Leaderboard

This was in Cloud Administrator topic but should be here too Description: A new task/setting to reboot computers with a popup message warning,Detail: Add the possibility to notify user that computer will be restarted when reboot computer task is triggered and let them for example 5 minutes to save/close programs/data.

Hi, today at 11:30 a bunch of our enpoints updated and the TLS connection to our IMAP server with thunderbird stopped working. We saw that about at 14 another update came out but it isn't fixing the proken clients and we need to reinstall nod32 or create a new thunderbird profile. Are you working on an update that is going to fix the issue? Regards Giuseppe

itman would be undoubtedly the person to award for his big contribution of helping others on this forum 👌

The FP should be already resolved. You can enforce update of the blacklist by rebooting the machine.

Hi everone, I found the solution to this topic on a German speaking thunderbird forum. For all non-german speaking people, here the translation with the action plan which solves the issue. At least for me. Not sure though if all menu names are correct, as I only have German versions. But you get the point I assume. Open ESET NOD32 Antivirus -> Setup-> Advanced setup -> Web and E-Mail -> SSL/TLS Here disable the SSL/TLS-protocol filtering -> deakctivate Open Thunderbird -> Tools -> Options -> Privacy &Security -> Certificates Check

We are aware of the problem with Windows applications and the changing path with each update. There is a plan to come with up a solution to this in long term. Also I can assure you that we value any constructive feedback or suggestion and it's discussed with product managers and developers.

solution (just tested with one of our systems) for our site: [root@vm /]# cd /var/opt/eset/esets/lib [root@vm lib]# mv em002_32.dat em002_32.dat.o [root@vm lib]# cd /opt/eset/esets/sbin/ [root@vm sbin]# ./esets_update --verbose Virus signature database has been updated successfully. ESETS Update utility +-+--------------------+------------------------+------------------------+ | | Module | Available version | Installed version | +-+--------------------+------------------------+------------------------+ |*| loader | 1076

Yes, in case of multiple commands, one have to enter delimited one-liner, as it would be done in one-line BAT file. Just a note, this will be improved in upcoming released, where multi-line commands will be possible, which should simplify such scenarios.

According to https://support.eset.com/en/news7604-eset-support-of-macos-11-big-sur, a version compatible with Big Sur that will include a firewall is planned for Dec 2020:

I had some issues configuring Active Directory integration (Kerberos etc.) with ESMC so I decided to do a write-up on what I did to get it working. This is for Ubuntu Server 18.04 but it should be applicable to other Debian based distros, adjust where required. Let's assume we have the following environment: ESMC Linux Distribution: Ubuntu Server 18.04 ESMC Hostname: esmc ESMC FQDN: esmc.test.local ESMC IP Address: 10.123.1.2 Active Directory Domain: test.local NetBIOS Domain: TEST Domain Controller: dc.test.local (10.123.1.1) ESET ESMC AD User Account: eset.esmc@test.local (ese

Yes, that was a false positive. Updates were already stopped a while ago and a fix is being prepared. It should be available within a few minutes. We apologize for the inconvenience.

The secure browser feature is part of Endpoint Security v8 which is coming soon.

Hi @GPennarun, I am sorry that your tickets are not responded to. Please could you provide us with the ticket number? I will in turn check what happened to it. Especially for #2 , I would like to get more details on this problem and to see what is the cause! Best regards, Ervin Rendek, PM

Yes that was the problem, version though is 20H2 OS Build 19242.662 Thank you for your help.

As of this morning i'm getting a lot of alerts across the orginization for: hxxp://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEgRY8NzrWAjZ4J4grl19QqsePQ= For each alert the last bit of the address changes, but this part is the same: hxxp://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEg They all also have a target address of : 104.91.166.211 Just wondering if there is more information on this, what might be causing it, if thi

Good afternoon, I'm sorry to hear about this issue. I suspect you are encountering a known issue with the latest version of Windows 10 2004 (OS build 19042). You can check what Windows version you are running by typing 'winver' into the Run dialog. I have attached an example: If your computer IS running Windows 10 2004 (OS build 19042), then please check to see if you are missing the UseNullDerivedOwnerAuth registry value found in: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TPM\WMI If it is missing, then you can create it manually by o

Thanks Peter. This worked fine. Have a nice day

Solved. The updater use extensively the /tmp filesystem and this update probably uses more space; the updater fails (with the reported errors) but the underneath error is that /tmp run out of space. Probabily a message about the space will help. Thank you. Angelo

Hello ESET Endpoint Security / Antivirus users, It’s been quite a while since we released the 7th generation of our Endpoint solutions, so naturally you may ask when the generation 8 will be released. We have good news to share, as we are approaching the final stages of development and preparation for the release, we would like to share it with you so you can try it before it gets released officially and give us feedback on it, which is very valuable for us. I guess the first question, which comes to mind is what will be the new features of it. Let me briefly name some: Secure

Hi @Marcos, Your previous suggestions didn't work for me or @Cybertooth as posted by both of us on Friday. We also could not completely execute them, since we don't have an esets_update program. Maybe these instructions are for a different linux software version (e.g. the buisiness version)? We also provided additional information on Friday in case they might be useful. Please advice how to proceed.

In case you used Apache HTTP proxy which is part of our installers, you should follow following steps: https://help.eset.com/esmc_install/72/en-US/apache_configuration.html where in short you have to: enable port 2222 in case it is not enabled already (depends on version you used) enable connections to your hostname (hostname where AGENT are trying to connect) - by default, only connections to ESET domains are enabled due to security, therefore using proxy for replication connections requires manual steps.

Hi ESET. The latest version of Mozilla Firefox v83.0 has been equipped with a new feature consisting in enabling the mode of forced use of HTTPS protocol only, which can increase the security of browsing on the Internet. After enabling this security feature and visiting a banking website to make payments, the ESET Smart Security Premium Banking & Payment protection feature don't work any more. Protected browser window don't start. Instead, the ESET Help website titled 'How To Fix "Unable to Redirect Banking & Payment Protection to the requested website" error' is displayed. B

my solution to get it running again, looks like a bad file(from another post I think): mv /var/opt/eset/esets/lib/em002_32.dat /var/opt/eset/esets/lib/em002_32.dat.old systemctl stop esets rm -rf /tmp/*update.lock; /opt/eset/esets/sbin/esets_update --verbose systemctl restart esets systemctl status esets

There is also the rootkit possibility. Microsoft has a nice diagram on how those load and can bypass/disable anti-virus:

Great to hear this this is going to be improved, I have some fairly complex PowerScript commands that I execute via the run command. For example I have commands which will: Download TeamViewer Download a config file Install TeamViewer using msiexec Email me the TeamViewer ID from the registry. Getting this to work took time, and seeing all this on a single line script is horrible to maintain :) So seeing an improved experience will be fantastic.

First, here's a write-up on the feature: https://www.askvg.com/tip-enable-https-only-mode-for-websites-in-mozilla-firefox/ Next, I enabled the feature in Firefox. There is no problem with accessing my bank's web site if I open B&PP via desktop icon. However if I try to access my bank's web site via a normal Firefox browser session, I get the same Eset help web page redirection as described. Of note is B&PP uses a separate Firefox profile than the one used in normal Firefox mode. So I also set; dom.security.https_only_mode to true in that profile. Still a no go

I'll try to find out if we have an Apple machine with that CPU and if ESET runs alright there with x86 emulation.

Yes as I mentioned earlier, it should be fixed in the upcoming 3.0.6 release of the extensions. I'm checking the planned release date with the guy responsible... Peter

The Run command task runs the command in the local system account so elevation is not required.

Definitely not. I tested this thoroughly.

Using "not regex (7.3).*" could work.

@Peter Randziak This appears to be resolved, turns out I missed out on some configuration in the hosts file. Thank you to @tomasS for the one-on-one assistance with this. I'll try to write-up a How To soon on how I configured this all so if anyone else is configuring this on a Linux component (non-VA) install, they'll avoid some of the mistakes I've made.

The MDC certificate is for communication between a mobile device and MDC. The proxy certificate is also used for communication between MDC and the ESMC server. Before you revoke the old proxy certificate, make sure that MDC has received the new proxy certificate via a policy:

How did you find the ESET Security Forum? Duckduckgo What OS are you running? Win10 Pro What AV are you running? Eset Nod32 Antivirus What’s an interesting fact about you? The first computer I played on was a Commodore 64

Marcos, I have already sent a log collection to Peter Randziak. Do you require another one?

@tomasSWill sent unredacted log to you via direct message.

Also has been pushed to regular update channel.

Are settings protected with the strong password seen in the screen shot? The error is most likely caused by using a wrong password. Anyways, you shouldn't need to uninstall EEA first; installing EES over EEA is possible.

Updating these days some endpoints, noticed that a lot of computers have a WARNING/ALERT active saying that they need a restart. This alert is called: "Computers needs restart". Checked some random computers and users where shutting down every day computer but the alert/warning was still there. Checking it, uptime was 1-2 weeks too...Why? Fast Boot from Windows 10..... That's a pain in the , you can't disable it through GPO(only via Registry) and users NEVER reboot computer, they only shutdown. How I tried to workaround it? I configured a task to reboot computers Daily at 14h b

DISM /Online /Cleanup-Image /RestoreHealth This is what fixed the corrupt files.

Hello everyone, only that I understand correctly: Nothing needs to be done on the company side because you automatically apply the fix to your customers. Or? Otherwise, I would be happy to receive understandable instructions on what exactly has to be done. Many thanks

Hello, unfortunately, this is currently not possible in a way you are seeking for. If customer adds his license to EBA account, the only way for you is to have a dedicated login (email address) to every one of such EBA accounts. We are currently analyzing / designing a solution, that will allow reseller management / visibility into the customer´s EBA accounts, and also connected ECA instances, however it will take some time till this is developed. Internal reference: IDEA-1355

*Bump* I'm still getting the same error,twice in one day Grrr. Is there any update to this problem. Colin

For me it worked like a charm. Clicked the desired detection and selected Create exclusion from the menu: This excluded the detection name from detection:

Thanks, quite a good idea. We will try to bring it in a service release next year.

I have several dozens of clients that are all reporting this issue as well, they all get a error stating the server does not support the encryption method all of the sudden, This is affecting Rogers emails as well as other ISP's using ssl but not gmail. It does not affect TLS, only SSL this is all since 14.0.21.0 A work around is to either disable ssl/tls filtering or changing it from automatic mode to interactive mode and when you send an receive Eset AV prompts you if you want to scan the protocol and choose yes remember for this application then resolves the issue and you can chang

Description: Dynamic Tag Creation Detail: Our team would like the ability to automate the tag creation process in ESMC. We would like it so that we can apply a tag to a dynamic group and then that tag applies to all the children of that group as well.

Also available here: https://forum.eset.com/topic/25003-eset-endpoint-products-for-macos-version-692000-have-been-released/ and on the download page as well: https://www.eset.com/int/business/endpoint-security-mac/download/

hxxp://repository.eset.com/v1/com/eset/apps/business/ees/mac/v6/6.9.200.0/ees_osx_enu.pkg.changelog.html

Until recently I used EIS and ESS in Windows 7 with the firewall's interactive mode activated. That way I can control which applications on my computer can access the internet and which can't. Once this approach made me detect a virus even before ESS recongized it. Recently I switched to Windows 10 and I continued using EIS firewall's interactive mode as I did before. Unfortunately the Windows apps that are located in C:\Program Files\WindowsApps keep moving to different subfolders when they are updated. This means that I have to continue adding new firewall rules for the same apps over a