new versions and see changes, changing the UI just because makes no sense. If it is for making things easier then fine but just to change the look could cause more issues. I'd much rather see Eset add more features over changing the interface

Whitelisted are basically files signed by known trusted certificates, e.g. by Microsoft. Samples submitted to LiveGuard are separated from samples submitted by LiveGrid. In case of LiveGuard they are submitted to a safe environment where even access by ESET staff is very limited. This is because users can also choose to submit suspicious documents and it would not be safe if a broad group of ESET staff could access them. If a file submitted to LiveGuard turns out to be malicious, the result is shared with LiveGrid users. Other than that, nothing is shared. The fact that a file is old and more users have got it does not mean that it's 100% safe. Therefore only whitelisted files are not submitted. EDTD submits a lot of more files than LiveGuard and the systems can manage processing that load.

Yes it can be managed by the ESET PROTECT (cloud), just the new features are not yet manageable. Yes the agent needs to be installed the same way as with GA version. Yes, it is enough to install the BETA version to test it. As mentioned above, it can be managed by the ESET PROTECT cloud, but only the features available in previous generation are available to be configured and managed as of now. The ESET Insiders program is an invitation only program, join requests are being evaluated case by case. You can drop me a personal message to find out more... Peter

Let's "cut to the chase" in regards to Eset's cloud scanning. As shown in the diagram in this article: https://help.eset.com/edtd/en-US/overview.html , Eset is using Microsoft's Azure AI servers. Microsoft will gladly allow anyone who so desires use of those servers. Obviously, this use is not for free. The question however is just how expensive is their use? There is a low budget developer who markets a security product add-on named VoodooShield: https://voodooshield.com/ which is popular with participants of the security forums; e.g. wilderssecurity.com. This product also uses the Azure AI servers. There is both a free and a paid version of this product. As far as I am aware of, both the free and paid versions use the Azure AI cloud servers.

Description : Improve ESET update server capacities. Detail: Last week some connections to (some?) ESET update servers were abysmally slow, as in downloading at 0.01-0.1 mb/s while my internet line offers close to 13 mb/s. As a consequence download single update files took a *very* long time. According to e-mail support some major ESET module update caused high spikes, so the server/connectivity infrastructure should be improved to handle these spikes much better.

What is meant by "whitelisted" files in this context? I noticed that out of the 456 .exe files contained in the WSSC GUI (Nirsoft, Sysinternals) only those 5 are re-read after reboot that qualify as "potentially unsafe applications" (regardless of the respective settings and exceptions). All none exe files on my system seem to be re-read by ESET after each reboot, regardless of module updates. This includes all TTF (font) files, but also things like loading thousands of Lua addons files, hundreds of Toc files, dozends og TGA and font files when World of Warcraft is started for the first time after a reboot, plus NVidia and Battle.net client cache files. I assume that most of these files are only re-hashed instead of rescanned (analyzed)? But it's still re-reading of files that were already scanned when the PC was last turned on (or just before reboot a few minutes ago).

I understand the spinning platter situation, but modern systems don't use HDDs for system drives anymore. And even then, scanning network shares on my HDD based NAS is faster when done by multi-threaded AV products. All of my own and my customers' computers use SSDs for years already. Defender peaks at over 2500 mb/s during on-demand scans running 24 threads/files in parallel, meanwhile ESET is chugging along one file at a time. This should be brought up to more modern standards rather sooner than later. Furthermore large compressed archive files should be handled by multiple threads, too, especially for the uncompression part of the operation.

We are testing Windows 11 and EEE/EFDE currently. So far there are no major problems at all. Upgrades from Windows 10 while encrypted work just like any other Windows 10 Feature Update. It’s seamless when performed through the Windows Update setting. In the event where you need to use the Win 11 ISO to perform the upgrade, then our updater utility works too.

Good advice. I am tired of wasting my time in this forum reporting Eset problems that ultimately get dismissed.

When using the auto update feature, the upgrade is first applied at reboot, so it will continue to be fully protected by the old version until you eventually reboot the device which is then upgraded

Hello @Joshi - I will be interested in hearing more about the particular deployments of this product in your / your customers environment. For what they were using it? What kind of mail servers they have been using? We are discussing internally a potential successor, but no decision has been made yet. Your insights might be very helpful. You can message me directly over here, if you do not want to disclose details publicly.

Native support is planned for Endpoint v7, ie. it won't be available sooner than some time next year. In the mean time, the current version of Endpoint for Mac works on M1-powered systems via Rosetta 2 emulation just fine.

For anyone interested in trying ESET Home products for ARM64 platform, we have good news to share. ESET NOD32 Antivirus natively running on ARM64 is available for BETA testing, you can sign up just by replying here, or by sending me (@Peter Randziak) or @TomasP a private message. BETA licenses free of charge are available for this test. We are looking forward to your feedback, Peter on behalf of the teams involved P.S.: ESET Endpoint products should be available within a few weeks.

Trying to update from 14.2.24.0 to 15.0.16.0. From the home tab I've hit Accept & Update for the new license agreement, once I hit that I get and Elevated ESET client prompt, I hit yes on that window and it takes me to the update tab. From there I hit Update product now(because it isint updating at this point). That takes me to another Elevated ESET promt, which again brings me back to the update tab and does nothing... Please Alpha and beta test your software before unleashing it on the public, unless you want to pay us for testing... thanks

Thank you, Gonzalo

Reinstalling Eset Fixed my firefox issues - Thnx

Hello, it´s possible that your instance has not yet been upgraded to the latest version (upgrades are pending now as we speak). In that case, you can find this "ESET Solutions" tab within "preview features", which is located in the "quick links" menu in the top bar of ESET PROTECT Cloud Instance.

Unfortunately we were unable to reproduce this issue; it was not discovered during beta and pre-release QA testing and we haven't received any reports of an issue like that either. Therefore we'd recommend uninstalling v14 and installing v15 from scratch after a reboot.

I have contacted the channel manager for the APAC region regarding this. Upgrading your EIS license to ESSP should be possible. Either the distributor will contact you or I will keep you updated if the distributor writes me.

Is there a way I can roll ESET back to v14, which worked perfectly, and then block ESET from updating to v15 until a fix is implemented?

You would need to upgrade to ESET Smart Security Premium for a small amount of fee. If you want to trial ESSP, temporarily uninstall EIS, then install ESSP and activate a trial license. If you then decide to go back to EIS, uninstall ESSP, install EIS and activate it using your current license key.

Please switch to the pre-release update channel to download Direct Cloud Communication module 1122 which contains a logic for cases when DNS resolution is failing through all available name servers like in your case when CloudFlare name servers were used. Let us know if it resolves the issue for you. The module will be released for general public in a couple of days.

Hi @secured2k, Thank you for getting in touch, here is the KB that you requested regarding the ESET Windows Updater Utility: https://support.eset.com/en/kb7148-manually-install-windows-10-feature-updates-on-a-full-disk-encrypted-fde-system The error you are running into is due to the disk not being accessible during the update as it is Encrypted and Windows has not been told to use the Encryption Drivers in order to access the disk, this utility solves that problem by passing the required switches to allow Windows to use the Encryption Drivers and thus be able to access the disk. Thanks, Kieran

Totally agree with this point. Here for example, the price of ESSP is 44% more expensive than EIS. I personally don't really need extra features in ESSP, paying that much extra price for something i don't really need, sorry i didn't. Its even more ridiculous that the now added feature is actually available on a competitors free product.

Beta v15 was provided only to the members of the ESET Insider program. It will be released in a few days. Currently we have ESET Endpoint Security v9 available for beta testing.

That´s indeed a good question. My assumption is, that the product is functional, however older version of modules are loaded, meaning the highest level of protection, that will be achieved with newer modules is not ensured. As in some cases we bring new detection functionality along the way. But I will double check with the teams responsible.

It's basically whitelisted files, files signed by Microsoft, files not carrying malware, such as text files, etc. that are not submitted so any file that might be potentially malicious should be submitted. Below is a screenshot of what happens if you attempt to run a new malware extracted from an archive:

As far as I'm aware the pre release version contains fixes to issues and eset recommend people use it to see if it works and if there are any other issues. However eset don't recommend activating it on work computers in case of any issues

https://support.eset.com/en/kb3415-enable-pre-release-updates-in-eset-windows-home-products

Thanks @Peter Randziak

The way to stop this deceptive marketing practice is for Eset eStore to do as other web merchants do that I frequent. These web sites will ask you on initial purchase if they can save your credit card data. If you say no, by definition you are making a one-time purchase. This also makes the auto-pay issue a moot point since without credit card data retained, there is no way to perform an auto renewal. People need to petition Mastercard and Visa to make this a requirement for any web merchant that accepts their cards,

This will be due to the Let's Encrypt "DST Root CA X3 DST" certificate authority expiring on the 30th September. We have the same issue with 1 of our customers who use ESET Endpoint Security. None of our other customers have issues. Even though our certificate is valid ESET gives the same error and prevents access because one of the 2 paths has now expired. Seems to be that ESET doesn't check the new/current cert authority "ISRG Root X1" for the multi-path Let's Encrypt certs, or something like that. I am going to renew our certificates early to remove reference to the old cert authority to see if that fixes the issue.

ESET is likely being killed by the aggressive Xiaomi battery optimizer. Please see https://dontkillmyapp.com/xiaomi for instructions how to create an exception.

Hello Peter, I've sent you the logs as a Private Message Please check Thank you.

Just curious if someone could tell me what these numbers mean? Thanks!

And that's exactly our problem here Marcos, you never see reported problems, no matter how much you show them to them and that's why they are not useful here, as I already wrote to their superiors!

Hello @peteyt, the fix for the stuck notification has been committed so new builds should have it fixed. When it comes to e-mail notification in Slovak language it seems you submitted the ticket directly from the application and you have it activated with your Insider license (those are registered on ESET HQ, which is in Slovakia), thus you received the autoreply in Slovak language... Peter

Such shady auto renewal policies are unethical, and possibly illegal in some countries.

A little off-topic, but it's great to see you around @m4v3r1ck 🙂

Dear Team, I'm currently getting a revoke error banner while trying to access https://icrafss.worldagroforestry.org:8181/UserIdentity/index.xhtml Is this revoke carried out by ESET? The certificate is valid until 2022. Please advise on how to resolve this.

It means that you are attempting to activate the license in a different country than the one it was issued in. Please contact the seller to get it sorted or to get a refund and buy a license in the other country.