Jump to content

Leaderboard


Popular Content

Showing content with the most kudos since 04/12/2018 in all areas

  1. 3 points
    We've reverted the Cryptographic support module to the previous version while the issue is being investigated and a solution prepared. You should now have version 1028.2 of the module which didn't cause the issue.
  2. 3 points
    filips

    EFS 7.0.12014.0 - MSSQL ERROR

    Hi, as marcos noted this error is logged when automatic exclusions for Microsoft SQL server are enabled. Automatic exclusions for Microsoft SQL server are using ADO API to read information from "sys.master_files" table to get list of files to exclude from scanning. The ADO API obviously loads a DLL that is not signed. As a workaround, automatic exclusions for Microsoft SQL server can be disabled.
  3. 3 points
    Actually advanced users love the ability to customize numerous settings. Common users don't need to go to the advanced setup at all since ESET products provide well-balanced protection out of the box.
  4. 3 points
    @AStevens.SHG Hello, Concerning the more options in the reports, some of the changes are going to be introduced, but not all of them. However, we are planning a bigger redesign for the future version, which might make it simpler. Other requests are tracked in the feature backlog (authentication screen changes, AD sync changes, and export of data from "computers screen") and I believe that some of them will be done in the future versions (not in the 7.0, but into the future releases). I can´t comment now about details, as we are still scoping, and setting up the road-map plans. But your votes will be added to already tracked backlog items.
  5. 3 points
    Hello, thank you for the feedback. I have positive news for you - we are continuously improving the ways how reports are built & are adding further filtering options in the soon to be released version. So the filter by action is added in the upcoming version & you are also able to filter out some entries from the "installed applications" report, by choosing condition "is not one of" (screenshots attached).
  6. 2 points
    MichalJ

    ECA - Can we create dynamic groups?

    Thank you for the idea. I agree, it might be beneficial. I will discuss it with relevant people.
  7. 2 points
    itman

    Am I having too many Edge connections?

    I never attempted to block Cortana using Eset HIPS. I use O&O ShutUp 10 to "harness" its activities.
  8. 2 points
    Background For some time, there have been forum postings regarding Eset's scoring in this test series. This has resulted in long and oftentimes mindless discussions on this issue. I am sure Eset has better use for its forum disk space. Solution Microsoft a while back adopted the use of published AV lab "transparency" reports to respond to its scoring in select AV lab tests. Their reports reflect typical Microsoft verbose detailing as only a concern with the resources it has to allocate to such an undertaking. Here's an example of a transparency report: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE27O5A?ocid=cx-docs-avreports . I think it would be sufficient that Eset's report simply state the samples missed along with a brief explanation as to the cause for non-detection and corrective action implemented. Of course, there should be verbiage provided if Eset disputed the AV lab non-detection finding.
  9. 2 points
    BeanSlappers

    Refer a friend

    I got it now, I just rebooted my PC.
  10. 2 points
    saroot

    EFS 7.0.12014.0 - MSSQL ERROR

    Hi All, I am getting windows server 2016 event log error as "SQL Server Native Client 11.0: Unable to load sqlnclir11.rll due to either missing file or version mismatch. The application cannot continue." after update from ESET File Security 6 to 7. Environment as : Windows Server 2016 EFS 7.0.12014.0 MSSQL Server 2014 Any one have a solutions for this? Thanks.
  11. 2 points
    We have pinpointed a memory leak in the memory dumper. A fix is being reviewed and will be released through an automatic module update next week.
  12. 2 points
    Marcos

    Windows 7 vs Windows 10??

    Also don't forget about AMSI and protected services which were not available prior to Windows 8.1. With the help of AMSI script malware can be more efficiently detected. New script malware may be undetected on systems that don't support AMSI.
  13. 2 points
    Dear Linux community, We’ve been working on the new generation of our solution for Linux servers for quite a while. The hard work of the development and QA team was materialized into the first BETA version, which we would like to share with you. If you are interested in getting a copy and chance to get hands on experience with it, just leave a comment here or send me (@Peter Randziak) and @TomasP a private message. We are looking forward to your participation.
  14. 2 points
    Marcos

    PUP not handled

    Today we've released a fixed version of the Antivirus and antispyware module 1552.3 which addresses cleaning issues on Mac. Could you please check if PUAs are now cleaned properly?
  15. 2 points
    itman

    Eset To The Rescue Again!

    Some "free press" courtesy of bleepingcomputer.com: Windows 10 Apps Hit by Malicious Ads that Blockers Won't Stop https://www.bleepingcomputer.com/news/security/windows-10-apps-hit-by-malicious-ads-that-blockers-wont-stop/
  16. 2 points
    Marcos

    ESET keeps stealing focus from Firefox

    Thank you for reporting the issue and the video you've provided. We have eventually pinpointed the issue and a fix will be included in the next version of v12 products.
  17. 2 points
    Marcos

    Horizon - Endpoint Antivirus

    You should reply them that the memory dump from a crash has been already analyzed by an AV vendor and Microsoft and both confirmed a bug in a VMWare driver which is unrelated to the mentioned exclusions. We at ESET are willing to help them and provide details about the problem. You as a customer of VMWare could provide them with a memory dump for perusal.
  18. 2 points
    It is very simple. Use SetThreadExecutionState. See: link to Microsoft Windows Dev Center.
  19. 2 points
    Description: Prevent sleep during scan. Detail: Windows can put the computer to sleep before the scan is finished. That is very annoying. There should be an option to prevent that from happening. Oops, it's a coincidence that @zeromido asked someting similar here right above. Before I started typing, I first searched the forum for "scan prevent sleep".
  20. 2 points
    Thomas Stats

    Introduce yourself

    Hi there I am security expert and blogger. I am working in the IT area for over 10 years. All the gathered experience throughout the years I share with people at reviewedbypro.com. Its a cyber security website that helps people deal with various online threats by providing detailed and insightful reviews to those who are interested.
  21. 2 points
    Another nice feature for the firewall component that would help a lot with maintaining the firewall rules: Description: Firewall rules cleanup of unnecessary / invalid entries Detail: I've set my firewall filter setting to interactive mode, meaning that I can define for every program what the firewall should do. Over the time, you have entries in the firewall rule set about programs that are not existing on the computer anymore. A button for an automatic cleanup of those rules (delete all firewall rules that are pointing to applications that don't exist on the computer anymore) would make it easier to keep the firewall rule list tidy and it also benefits the administration of the rule set.
  22. 2 points
    It's not that big deal in my opinion @nonamelab, It's a way to bring more people to use ESET and in the same time giving the person who invited the other person who doesn't use ESET , a month of usage or more I don't remember exactly.
  23. 2 points
    Description: A "Reset to Default" option for different parts of the ERA. Detail: This one has mainly been discovered due to my own fault. There are many things that can be played with within ERA which is great, however I think there are some of us that might play a little too much and then get to a point where we've changed so much of something that it doesn't work or doesn't give you what you want. For areas such as reports and policies, it might be a good idea to have a button that you can click while editing that restores the default values. That way, if you play around too much and feel like you just want it back to how it was before, you have a reset button as a saviour.
  24. 2 points
    Hi, Enable parental control --> block the uncategorized website (for having robust web filtering)then open a website that has now category so Eset block it but you may want to allow this URL fast. It Would be good if Eset provides an option to unblock websites by password from the browser(or from the parental control log), not Eset parental control settings. its easier to manage, Also, Eset hips show the loaded drivers but it doesn't show the digital signature for them.I like to see the signature.
  25. 2 points
    Add option to realtime scanner to block obfuscated Powershell scripts. Option would be dependent upon Win 10 AMSI option enabled in the Eset GUI. Justification Microsoft added a like mitigation in the form of a Windows Defender Exploit Guard ASR mitigation effective with Win 10 1709. ASR mitigations are only effective if Windows Defender is enabled as the realtime scan engine. Further justification is Eset's failure to detect malware in highly obfuscated PowerShell script in a Malware Research Group ad hoc test: https://www.mrg-effitas.com/research/current-state-of-malicious-powershell-script-blocking/
  26. 2 points
    Add - Dark Mode on ESET Nod32 would be great.
  27. 2 points
    That's how it works in ESMC (ERA v7) which is currently in the phase of beta testing and will be released soon.
  28. 2 points
    Chris Todd

    Introduce yourself

    Greetings from Australia. My name is Chris, retired Electronics Engineer. I have been using ESET products for many years and am well satisfied with the protection they give me. I am a bit of a "tinkerer" and have 4 installations Windows 7-32, Windows 8-32 , Windows 10-32 and 64 on the one machine. being able to boot into an old version of Windows for recovery procedures has "saved my bacon" a few time when things went awry or got too scrambled in W10 which I use most of the time. An interesting fact about me ?? Nothing exciting ! I am a traveller, haveing visited over 70 countries on fact finding vacations. I am an AVID chatter using SKYPE and other forums with acquaintances in mainly sanish speaking countries.
  29. 2 points
    This will change as of ESMC (ERA v7) in the way that handled threats will be resolved automatically.
  30. 2 points
    Description: Individual firewall rule hit count. Detail: Similar to hardware firewalls, it would be nice to see a hit count, packets matched, kind of information per individual firewall rule in Endpoint protection, also for that information (similar to above requests) to be visible in ERA, and total of the hits across all clients with the same rule. So we can generate reports, this makes it easier to find rules no longer being used and can be removed safely.
  31. 2 points
    I have checked this with the developers, and we are going to change the behavior in V7. If you select "only computers", all of the computers under "DN" will be synced, not only direct parent ones. So it should behave according to your expectations. With regards to the "users", what is the usecase for you? For what do you use the? Do you manually create linking between users & devices, or use the user variables in policies for Endpoint or MDM?
  32. 2 points
    Hello, we will be rolling out this change by the means of a module update in the upcoming weeks.
  33. 2 points
    I would welcome the changes, as I currently enable strict cleaning to get similar results
  34. 2 points
    Speaking as someone who is hands-on IT management rather than a reseller or MSP: That is how I would expect it to behave and should. My endpoints are configured for strict cleaning so I have not dealt with this issue, however if end users were greeted with option dialogs during an av scan without any way for the admin to suppress I would be quite aggravated with the product.
  35. 1 point
    itman

    zip bombs with zip64 not detected

    It's detected now:
  36. 1 point
    Clicking "hw report" on the top of this topic will show you another topic with a similar question. If that is what you are after, then creating such report is not currently possible but we track it and possibly it will be implemented in one of future versions.
  37. 1 point
    camelia

    Select Scan Target

    Hello, Why do I have a target called "VM' ? AND is part of macOS Mojave the folder .HFS+ Private Directory Data? Thanks Came
  38. 1 point
    In each product forum there is a topic "Future changes..." towards the top where users can can post their suggestions, what they are missing in our products, etc. These are monitored and considered when deciding about the scope for newer versions. It seems you have already found it and posted there.
  39. 1 point
    sdnian

    Activation fail. ECP.20006

    Thanks for @MartinK and @Peter Randziak help. I have found a solution to resolve this issue. The Sophos Firewall have a function - Web Proxy, it works as transparent proxy mode by default, after I added a rule to bypass transparent proxy for ESMC host, the product activation works well.
  40. 1 point
    Hello, It's possible CloudFlare incorrectly caches some parts of configuration editor and returns out-of-date data causing this. Please create HAR log @PavelP mentioned it might help us determine whether issue is with CloudFlare or webconsole itself. Ideal would be to have tomcat access log paired with this log to determine which requests made it to server and which did not. Thanks.
  41. 1 point
    You must have an older v6.6 installed (6.6.0.0 – 6.6.2063 are affected) so upgrade to v7 will surely fix it and the notice will go away then.
  42. 1 point
    Marcos

    Cant fix Win32/Agent.TBV

    If you have a paid license for an ESET product, please provide logs collected with ESET Log Collector for a start.
  43. 1 point
    MartinK

    console cloud

    Any chance it resolved itself automatically after a time? We are currently experiencing issues with license synchronization, which is targeted by release that is rolling out this week.
  44. 1 point
    Marcos

    Certificate Question

    The countersignature method of time stamping allows for signatures to be verified even after the signing certificate has expired or been revoked. The time stamp allows the verifier to reliably know the time that the signature was affixed and thereby trust the signature if it was valid at that time. Therefore you can disregard the SHA1 and SHA256 signatures.
  45. 1 point
    itman

    Realtime module not functional

    Also McAfee has an article on how to reset the affected registry key back to IMAGE_STATE_COMPLETE. Note that by doing so is at your own risk since the IMAGE_STATE_UNDEPLOYABLE status indicates an unsuccessful OS deployment: https://service.mcafee.com/webcenter/portal/oracle/webcenter/page/scopedMD/s55728c97_466d_4ddb_952d_05484ea932c6/Page29.jspx?wc.contextURL=%2Fspaces%2Fcp&locale=en-US&articleId=TS102833&_afrLoop=1087443705220366&leftWidth=0%&showFooter=false&showHeader=false&rightWidth=0%&centerWidth=100%#!%40%40%3FshowFooter%3Dfalse%26locale%3Den-US%26_afrLoop%3D1087443705220366%26articleId%3DTS102833%26leftWidth%3D0%25%26showHeader%3Dfalse%26wc.contextURL%3D%2Fspaces%2Fcp%26rightWidth%3D0%25%26centerWidth%3D100%25%26_adf.ctrl-state%3Dugptswwfq_9 I suspect the OOBE issue that affects McAfee successful installation might also be affecting Eset successful installation/operation.
  46. 1 point
    pcguy

    Attempt to add root cert. Failed

    NOD32 was still uninstalled. I uninstalled Firefox Nightly and Firefox Beta via WIndows 10 Remove Apps option in Control center. I then rebooted I then installed Eset 12.1.34 and rebooted. Right off the bat the error regarding cert error showed up in the log files even before I was able to disable TLS. I disabled TLS rebooted. I started Procmon up and captured the events and then enabled TLS and like clockwork, the log showed the same CERT error. This all happened without any Firefox browser installed in WIndows10. I can not attach the logfiles here due to the size of the Procmon files. I have uploaded them elsewhere and can provide a link.
  47. 1 point
    TomFace

    Select Scan Target

    Yes there are some very smart folks on this Forum. Everyone brings something different to the table. I try to learn something new every time I visit (from folks like Marcos, Aryeh, foneil, itman, TomasP, SCR, cyberhash, Peter...among others).
  48. 1 point
    Description: Showing (or downloading) debug logs when tasks fail. Detail: Somewhat similar to my previous feature request, having the debug log generated during the task (akin to trace.log) and when it fails, there is a link to download the log file for that particular process. Rationale: It's to allow the Remote Administrator to figure out what is going on within the process without needing to go into the client's workstation.
  49. 1 point
    Siggi

    Introduce yourself

    Hi Folks, i´m Siggi. I am with Eset since 20 Years, maybe more. I have installed Eset at Work for about 300 Users. I am using Windows 10. Hope to test the Eset 7 beta the next time. Greetz Siggi
×
×
  • Create New...