Leaderboard

The issue is caused by an older version of the Translation support module. On Monday we should start with upgrade, however, it will require a restart of the ESET PROTECT Cloud instance.

The bug is just visual and should not have any noticeable effect on memory consumption. Will be fixed in v15.

Next time this updating issue occurs, use a network connections monitor to ensure ekrn.exe has a solid connection to port 8883. You can use Eset's Network Connections tool or TCPView. I prefer TCPView since it will show if there are sync issues with the connection to port 8883, ekrn.exe is trying to establish. Eset uses port 8883 with fallback to port 443 for Push Notifications. If there are issues with getting that connection, it will cause this bork Eset updating behavior some are experiencing.

Kind of ridiculous putting all the work on the end user.

As per the subject, once Detection engine 23963 is downloaded all links to O365 Safelinks are block Had to add *.safelinks.protection.outlook.com to the allowed websites

A problem in gui requires compilation of a brand new version, thorough QA testing of all languages (about 40), releasing the installers on the web and slowly releasing upgrade to the new version via uPCU. This kind of issues cannot be fixed via module updates but requires a new version of the product.

Appears there are multiple causes involved here. The ones mentioned are: 1. Windows update cache issues. 2. Eset update cache issues. 3. You name it ........... Eset needs to provide built-in diagnostic capability for problems like this and other issues. Think along the line of Windows 10 "Fix-It" wizards. I for one am tired of the constant requests for Eset logs to diagnose product issues.

Please raise a support ticket with your ESET UK. It's probably caused by the update of the Translation support module yesterday, however, I don't have this problem myself so there must be also something else that triggers the issue.

Since malware often disguise as a crack, keygen, etc. you should avoid using them regardless of whether it's for antivirus or another application.

As I posted in another thread on this issue after I deleted the Win 10 update cache, I have had no further issues with Eset detection updates. I had one delay of 5 mins. at boot time and that's it.

A while back I recall seeing an answer to the problem of continually spinning ESET icon showing update in progress when it isn't. The solution that worked for me was: Open ESET>Setup>Advanced Setup (lower right corner)>Update>Under Basic - clear the update cache>click OK>Restart your computer and all should be well. Hopefullly!

On August 25 we are starting to roll out the very first uPCU update to v8.0.2039 version for those with older Endpoint v8.0 versions. The rollout will be staggered and we expect it will take about 2 weeks to get downloaded by all users with an older version of Endpoint v8.0.

US support strikes again! Totally useless!!

Hello, recommended approach would be to use the dashboard / reporting functionality for it. You can navigate to the tab "ESET applications", where you can see which are outdated and even list count of all outdated versions. Then you can initiate upgrade by "one click" from there, for a particular version, you seek to upgrade to a newest version.

The web serve is misconfigured; OCSP Must-Staple is enabled, however, no OCSP response is received. https://www.ssllabs.com/ssltest/analyze.html?d=energy-forecast.n-side.com OCSP Must Staple Supported, OCSP response not stapled

Tip - if you delete your credit card info in your US eStore account, there is no way for Eset to perform an auto-renewal.

It's a new day. I have discovered a new networking feature, And of course, Eset networking support borked it! The new and important find is if you are using an IPv6 only network which is the case for my ISP, AT&T Unverse, and using third party IPv6 DNS servers, you should be using DNS servers that fully support DNS64. Again, DNS64 is used to convert IPv4 addresses to IPv6 addresses in a 4-6-4 tunnel on the ISP network. The new find is Cloudflare has such dedicated servers. You can read about this here: https://developers.cloudflare.com/1.1.1.1/ipv6-networks . Great! Set my network connection to those IPv6 addresses and modified Eset's connected network setting likewise. Now for the Eset bork of this capability. The first thing I noticed was it appeared Eset was having trouble establishing a connection on port 8888 likewise on port 443 which is what Push Notifications falls back to. Sure enough, after a half hour Eset displayed the dreaded could not establish a connection to its Push Notifications server. So what is the friggin problem? Eset Push Notifications uses the MQTT protocol designed to create machine-to-machine; i.e. tunnel, connections to IoT devices. It appears this protocol is not compatible with DNS64 which makes sense if you think about it. So once again Eset implements something without thoroughly testing its compatibility with established networking features. @MarcosEset needs to be sending Push Notification traffic via IPv6 to resolve this issue. Assume Eset will have to provide a GUI setting option to receive Push Notifications via IPv6 or IPv4 connection. Or better, if Eset sees an IPv6 connection is established, prefer that over IPv4 for Push Notifications communication.

This sounds like the same issue I had, which I added to the posts on here I had noticed the updates generally had been quicker as of lately, and didn't notice much system issue. However while this update occurred, the PC was very sluggish, with Google Chrome for example taking a while just to open, and browsing seemed very slow, like Eset was causing it to be slow. However I did download a test download from https://www.thinkbroadband.com/download, using the 512MB one which was a lot bigger than Eset's update. I was able to download that in about a 1-2 minutes while as Eset took well over half an hour and even crashed at the end and had to restart. The thing is I can't remember any update issues before the updates where designed to use less resources. I don't know if this feature is any good because if anything it seems to be causing more resource issues/slowdowns, like everything is waiting for Eset to finish

What I am observing is there is a bigger issue. Appears Eset is not properly initializing coming out of Win 10 fast startup mode. I am having issues with Eset Network Protection; namely Network Inspection not working properly.

Hello, Just to follow up since I've been out of the office, CVE-2021-40444 is currently detected as DOC/TrojanDownloader.Agent.DIC and DOC/TrojanDownloader.Agent.DHY. For more information, please see ESET Knowledgebase Article # 8122, Does ESET protect me from the Microsoft Windows remote code execution vulnerability CVE-2021-40444? Regards, Aryeh Goretsky

It's custom HIPS rules: https://support.eset.com/en/kb6119 They are not there by default since they may generate false positives especially in networks where scripting is used. After creating the rules we recommend monitoring the network for potential script-related issues and disable or adjust the appropriate rule(s), if necessary.

It's fixed, thank you!

I feel the same itman, especially because rarely anything comes out of it!

Same never-ending product update happens on one of my machines. Real PITA. Rebooting is the only thing that gets ESET out of update stuck mode. Happens periodically. Probably happens to a great many users and they don't see the sys tray icon spinning and realize the sluggishness is due to ESET.

The Auto-lock feature is not supported on Android 10 due to major changes in the OS. However, we plan to revamp it and make it work even with the latest version of Android.

Done. Yes I goofed, but so did eset by allowing a signin that was detected as being suspicious to begin with. Also 2FA should be implemented by now, it's allegedly been on the to do list for 6 months now almost to the day.

Try something like this: <?xml version="1.0" encoding="utf-8"?> <rule> <definition> <operations> <operation type="WriteFile"> <operator type="or"> <condition component="FileItem" property="Path" condition="starts" value="%APPDATA%\microsoft\windows\themes\cachedfiles\" /> <condition component="FileItem" property="FullPath" condition="is" value="%APPDATA%\microsoft\windows\themes\transcodedwallpaper" /> </operator> </operation> <operation type="RegSetValue"> <condition component="RegistryItem" property="Key" condition="starts" value="HKCU\software\microsoft\windows\currentversion\explorer\wallpapers\backgroundhistorypath" /> </operation> <operation type="RegDeleteValue"> <condition component="RegistryItem" property="Key" condition="starts" value="HKCU\software\microsoft\windows\currentversion\explorer\wallpapers\backgroundhistorypath" /> </operation> </operations> </definition> <description> <name>Wallpaper was altered</name> <explanation> The wallpaper was altered </explanation> <category> Default </category> </description> </rule>

Again as I've said while this could be an okay move there are plenty of VPNs out there compatible with Eset. A lot of people prefer their AV to only work as an AV

It'd be good to get advanced diagnostic logs from such update attempt when it seems to be stuck at 1/3 of the update phase. Maybe an ekrn dump created via the advanced setup -> tools -> diagnostics would be useful too. When done, collect logs with ESET log Collector and we'll try to find out what's going on.

100% there is no problem of my system, there are one or more Eset problems and these are already running through several builds as confirmed by me and other users here!

A while back I recall an answer to the problem of continually spinning ESET icon showing update in progress when it isn't. The solution that worked for me was: Open ESET>Setup>Advanced Setup (lower right corner)>Update>Under Basic - clear the update cache>click OK>Restart your computer and all should be well. Hopefullly!

As Marcos said above, it's more of a hibernation/deep sleep with default Windows settings. Control Panel>Change to Large/Small Icons>Power Options>Choose What Power Buttons Do From here change the Power Button to Shut Down if not already, then as Marcos said Turn off Fast Startup.

When it's ready. In general they release new major versions in October, towards the end of the month, but there isn't a specific date set afaik.

Is it the same machine / case as this one? https://forum.eset.com/topic/29656-server-100-cpu-performance/ Detection for XblGameUpdateTask.exe will be added in the next update, then ESET should be able to detect and clean it.

I'll answer this question as follows. If Kaspersky was not a Russian based AV solution, I would be using it instead of Eset. Note that Kaspersky has moved its corporate headquarters to Switzerland. However, its developers are still based in Russia.

Anyone else remember these days?

Description: MyEset with more tools. Detail: You could do as KASPERSKY does in her product, put more options for the user, giving the option of Scanning and other settings remotely.

Here you can find most of the needed information about configurations : https://help.eset.com/eis/14/en-US/?beginner.html

You're right. It confirmed that update is run with very low priority, ie. if more CPU intensive processes with normal priority were running, they would use more of the CPU while the update less which could result in update taking longer than usual.

Please try the following: - in safe mode delete C:\ProgramData\ESET\ESET Security\local.db - restart Windows in normal mode - clear browser cache - temporarily change logging verbosity to Diagnostic under Tools -> Log files in the adv. setup - download CloudCar - collect fresh ELC logs but also select Local cache db:

Hello guys, I received logs on this issue from @Lockbits and the issue is being checked by the dev team (P_EESW-7598). So far it seems to be caused by changes in our code... Peter

I've seen previous posts about Enterprise Inspector being either offered as a full cloud solution or merging the capabilities of Enterprise Inspector with the ESET Protect product. Is there an estimate on when this might occur or any status update? EDR capabilities are being pushed by both regulators (see item #7 from the New York Department of Financial Services: https://www.dfs.ny.gov/industry_guidance/industry_letters/il20210630_ransomware_guidance) and cyber liability insurers (almost every application I completed this year asked if we deployed an EDR solution). Even the White House has issued a statement recommending EDR solutions (https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/). Small to medium businesses might not necessarily be moving all of their on premise workloads to a cloud solution, but I think when selecting new products and services there is a preference for cloud based solutions. And almost every major (and minor) player in the EDR market offers a fully cloud hosted solution. Just wondered if this was still on ESET's roadmap. Having to deploy an on premise server to run it makes it feel like a 'legacy' solution.

Hello, Please check to see if there are pending (or missing) Windows Updates. Allow those to run, restart the computer to apply them, and then see if ESET NOD32 Antivirus completes its updates. Pending Windows updates can block the installation of other software programs. Regards, Aryeh Goretsky

Hi @Marcos I'm a single license home user of ESET NOD32 antivirus for Linux Desktop (on Linux Mint 20.2), with a 2 year ESET NOD32 license which began this year and now told the product is ending next year (August 3, 2022) before the 2 years has completed. I'm in the same situation as and agree with the posts/replies of @FranceBB, @IsNotACatNamedGeorge, @czesetfanand @azeu666. I have received the same or very similar emails they described and been provided with new license key(s) for ESET 8. One email suggests I install Endpoint remotely and yet I'm a a home user, not a business user running multiple machines on a network. Seems like I'm receiving emails intended for business users running networked machines or managing employees computers. On August 4, I received two almost identical emails (same body text), yet with different subject titles, different license keys, different expiration dates and the license keys are for 5 seats (not a single home user). So it looks like not only have I received emails intended for business users about EOL for NOD32, I've also been sent at least one license key for a different user with an expiration date which doesn't match the date of 2 years from the start of my single home user license. If this is confusing you, try imagine how I felt lol. The emails suggest I install Endpoint without Protect, yet the website page providing a guide for the upgrade/replacement (titled [KB7911] Migrate from ESET NOD32 Antivirus for Linux Desktop to ESET Endpoint Antivirus for Linux) suggests I get Protect free of charge. Yet one user here is saying Protect costs 380Euros, which is a big jump from the 45GBP I paid this year for NOD32 for 2 years. There's also no way I can appear to use Protect as a single home user from the guide, it looks like I only get Endpoint which as other users here have pointed out, Endpoint doesn't do much without Protect or without some controls, which it doesn't yet have. You say it is yet to have a manual on-demand scan added. Seems way too early, from a customer service point of view, to be asking home users to switch if it is such a downgrade. You also say that: I thought the "32" in NOD32 made it look legacy for 32-bit (when most people like myself have been using 64-bit for over a decade). Yet the latest online reviews/articles I read at the start of 2021 for best Linux antivirus/security software (paid) for home users all suggested that ESET NOD32 is the best or highly recommended. What you've said suggests something completely different, it sounds like NOD32 for Linux isn't maintained properly, was developed years ago and is unable to keep up with current threat development, therefore it's not good security software? I'm going to look for alternative software because Endpoint is not what I'm looking for, unless it changes or unless the Protect software is explained better than in its current support guide/format, which looks like it is written for IT/system managers. I'm worried from the description and guides for Endpoint that it might be accessed remotely by someone else (not good for privacy) and that I have little to no control over it compared to NOD32's security options. I imagine you have lots of Linux ESET NOD32 home users who wouldn't want to use Endpoint as standalone software in its current form. I don't know if every other home user received the emails I have done (for business users and two sets of wrong license details) or it they were a mistake? I definitely don't want to upgrade to Endpoint in its current form and agree with others comments in this thread (about ESET 8/Endpoint for home users). I think it would have been better if Linux NOD32 home users, such as myself, were instead sent emails explaining that you are no longer going to support Linux home users from August 2, 2022, and perhaps to offer a refund for the license period remaining after that date.

Release Date: August 18, 2021 ESET Cloud Office Security 96.3 has been released. Changelog Version 96.3: Added: Teams and SharePoint Sites reports Added: Bulk download of quarantined items Added: Date and time uses the same format as in ESET Business Account Added: User details contain information about the license that the user is protected with Support Resources For more information, visit the ESET Cloud Office Security help page or contact your local reseller, distributor or ESET office.

Still that's not good enough. Maybe we could ignore if it was one or maybe two. But 7 ransomware miss at the time of testing is a huge number. It shows again what the OP suggested that ESET's ransomware shield is very bad and almost not effective at all. ESET needs to improve.

Hi, I've got Intune Work profile enabled on my Android mobile and Eset Endpoint Security installed via Intune. Application is asking to Enable Accessibilty feature but no services are installed under Installed Services. Does anybody has idea how to fix it?

Update: It works for local files:

Have you also tried what happens after system reboot but before users logs in? When users are leaving computer, do they actually log out, or they only lock screen? There is also possibility to create report with "Computer name" and "Logged user name" to check what is going on, but my guess is that computer will be still reporting last logged user.

Thanks for the reply, I know i've tried something similar a few times using Regex. I have not tried using 'Has Mask'. I've setup a group and a template and it's applied. I've got a few test machines i have setup to report back to ERA every min so i should see some computers populate shortly (that and it's getting to be pretty late on a friday for everyone to still be in the office lol). I will let you know if i see any machines there within an hour! Thanks, Jdashn