Jump to content

Leaderboard

Popular Content

Showing content with the most kudos since 08/31/2017 in Posts

  1. Greetings! Listed as fixed in 7.3 "An on-demand scan launched from the ESMC console could shut down the computer even if this post-scan action was not selected" is exactly what started happening after I've upgraded Endpoint clients to 7.3. Never happened before. The process C:\Program Files\ESET\ESET Security\ekrn.exe (WKST-VRN-BKP01) has initiated the power off of computer WKST-VRN-BKP01 on behalf of user NT AUTHORITY\SYSTEM for the following reason: Other (Planned) Reason Code: 0x80000000 Shutdown Type: power off Comment: Computer scan completed That comes from sche
    5 points
  2. https://www.eset.com/sk/o-nas/press-centrum/eset-tlacove-spravy/nadacia-eset-podporila-vyvoj-slovenskeho-testu-na-koronavirus-a-financuje-prvych-100-000-kusov/ Machine translation: Scientists from Slovak companies MultiplexDX, Lambda Life and ProScience Tech have joined forces with virologists from the Biomedical Center of the Slovak Academy of Sciences (BMC SAV) to build a reagent kit according to the World Health Organization (WHO) protocol for reliable detection of SARS-CoV-2. In the first phase they plan to produce and make available 100,000 PCR tests. The ESET Foundation suppo
    5 points
  3. Hello, As 2019 comes to a close, and just before computers are turned off so that we can spend time with friends and family, I would like to take a moment to wish each and every one of you best wishes for the holiday season, and the forthcoming New Year as well. This past year has been equally exciting, challenging and sometimes even terrifying in terms of computer security, and we know that you have many choices when it comes to whom you choose to protect your computers. We are grateful that you have chosen to place your trust in ESET, and we will do our utmost to ensure that
    5 points
  4. The ESET Knowledgebase YouTube Channel celebrates its 10-year anniversary today! https://www.youtube.com/user/ESETKnowledgebase/community Check out the infographic for our lifetime YouTube statistics for the channel. The ESET Knowledgebase channel includes step-by-step video tutorials demonstrating the key processes and features of our ESET products, from ESET NOD32 Antivirus and ESET Internet Security to business products like ESET Security Management Center. In addition, our channel is yet another way for our customers to reach us with feedback and questions. We make e
    5 points
  5. Marcos

    ransomware attack

    ESET didn't fail to protect the user. This is proved by the fact that ESET had recognized the ransomware for a long time before the user got infected which means that ESET must have been paused or otherwise deactivated by an attacker. Because of continual trolling despite giving numerous warnings and complaints from other users, we'll ban Novice as of now.
    5 points
  6. False positive reports To submit a possible False Positive see Submit a suspicious website / potential false positive / potential miscategorization by Parental control to ESET for analysis when you wish to submit via email or use Submit sample for analysis function from the program GUI of ESET product installed on your computer. Whitelisting ESET does provide a whitelisting service for software vendors by which you can submit your software to minimize the chances of false positives, e.g., when your software is being downloaded. This service is intended as preventive measure for t
    5 points
  7. Hello, this option is already available in ESET Cloud Administrator console. Currently, as agents are updated via "Components upgrade task", which does not differentiate between agents, and other components of the ESMC infrastructure (server / webconsole) this option was disabled. However, in Cloud the server is fully hosted / maintained by ESET, so "one click agent updates" are possible. Please note, that for the future releases we work on "automatic agent upgrades", meaning agents would automatically upgrade themselves to the version compatible / matching with the server.
    4 points
  8. It's been a slow forum posting weekend and it appears this thread has run its course. We have all had the opportunity to "rant and rave" about Eset Home version protection features we all wished we had and in reality, probably never will have. So it is time to expose this Python POC for what it is - fake ransonware. Err ..... what, you say? The POC encrypted files. Well so does a lot of legit encryption and other apps including user created ones. So lets get into this. A few years back, the NextGen security software vendors were trying "to get traction" against the established AV vendors
    4 points
  9. There are many reasons for that, not just one. One of the things we do is that the resource-intensive code emulation is done once and the result is cached for future use so advanced heuristics doesn't have to emulate files each time they are accesses and scanned. Then there are other safe caching mechanisms to ensure that files are re-scanned only when needed (e.g. after module updates), trusted / whitelisted files are scanned less frequently, etc. which also positively affects performance.
    4 points
  10. You can see in the test that ESET detected 100% of the samples in that SYNTHETIC (ie. not a real-world) "test" so no better result could be achieved. We have already commented on it as follows: This test is completely wrong. First of all, you skip the very first layer of defense - Web access protection which is very strong in ESET and blocks download from malicious urls which could save users in many cases from new malware even entering the system. Secondly, by disabling real-time protection you prevent HIPS from receiving events on the file system level and thus make HIPS and all HI
    4 points
  11. Marcos

    ESET Memories

    Cherishing memories
    4 points
  12. There will be a fix for the issue in both Endpoint and ESET NOD32 for Linux desktop according to the latest news.
    4 points
  13. T3chGuy007

    ESMC Upgrade

    For those of you in the same situation, I first had to install SP3 for SQL Server 2008 R2 Express because you can't directly upgrade to SQL Server 2017 Express unless you are running SP3. I was running SP2. Once this was done, I upgraded to SQL Server 2017 Express by using the custom install option. I then opened ESMC and went to Help->About. The DB version is now showing Microsoft SQL Server 2017 (RTM) Express Edition (64-bit) 14.0.1000.169. I then went to Help->Upgrade Product and a new client task was created. After a few minutes, I was kicked out of ESMC and I could not log bac
    4 points
  14. Marcos

    Eset 13 Version

    Thanks for the heads-up peteyt, the user was banned.
    4 points
  15. peteyt

    Ransomware

    I'm new to this topic but just wanted to ask something and unsure if its been asked. Firstly - I have no issue with Eset - I know nothing can ever be 100 percent. However in regards to ransomware would there not be a way to detect something is encrypting files which in turn could force an alert from Eset. I'm not talking about new unknown viruses, zero day etc but the act of encrypting itself. Basically could Eset not set it by default to alert users if it detects file encrypting and possibly even be set to pause the encryption until a user tells Eset to either allow or remove.
    4 points
  16. itman

    Ransomware

    One final comment in regards to Live Grid's performance in this incident. Refer back in this thread to the posted Live Grid screen shot showing ransom.exe running. Note the red color. What does that mean? Per Eset online v12 help: Hum ........ It certainly appears Eset's front-end heuristic scanning did its job. So why can't Eset offer an option to be alerted to "risky" processes pre-execution? It most certainly appears to be the correct and logical action to take. For me, I can only conclude the following: 1. Eset has such little faith in Live Grid's reputational analys
    4 points
  17. Marcos

    ransomware attack

    This is the last warning to Novice. Further to complaints from other users that we've received about your ranting, we kindly ask you to stop this. Either give us a proof that there is an antivirus that can detect 100% of threats without updates and without any false positives and at the same time it can protect users even if they unwittingly allow an attacker to do anything on their machines under an admin account or stop trolling and ranting. We are open to serious communication but trolling is not tolerated and will never be neither here nor in any other forums. Otherwise we will need to tak
    4 points
  18. Marcos

    Ransomware SDEN

    Files were encrypted by Filecoder.LockedFile. According to the logs, there were about 170,000 failed attempts to log in via RDP as "administrator" and alike in approx. one day when the encryption occurred. Also an older version of EFSW 6.5 without Ransomware shield was installed. The OP was informed and improvements in protection were suggested.
    4 points
  19. Received your get well greetings today and believe me they were most appreciated. For you who do not know it, I recently spent 5 weeks in the hospital. Diagnosis was heart failure. I know I am improving but It's going fairly slow. In order to celebrate my improvement I installed Smart Security on a Windows 10 computer. Seems fine.Thanks again fellows.
    4 points
  20. Welcome to the ESET Security Forum! ESET is pleased to provide you with this resource in order to make it easy for you to ask questions and receive answers about ESET's products and services. Understand that the ESET Security Forum is a private community for existing customers of ESET, prospective customers who are interested in ESET's software, ESET employees and business partners. Because of this focus, it is not like a general public forum, where conversations take place on a variety of non-ESET and non-security related topics. With that in mind, we have the follow
    4 points
  21. Component upgrade task upgrades only ESMC/EP components, as is ESET Management Agent, ESMC Server and ESMC WebConsole, but it does not upgrade other, especially third-party components as is Apache Tomcat, Apache HTTP Proxy or MS SQL Server. Thus benefit of performing manual upgrade using all-ine-one installer for Windows, or performing upgrade ot EP/ESMC Appliance using "migration" to new version, is that also third-party and and possibly other support tools are upgraded. Also note that manual upgrade is less prone to failures caused by environment issues, as are those network related, but
    3 points
  22. Hello @Kostadin_k, EFDE for mac utilizes FileVault because there is no other way to FDE macOS. Apple prevents its system to use FDE from 3rd party vendors. EFDE for win is a different story. Microsoft allows for vendor´s proprietary encryption and we have this covered. So we are pretty much covered on both macOS and Windows. But yes, adding Bitlocker management to ESET Protect (Cloud) is an option, but even if we go this direction in the future, it will not work as seamlessly as you described. Taking over management of an already encrypted machine is more than complicated becaus
    3 points
  23. Avast blog article here: https://blog.avast.com/cybercapture-protection-against-zero-second-attacks . Detail on configuration options here: https://support.avast.com/en-us/article/54/ Of note is this feature exists even in Avast free version. Time Eset "get with the program" and offer same like capability for their home use products.
    3 points
  24. The fact is Eset has all the internal mechanisms in place to accomplish this. All they have to do is block the process until LiveGrid black list determination processing has completed. As to the false positive element, I say "to hell with that." Most home users would not be significantly impacted by such process blocking. This could be also further refined by adding Trusted Publisher, signing, etc. criteria to Eset Reputation scanner. Failure on reputation coupled with suspected malicious activity should be enough to block until LiveGrid initial scanning is completed.
    3 points
  25. We are aware of the problem with Windows applications and the changing path with each update. There is a plan to come with up a solution to this in long term. Also I can assure you that we value any constructive feedback or suggestion and it's discussed with product managers and developers.
    3 points
  26. This was in Cloud Administrator topic but should be here too Description: A new task/setting to reboot computers with a popup message warning,Detail: Add the possibility to notify user that computer will be restarted when reboot computer task is triggered and let them for example 5 minutes to save/close programs/data.
    3 points
  27. It had been discussed again and again. but I still want to say: with endpoint 8.0, Please give up stupid MySQL and use MariaDB. check current system requirement it is really funny: MySQL ODBC driver versions 5.3.11 and later, 8.0.0 – 8.0.15 and 8.0.18 and later are not supported.
    3 points
  28. Yes, v14 is going to be released later this year. It will be announced here as well as via other marketing channels.
    3 points
  29. Hello guys, thank you for your feedback. We will add Bitwarden to the list of whitelisted extensions that can be loaded in the protected browser. Regards, Tomas
    3 points
  30. It appears that a number of Eset users employ license "crackers." It also appears that a number of Eset forum participants feel that the most widely used , the KMS software family of crackers, are safe. As noted in this recent analysis of KMS based software by AVLabs in Poland, they are definitely not safe to use. KMSAuto and KMSpico are the most commonly installed hacktool on computers in Poland https://translate.google.com/translate?hl=en&sl=pl&u=https://avlab.pl/&prev=search&pto=aue Note: This article was posted in the Polish language. Hence the use
    3 points
  31. You are just angry at something that you can't change , all companies do the same , they release an update and then they give the change notes after a while , or go meet Microsoft , they won't tell you what changed. or say hello to Steam I don't represent ESET , and I don't work for them , but a delay of a bit or few hours after being posted in their download page and after that to their forum , it doesn't mean anything bad , they have posted it they didn't hide them , It's just a matter of a little bit of time delaying the upgrade so you can read the notes and after than initiate your up
    3 points
  32. I think this is resolved in just-released ESMC 7.2 where it look like this:
    3 points
  33. ESET NOD32 Antivirus for Linux desktop is a legacy product. Legacy products do not support activation but require a username and password for update.These are not usually included in the license email since current products require only a license key for activation but can be provided by customer care on request. I'm gonna send you a personal message with your U/P momentarily.
    3 points
  34. Nightowl

    ESET Memories

    Just some photos I found on the internet that can bring some good moments and make your white hair shine brighter. Hmmm , I used to love that GUI ! , so simple and basic but powerful.
    3 points
  35. Marcos

    ESET Memories

    AMON is the former name of the real-time protection module. We still call it internally that way and also real-time protection driver in the latest v13 is called eamonm.sys.
    3 points
  36. Update (Feb 10, 16:30 CET): 1, A fix tool that will replace ekrn.exe with a fixed version will be ready within today (Feb 10). The tool will need to be run on machines with affected ESET Security products that are malfunctioning. No restart should be needed to get the product work. The tool should work for affected Endpoint v5 as well as v6.5 products also on Windows XP and Windows Server 2003. 2, If you have an affected version of the product and it still works alright, do not restart the computer yet. Tomorrow (Feb 11) we'll be releasing Antivirus and antispyware module which will patch
    3 points
  37. Description: Color code failing tasks Detail: The server used to color code the tasks that are failing. I'm running the latest ESMC, and now, that doesn't happen, and I have a hard time figuring out which tasks are failing. Is there a way to color code it again, or where can I see it? All I get is a generic email saying: "At least one client task has invalid configuration and therefore will fail."
    3 points
  38. That's what BitDefender did with their 100% machine learning based behavioral protection at A-V Comparatives: https://www.av-comparatives.org/wp-content/uploads/2019/10/spc_fdt_bitdefender_201909_en.pdf . Score was pretty impressive although false positives were a bit high. Also detection rate for this ML scanner is shown separately on Virus Total.
    3 points
  39. peteyt

    Eset 13 Version

    @MarcosCan someone please ban this user. Reported another of his posts the other week. Noticed something strange as one of his post seemed to be exactly the same post I made. User is basically copying someones post and reposting and then editing at a later date to add a spam link. Possibly hopes users will not notice because the link is not originaly included but have been keeping an eye out
    3 points
  40. MartinK

    Clients not showing in ESMC

    I would recommend to start by checking whether ESMC Agent installed on client machine is actually connecting to ESMC. For this purpose please follow troubleshooting part of documentation - especially status.html log present on client machine might be helpful in this case. In case ESMC Agent will be connecting to ESMC, most probable issue is that is is using different name in ESMC or is located in different group, which prevented ESMC to remove "dead" duplicate that is rendered as unmanaged. In case AGENT is not connecting to ESMC, it is crucial to resolve connectivity issues as descr
    3 points
  41. wraith

    Ransomware

    Yeah that's why I don't like these features. I just gave them as examples since you asked about what block at first sight is. Moreover these make the AV heavy to use and I don't want ESET to become heavy like the other AV's. But I really want ESET to have a dedicated PROACTIVE Ransomware Module, not a REACTIVE one since all the complaints I receive regarding ESET only relates to ransomwares, nothing else.
    3 points
  42. Marcos

    ransomware attack

    Just came across a case when a user was hit by Filecoder.Phobos and asked how come they got infected with ESET installed. After analyzing logs, we found out that: - the detection for the ransomware was added at least 2 months before the incident - password protection of ESET's settings was not enabled - detection of potentially unsafe applications was disabled We also found out that: 1, A brute-force RDP attack was performed: - Administrator had 22 377 failed login attempts - ADMINISTRATOR had 5 438 failed login attempts - ADMINISTRADOR had 1 102 failed login attempts - A
    3 points
  43. We've reverted the Cryptographic support module to the previous version while the issue is being investigated and a solution prepared. You should now have version 1028.2 of the module which didn't cause the issue.
    3 points
  44. You can disable the appropriate application status in the advanced setup -> user interface. You understand that you will take all responsibility for the security of your system since ESET won't be able to 100% protect you from Internet-borne threats, phishing, etc. By disabling Web access protection you won't gain any benefit but lose one of the most important protection layers. Even if one was very cautious and restrictive in what he or does on a machine (e.g. visits websites only with javascript disabled, checks every https certificate on visited websites, uses policies to prevent sc
    3 points
  45. Marcos

    ESET BETA 13 ?

    We've recently made 12.1.30.0 available for users in the ESET Insider program. Also it is not clear what you meant by " I miss the success of ESET 2002 - 2007". Please clarify as to what you meant because ESET is a successful company with products being enriched with new protection and technology features on a regular basis.
    3 points
  46. Hi, as marcos noted this error is logged when automatic exclusions for Microsoft SQL server are enabled. Automatic exclusions for Microsoft SQL server are using ADO API to read information from "sys.master_files" table to get list of files to exclude from scanning. The ADO API obviously loads a DLL that is not signed. As a workaround, automatic exclusions for Microsoft SQL server can be disabled.
    3 points
  47. Get well soon Mr Jadinolf. Prayers are with you and thank you for being a part of the community my friend !
    3 points
  48. Hello, we will be rolling out this change by the means of a module update in the upcoming weeks.
    3 points
  49. As introduced here (KB News) and here (KB Alerts), I am unpinning those threads and replacing with this one. We now have RSS/email subscriptions for News, Alerts, and Customer Advisories. Information and instructions to subscribe is available here: Subscribe to ESET Knowledgebase Support News, Alerts and Customer Advisories
    3 points
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...