Jump to content

Leaderboard


Popular Content

Showing content with the most kudos since 03/03/2020 in Posts

  1. 3 points
    Marcos

    ESET Memories

    Cherishing memories
  2. 2 points
    https://www.bleepingcomputer.com/news/security/microsoft-leaks-info-on-wormable-windows-smbv3-cve-2020-0796-flaw/
  3. 2 points
    Peter Randziak

    ESET cloud Administrator

    Hello @Christoforos The team responsible was able to determine the root cause of the issue. Fix will be prepared, tested on test environment and deployed to production. Consoles has been restarted to resolve the issue until permanently fixed, so you should be able to access your ECA right now. We apologize for the inconvenience caused, Peter
  4. 2 points
    ESET has been protecting users worldwide for decades already and have always provided state-of-the-art protection. While it was always our digital worlds that ESET has been protecting, now with the epidemic of the SARS-CoV-2 coronavirus the need to protect also users themselves became inevitable. Besides supporting various scientific and charity events, we are now creating a fund to support effective diagnosis of SARS-CoV-2 coronavirus, giving 300,000 EUR to support the purchase of a diagnostic system capable of analyzing 4000 samples per day. By purchasing ESET's products you can be sure that you also support science and charity. Machine translation: https://translate.google.com/translate?sl=sk&tl=en&u=https%3A%2F%2Fwww.eset.com%2Fsk%2Fo-nas%2Fpress-centrum%2Feset-tlacove-spravy%2Fspolocnost-eset-vytvara-fond-na-podporu-ucinnej-diagnostiky-koronavirusu-sars-cov-2%2F Recognizing the seriousness of the SARS-CoV-2 coronavirus spread, ESET has decided to engage in the fight against the epidemic in Slovakia. The ESET Foundation has therefore set up a COVID-19 Effective Diagnosis and Prevention Fund, to which ESET will contribute EUR 300,000. The amount will be increased later if necessary. The aim of the newly established fund is to provide, in the first phase, the necessary equipment for improving the quality of diagnostics and introducing comprehensive testing in Slovakia. Since its inception, ESET has dedicated itself to the diagnosis of computer viruses and is symbolic to support the diagnosis of biological viruses in this situation. Even at such moments, the importance of science, which can make a significant contribution to solving the situation, has been shown. ESET Foundation supports science and research and is the organizer of the ESET Science Award. “We have set up a fund to support the effective diagnosis and prevention of coronavirus because we believe that only a systematic scientific approach will help us manage this epidemic. At the same time, it is essential that we think ahead today and take steps to relaunch the economy. General and systematic testing of the population will help in returning the employees to the work process and thus also help the Slovak economy, ” explains Richard Marko, CEO of ESET. Through the Fund, ESET will support the purchase of high-performance diagnostic equipment, the development of systems for more efficient online diagnostics, or contribute to the cost of operating or collecting and transporting samples. Public and private medical diagnostic institutions and laboratories operating in Slovakia that are authorized to diagnose this type or to take and transport SARS-CoV-2 related samples may receive financial support. These institutions can contact the ESET Foundation at nadacia[at]eset.sk . The expert guarantor in the evaluation of the use of the fund's resources is the recognized Slovak chemist Robert Mistrík. “After the first discussions, we are considering co-financing the purchase of the Roche cobas 8800 System, or co-financing its operation. This device is able to do real-time RT-PCR tests at lower unit cost and shorter time in automatic mode. It can evaluate up to 4,000 samples in a single day. We will look for a partner to operate this device. Of course, the fund will also be open to other solutions supporting its goal, ” concludes Robert Mistrík, the fund's expert guarantor. More information about the Fund for the Support of Effective Diagnosis and Prevention of COVID-19 can be found at www.nadaciaeset.sk .
  5. 2 points
    Nightowl

    ESET Memories

    Just some photos I found on the internet that can bring some good moments and make your white hair shine brighter. Hmmm , I used to love that GUI ! , so simple and basic but powerful.
  6. 2 points
    Marcos

    ESET Memories

    AMON is the former name of the real-time protection module. We still call it internally that way and also real-time protection driver in the latest v13 is called eamonm.sys.
  7. 1 point
    Marcos

    ESET Internet Security

    There was no need to update it. Rootkits are not very common nowadays like it was years ago. Plus detection is provided by protection features and update of the Rootkit detection and cleaning module is not needed to cover new rootkits.
  8. 1 point
    ASUSFAST

    ESET Internet Security

    Why is the Rootkit removal and cleanup module only updated until August 25, 2017?
  9. 1 point
    MartinK

    mapped domain security group -> no user sync

    Could you be please more specific? You have created mapping for AD security group but users from this group are not able to log in? Asking because it is not clear, as users won't be automatically shown until they first log-in into ESMC, nor they will be removed from ESMC once removed from AD.
  10. 1 point
    MartinK

    I hav centos 8 report problem

    Unfortunately I am not able to provide any official recommendation, but any chance you tried third-party repositories? For example this one seems to provide QtWebkit based on Ot4: https://centos.pkgs.org/8/getpagespeed-x86_64/qtwebkit-2.3.4-23.el8.x86_64.rpm.html
  11. 1 point
    Hello, I would not recommend using ODBC driver newer than 5.3.11. Other than incompatibilities later MySQL ODBC drivers/client library also switched to unconditional use of openssl instead of internal TLS implementation they used to have and in some cases this triggers startup clashes of openssl initialization where MDM requires some setup and MySQL actually uses different one causing runtime issues. HTH, M.
  12. 1 point
    Marcos

    Latest update BSOD.

    It's been said that the next v13.1 hotfix version will contain a fix. It's preliminary scheduled for April 2020.
  13. 1 point
    peteyt

    Automatic updates/scans and a weak laptop

    https://support.eset.com/en/kb2838-enabledisable-gamer-mode-in-eset-windows-home-products This article should explain how to enable it. You can also set it up to automatically enable if it detects a full screen app
  14. 1 point
    stackz

    Automatic updates/scans and a weak laptop

    Open the GUI and press Setup -> Computer protection -> Gamer mode
  15. 1 point
    peteyt

    Automatic updates/scans and a weak laptop

    There is a gamer mode you can enable when playing games
  16. 1 point
    itman

    Latest update BSOD.

    FYI in regards to anyone using Win 10 Insider builds: https://www.onmsft.com/news/kaspersky-declines-support-windows-insider-builds-windows-10 To the above, I add that just because Eset runs w/o issue on a Win 10 Insider build does not imply it is working properly. In other words, it is "user beware" in this regard.
  17. 1 point
    I assume it's http://cdn.watchguard.com/SoftwareCenter/Files/MUVPN_SSL/12_5_3/WG-MVPN-SSL_12_5_3.exe
  18. 1 point
    Marcos

    Offline Installer

    There are no special "refer-to-friend-code" installers as far as I know.
  19. 1 point
    peteyt

    ESET Memories

    I gather amon is just a part of eset? Interesting to see how the GUI and GUIs in general have changed over the years
  20. 1 point
    Then I'd recommend raising a support ticket with your customer care. It could be that the software utilizes Windows Filtering Platform and thus filters network traffic similarly to ESET which could be a problem. Further investigation by developers will be needed, hence a opening support ticket will be the best course of action.
  21. 1 point
    This is very nice of ESET Also for people who are interested to give their computer power to help solve the problem you can do this using Folding@Home , https://foldingathome.org/2020/03/15/coronavirus-what-were-doing-and-how-you-can-help-in-simple-terms/ But that will use most of the CPU and GPU if it's running on your computer , it will help scientists find a formula against the Corona. I hope it will be good and peaceful all over the world.
  22. 1 point
    Nightowl

    ESET Memories

    Oh this is very old! , I never had my hands on it , it would be awesome to have our hands on the installers again to make some fun with XP virtual machines , but I guess that is not possible But I miss those days , golden time. When you had to remove Norton because it's eating most of the 512MB of RAM and switching to ESET for it being light on the PC v2 Control Panel I found it :
  23. 1 point
    This is a great article on how to perform security forensics after a malware attack to determine the source MS Office entity responsible: https://www.bleepingcomputer.com/news/security/windows-registry-helps-find-malicious-docs-behind-infections/
  24. 1 point
    itman

    Blue Screen after uninstalling Nod32

    @Marcos if the problem is in the Registry as you seem to be indicating, how about restoring the registry from its backup? This article is for Win 10 but the author indicates it should work for Win 7: https://pureinfotech.com/restore-registry-backup-windows-10/ Further confirmed in this Microsoft TechNet discussion: -EDIT and Important- Ignore the Repair option given below. Repair on Win 7 is anything but straightforward as I recollect. The installation media version must match what ver. of Win 7 you have installed; e.g. SP2 media if Win 7 SP2 is installed.. https://social.technet.microsoft.com/Forums/windows/en-US/50c51ee9-f25a-4286-9c8c-657b1c6f9868/recovering-windows-7-registry-hivesfiles
  25. 1 point
    itman

    Blue Screen after uninstalling Nod32

    Seems to me this still could be useful. Load the HKLM registry hive and navigate to Services key per Microsoft linked article. Open it up and determine if the following Eset services entries exist; eamonm ehdrv ekbddflt ekrn ekrnEpfw epfw epfwwfp epfwlwf ? Then do a; cd C:\Windows\System32\drivers. Then enter, dir. Next for all the above Eset services present in the Services key, verify that a corresponding .sys file exists in C:\Windows\System32\drivers. At least this will show what Eset driver is missing from C:\Windows\System32\drivers if that is indeed the issue.
  26. 1 point
    Marcos

    Blue Screen after uninstalling Nod32

    I'm afraid this wouldn't work since it would not affect the upperfilter and lowerfilter values of other filters registered in a filter chain in the system which is what causes BSOD if edevmon.sys (or another filter with its driver) is missing on the disk or if the driver is corrupt.
  27. 1 point
    itman

    Blue Screen after uninstalling Nod32

    Wishfully thinking on my part as far the as the above is concerned. Regedit is all that can be used in Win 7 recovery environment and the applicable registry hive must be loaded. Then service settings modified accordingly. Procedure is detailed here: https://support.microsoft.com/en-us/help/927525/after-you-install-a-device-or-update-a-driver-for-a-device-windows-vis
  28. 1 point
    itman

    Blue Screen after uninstalling Nod32

    @Marcos post the regsvr32.exe command to unregister the service associated with edevmon.sys; believe that is edevmon. Then OP can run this from the command line option in Win 7 recovery environment. Hopefully Eset self-protections will not be in effect in recovery mode?
  29. 1 point
    itman

    Blue Screen after uninstalling Nod32

    Since you haven't been able to successfully boot that device, did you try the "Last known good configuration" option? Ref.: https://www.sevenforums.com/tutorials/666-advanced-boot-options.html If that doesn't work, did you try the "System Restore" option from the Win 7 Repair screen?
  30. 1 point
    itman

    Blue Screen after uninstalling Nod32

    Have you tried to perform a Win 7 Start Up Repair? Ref: https://www.technorms.com/33940/startup-repair-windows-7
  31. 1 point
    You can create a policy from firewall rules on a particular client as follows: 1, Open client details -> Configuration 2, Request configuration. 3, Click Convert to policy. 4, Edit the policy so that only the desired settings (fw rules) are selected to be applied. 5, Apply the policy on desired clients.
  32. 1 point
    Marcos

    emails from ESET

    It's a genuine email that you would receive for instance if your license was registered to a seller's email address and another user with the ESET license registered to the same email address was attempting to add it to the license manager. Please provide the public ID of your license so that I can check it out.
  33. 1 point
    itman

    PowerShell/Runner.G

    Just be careful about deleting stuff from the registry. Either back it up first, or export any keys being modified/deleted prior to any registry cleaning exercise.
  34. 1 point
    itman

    PowerShell/Runner.G

    Also checkout this reg key: HKCU:\Software\AppDataLow\Software\Microsoft\D4062752-23C4-26DB-4D48-07BAD1FC2B8E .This is what the PowerShell script was using. Have a feeling the "D4062752-23C4-26DB-4D48-07BAD1FC2B8E" sub-key has to go along with possibly the actual D4062752-23C4-26DB-4D48-07BAD1FC2B8E key itself.
  35. 1 point
    itman

    PowerShell/Runner.G

    I suspect what the malware did was a registry Import or equivalent to get around Eset's detection of the malicious code.
  36. 1 point
    itman

    Hips Configuration

    Actually, there are better ways to deliver script based malware. That is, convert the script to a .exe. Here's an article on how to do so for a PowerShell script: https://www.ilovefreesoftware.com/19/windows/powershell-to-exe-converter.html . This will also allow me to password protect my script code so Eset can't scan it via hueristics. I then phish the target into entering the password via e-mail etc.. Here's one for .bat scripts: https://www.addictivetips.com/windows-tips/convert-a-bat-script-to-an-exe-on-windows-10/ . Note this runs hidden. One for .vbs scripts: https://www.snapfiles.com/get/vbstoexe.html Finally and my favorite, one for Python scripts: https://ourcodeworld.com/articles/read/273/how-to-create-an-executable-exe-from-a-python-script-in-windows-using-pyinstaller . Note that Win AMSI does not scan Python scripts.
  37. 1 point
    Finally got this working, it looks like the issue was Microsoft blocking the SMTP AUTH as it was deemed "Risky". I had to log into Azure portal and manually mark it as safe, then after about an hour it started to work with Automatic authentication selected.
  38. 1 point
    Yes but it's as complex product as ESMC or even more and it's intended for Enterprise users which is also reflected in the price. Perhaps you'd better find another solution, e.g. to log access to all visited websites to find out which sites were accessed before the blocked ones.
  39. 1 point
    As it was already mentioned, the detection was a false positive and occurred mainly on Chrome urls. It didn't affect files on disks, only download from the web.
  40. 1 point
    Marcos

    Ambiguous notification preferences

    You can disable notifications for particular application that utilizes the webcam in the Device Control -> Webcam protection setup: As for the pop-up menu in alerts, while I understand that addition a caption "General notification settings" might clear things up for some users, it is not typical even for Windows itself to display additional descriptions there. You can, however, provide feedback or suggestions through your local ESET distributor.
  41. 1 point
    Where is the link " certain urls. "?
  42. 1 point
    Yeah just created an account to post, just started seeing the same thing out of nowhere, using EIS 13.0.24.0 with up to date modules it is still blocking certain links with the "URL/Urlik.AAO" detection, thought I had been infected on multiple machines with something and was going potty, below is the first 2 links that are being blocked: hxxp://r4---sn-aigl6ney.gvt1.com/edgedl/release2/chrome/AP1Corz6AzpUR-p1uwpDWl0_80.0.3987.132/80.0.3987.132_80.0.3987.122_chrome_updater.exe?mip=77.100.17.60&mvi=3&pl=24&shardbypass=yes&redirect_counter=1&rm=sn-8pgbpohxqp5-aigd7d&req_id=574377b647eefd0b&cms_redirect=yes&mm=42&mn=sn-aigl6ney&ms=onc&mt=1583279316&mv=u hxxp://r8---sn-8pgbpohxqp5-aig6.gvt1.com/edgedl/release2/chrome/Sg5vtxmsQ3DVgkY4fTNppQ_80.0.3987.122/80.0.3987.122_chrome_installer.exe?cms_redirect=yes&mip=77.100.17.60&mm=28&mn=sn-8pgbpohxqp5-aig6&ms=nvh&mt=1583279638&mv=u&mvi=7&pl=24&shardbypass=yes First detection contents(I had Chrome open in a Windows VM hence the "vmnat.exe": <?xml version="1.0" encoding="utf-8" ?> <ESET> <LOG> <RECORD> <COLUMN NAME="Time">03/03/2020 23:51:12</COLUMN> <COLUMN NAME="Scanner">HTTP filter</COLUMN> <COLUMN NAME="Object type">file</COLUMN> <COLUMN NAME="Object">hxxp://r4---sn-aigl6ney.gvt1.com/edgedl/release2/chrome/AP1Corz6AzpUR-p1uwpDWl0_80.0.3987.132/80.0.3987.132_80.0.3987.122_chrome_updater.exe?mip=77.100.17.60&amp;mvi=3&amp;pl=24&amp;shardbypass=yes&amp;redirect_counter=1&amp;rm=sn-8pgbpohxqp5-aigd7d&amp;req_id=d96ccf2aa9017d43&amp;cms_redirect=yes&amp;mm=42&amp;mn=sn-aigl6ney&amp;ms=onc&amp;mt=1583279316&amp;mv=u</COLUMN> <COLUMN NAME="Detection">URL/Urlik.AAO Object</COLUMN> <COLUMN NAME="Action">connection terminated</COLUMN> <COLUMN NAME="User">NT AUTHORITY\SYSTEM</COLUMN> <COLUMN NAME="Information">Event occurred during an attempt to access the web by the application: C:\Windows\SysWOW64\vmnat.exe (98A83D9FFB3B89749C7C6D91BFD61FEF6884DB86).</COLUMN> <COLUMN NAME="Hash">FB2EAA0695D89AA968B8C22531CDC96087FC31AD</COLUMN> <COLUMN NAME="First seen here">03/03/2020 23:51:12</COLUMN> </RECORD> </LOG> </ESET>
  43. 1 point
    Marcos

    ESET NOD32 Google Chrome 79 crashes

    A fix will be included in v4.0.95. There's no ETA yet but it shouldn't take long.
  44. 1 point
    Kristian Cajkovsky

    Version 5.0.5.7 Auto Update

    Hello @mcrouse , The new version will not be added to the repository. You may download it manually if you wish so, the update is optional.
  45. 1 point
    Pre-defined rules override any like user rules in regards to a specific action. With advanced HIPS logging enabled, one will observe wording in regards to user rules such as "partially allowed/blocked." This would be indicative of an Eset pre-defined rule taking precedence. Bottom line - one really does not know if a user HIPS rule is working fully working as intended.
  46. 1 point
    Marcos

    Disappointment

    As for Windows 7 support, we still have products that officially support Windows XP that Microsoft stopped supporting in 2014. That said, we don't plan to stop supporting Windows 7 any time soon and it should continue to be supported in the next few years. The certificate issue concerned older products, namely Endpoint 5 being currently in basic support phase and to reach EOL by the end of this year as well as Endpoint 6.5 which is in the limited support phase. In spite of limited and basic support, we treated the issue with priority and worked day and night to deliver fixes to affected users.
  47. 1 point
    Hello @Carlito, We have recently implemented this into our ESET Endpoint Encryption Server. This feature allows you to pass the pre-boot authentication therefore allowing you to work on the machine remotely. Make sure you have upgraded to version 3.0.1. Client also requires 5.0.5. Enabling Maintenance Mode Note: You can select multiple workstations at once to apply this. Not selecting any, will automatically apply this to all workstations. Access your workstations tab Select Pre-Boot Authentication 3.Select Disable/Enable from the drop down. 4.Disabling Pre-Boot Authentication allows you to choose one of the three options (Hours, Date/Time, Reboots)
  48. 1 point
    pps

    Future changes to ESET web portals

    Description: Products versionDetail: See in console the product version Description: Device typeDetail: Device is a laptop, desktop etc.
  49. 1 point
    BeanSlappers

    Future changes to ESET web portals

    Have full control over devices connected to the account, like remote updates, remote settings, remote scanning etc.
  50. 1 point
    TecM

    Future changes to ESET web portals

    Description: Products updateDetail: Verify if the installed products are up to date
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...