Jump to content

Leaderboard


Popular Content

Showing content with the most kudos since 07/08/2020 in Posts

  1. 3 points
    You are just angry at something that you can't change , all companies do the same , they release an update and then they give the change notes after a while , or go meet Microsoft , they won't tell you what changed. or say hello to Steam I don't represent ESET , and I don't work for them , but a delay of a bit or few hours after being posted in their download page and after that to their forum , it doesn't mean anything bad , they have posted it they didn't hide them , It's just a matter of a little bit of time delaying the upgrade so you can read the notes and after than initiate your upgrade or delay it for next version.
  2. 2 points
    Hello @itman, the .exe itself is not malicious, it loads the .dll, which is being detected... Peter
  3. 2 points
    SlashRose

    Slow Virus Scan After Update

    I am 100% there with you, I am now disappointed that you make the effort to test the software, report the errors found to the German support and all reported errors in the final, or so-called final, in my eyes nothing more than a very bad beta version is to find again + to find the errors of the previous build again, if this continues with Eset, I will also consider whether I should pay for it and that although I am an absolute Eset I'm a fan and have been using it since NOD v2, I am really very disappointed!
  4. 2 points
    Mobile Security needs some kind of permissions for Anti-Phishing to work properly , have you enabled that?
  5. 2 points
    Marcos

    Advanced heuristics/DNA signatures

    It's enabled for newly created and modified by default which is enough. Moreover, web access, email protection, startup scanner and idle-state scanner have it enabled by default too.
  6. 2 points
    Marcos

    Detection occurred but not cleaned

    If you ran a custom scan, make sure that you didn't enable scan without cleaning:
  7. 2 points
    Hello, this option is already available in ESET Cloud Administrator console. Currently, as agents are updated via "Components upgrade task", which does not differentiate between agents, and other components of the ESMC infrastructure (server / webconsole) this option was disabled. However, in Cloud the server is fully hosted / maintained by ESET, so "one click agent updates" are possible. Please note, that for the future releases we work on "automatic agent upgrades", meaning agents would automatically upgrade themselves to the version compatible / matching with the server.
  8. 1 point
    MichalJ

    EMA2 | Updating license unit quantity...

    Hello @mxp, we would like to identify the root cause of the problem. Can you please send me the license ID of the affected license via a private message? I will follow up with my colleagues. Indeed it should not take that long, so it´s either an one time issue, or a possible bug in the implementation.
  9. 1 point
    Marcos

    Web control log collecting to ESMC

    If you want only accessing of one category of urls to be reported to ESMC, it should be fine. The problem could be if you created a rule for every single url with the Warning severity. Since a single client could generate several such records per second, with hundreds or thousands of machines reporting them to ESMC could cause network and server performance issues and congestion.
  10. 1 point
    Marcos

    Web control log collecting to ESMC

    You must use the "Warning" severity for the desired Web control rules to send the data to ESMC. However, be careful to not use it for rules that allow or block too many urls or it may have adverse effect on perfomance of the ESMC server if many clients start to send a lot of data.
  11. 1 point
    The alert reads "Suspicious" detection which means the file was blocked by LiveGrid or EDTD. Detection of suspicious app would look like file.exe - a variant of Win32/Packed.VMProtect.AC suspicious application
  12. 1 point
    But it is the machine learning that is triggering the detection , not the update database The way this program behaves is being triggered by AUGUR that is suspicious
  13. 1 point
    It is your suspicious application setting that is triggering this detection , you can add this software to exclusions if you trust it so it won't be detected anymore.
  14. 1 point
    The file is not detected by ESET: mofidtrader.exe » UPX v13_m8 - is OK Please remove the exclusions and re-scan the file(s).
  15. 1 point
    Marcos

    using prepaid mastercard

    It depends on the local seller. Unfortunately, we do not sell to Iran.
  16. 1 point
    Marcos

    Slow Virus Scan After Update

    Itman doesn't work for ESET so he cannot know. I do and I don't know either because the module is being tested and no ETA is available. All we can say at this point that the module will be released soon, most likely within a couple of days.
  17. 1 point
    JackP

    Slow Virus Scan After Update

    I recently updated to v13.2.15. Scanning has slowed considerably. Today I started a full scan of my laptop using in-depth-scanning. I stopped the scan after over 3 hours and it shows less that 300,000 objects scanned. Why is scanning so much slower than before the product update?
  18. 1 point
    junyuanma

    AV is blocking loading webpages

    It solved my problem. When will I know that I can delete the files?
  19. 1 point
    MRutkowski

    AV is blocking loading webpages

    The patch solves the issue for Windows10 2004 with ESET Endpoint Antivirus 5.0.2271.1. Also RAM allocation and scan time looking way better (attached image).
  20. 1 point
    Marcos

    AV is blocking loading webpages

    Please find the dat file for Endpoint 6.5 and older here: https://forum.eset.com/files/file/28-em005_32dat-for-endpoint-up-to-v65/
  21. 1 point
    Marcos

    Slow Virus Scan After Update

    We have tested a new cleaner module and the results are promising. Extensive scanning of WMI and registry will be probably accomplished only with the In-depth scan profile where the scan time doesn't matter. If anybody's willing to test it, please let me know.
  22. 1 point
    junyuanma

    AV is blocking loading webpages

    I turned on startup scan in normal mode and enabled AppVerifier in safe mode. When I returned to normal mode, ESET did not load into the system, and the issue cannot be triggered. I tried manually open ESET Security through Start Menu, but nothing happened after I clicked the icon.
  23. 1 point
    RCK

    AV is blocking loading webpages

    Hello guys, Okay, I removed (from safe mode) EEA with esetuninstaller.exe, then reinstalled my usual 5.0.2272.7 x64 on my Win7. Then I go to > advanced configuration > computer > HIPS > [uncheck] Selfdefense, and I performed a virus database update, then I rebooted. With Selfdefense OFF, I tried to perform a procdump and it freezed Windows, no dump file was writen to disk, and I just totally lost control over operating system. I tried multiple times to generate a dump with selfdefense OFF, but it just totally freeze win7 (with / without "-e 1", "-ma", "32/64 procdump.exe", etc.) So I decided to enable again Selfdefense and start the command "procdump.exe -ma -s 10 -n 720 ekrn.exe" to have one dump every 10 seconds (because with selfdefense ON, I can't use "-e 1" unfortunatly). I also runned "process monitor", and wait the issue to reproduce. I feel that when the exception occurs, EEA is performing one of the startup scan because I can see the eset icon turning into taskbar, and overlib speak about startup scan, not virus database update. Could it be related to memory ? This startup task is eating a lot or ram (1.7 GB!), maybe there is one kind of infinite loop here. About dump, the bigger eea was using memory, the less dump file I could generate (See screenshot, "Error writing dump file: 0x8007000D"). Another information, once the ekrn.exe engine is broken, disabling AV from GUI is useless, but I can have internet access again with the following settings modifications: USELESS = advanced configuration > internet & mail > protection of web access > HTTP & HTTPS > [Uncheck] Activate control USELESS = advanced configuration > internet & mail > protocol filtering > [Uncheck] Activate content filtering FIXED = advanced configuration > internet & mail > protocol filtering > [Uncheck] System integration So finally, I was able to trigger the bug and have a 1.3 GB dump before and a 1.9 GB after freeze, let's hope it will help I also have one whole 4GB logfile from ProcessMonitor. Please find my complete debug session files (14GB) at the following URL (it's one ultra 1GB 7z file with 512MB dictionnary RAM compression): hxxp://tmp.zool.fr/tmp/eset/20200713_NoOutgoingPacket.7z Thanks !
  24. 1 point
    Marcos

    Slow Virus Scan After Update

    I'm sorry but I don't understand your last post. Constructive feedback is always welcome no matter if it's positive or negative. It's trolling and ranting which is not tolerated. Also itman acknowledged the steps to run a smart scan that I mentioned, there's no problem with him and we actually value his engagement in our forum. Let's stay on topic and refrain from being personal.
  25. 1 point
    Make sure that you are using a supported browser. Try it with Chrome and Firefox. On my mobile phone the website you sent me through a PM was blocked by ESET Mobile Security. Make sure that this test page is blocked: https://www.amtso.org/check-desktop-phishing-page/
  26. 1 point
    itman

    Slow Virus Scan After Update

    Run a default scan which uses the Smart scan profile by default. If it isn't obvious that a registry scan is running which should be, scroll to the top of files being scanned window where the scan parameters are shown. You will indeed note that a registry and WMI scan has been selected by default.
  27. 1 point
    itman

    Slow Virus Scan After Update

    This doesn't work! Any profile based scan auto scans registry and WMI. Doesn't bode well for anyone that has set up Eset scheduled scans, Only thing that appears to bypass the registry and WMI scanning is a Custom scan with of course, those options not selected.
  28. 1 point
    SlashRose

    Slow Virus Scan After Update

    Yes, the scans with this build take much longer, it takes about twice the scanning time for the same files as the previous build!
  29. 1 point
    Marcos

    Many bugs in Eset Internet Security 13.2.15.0

    The only known issue with v13.2.15 is that the registry and WMI scanners attempt to scan also non-existing objects. This will be fixed via a module update soon. As for other issues, I'm not aware of other users having reported them with one exception. Please report them to your local ESET support with steps how to reproduce them. If necessary, the support will ask for further logs necessary for troubleshooting. As for a bug-free software, there's nothing like that. We don't live in a perfect world and every software maker releases new versions and updates to address reported issues. Even Microsoft releases monthly updates with fixes.
  30. 1 point
    itman

    Manual update

    Yes.
  31. 1 point
    Also the problem here appears to be not Eset's eamsi.dll, but CSO's new "Trusted mode" feature that is also causing issues with other running software: https://www.pcgamer.com/csgos-trusted-mode-anticheat-system-is-live-but-its-causing-problems/ Believe this is something that needs to be reported to CSO's developers. Security software mechanisms that worked prior to Trusted mode implementation should also be allowed in this new mode. Also of note: https://blog.counter-strike.net/index.php/2020/06/30683/ It also appears that Symantec does offer Authenticode signed certificates: https://urlssl.net/symantec-code-signing-certificate.html . Therefore the issue is not with Symantec certs. per se. -EDIT- Believe this is the issue with CSO. Eset's cert. for eamsi.dll is not an EV cert.. However, Eset also countersigned eamsi.dll with it's Microsoft issued driver cert. which is an EV cert.. This appears to satisfy most apps requirement for an Authenticode signed certificate, but not for CSO it appears. This is also why Code Integrity errors are being thrown by some apps.
  32. 1 point
    Marcos

    uninstall from commandline if password set

    It's possible to use the PASSWORD="%password%" parameter (https://help.eset.com/era/53/en-US/idh_ra_remoteinst_commandline.html) from the command-line.
  33. 1 point
    I would simplify it further; "Used" and "Available for use."
  34. 1 point
    I guess the wording could be better and read "Consumed seats" and "Available seats" or something along that line. "Available devices" means that you can activate the license on 1 more device.
  35. 1 point
    What it's showing is one license seat has been activated and one license seat is available. Eset's uses the term "seat" to refer to how many devices Eset can be installed on. In your case, you only have one Eset license issued to you and that license can be installed on up two a maximum of two devices; i.e. seats.
  36. 1 point
    Marcos

    Manual update

    Correct. However, I don't see any good reason for not updating modules automatically.
  37. 1 point
    itman

    WMI provider crash

    Periodic WMI crashes have occured before: https://support.microsoft.com/en-us/help/959493/the-wmi-provider-host-program-wmiprvse-exe-may-crash-on-a-windows-serv So I suspect an issue exists in Win 10 2004 given all its problems to date. Why this might manifest with Eset installed remains to be determined.
  38. 1 point
    Hello, Yesterday NOD32 urged me to upgrade to 13.2.15, but there was no official mention of this new version here. Only a few hours ago you published here such an announcement post... This is a bad way of work - before I upgrade, I wish to know what is changed. Please, in the future - do not release the binaries to be updated at clients before you have a public matching post with details about the new version. Thank you.
  39. 1 point
    The above files were detected on the C drive according to the screen shot. However, it's unlikely to be FP and it's most likely Lojack by Absolute Software that Lenovo used to install to laptops.
  40. 1 point
    EFI/Computrace detection is correct, it's not a false positive.
  41. 1 point
    There is currently an issue that many non-existing objects are attempted to be scanned. This will be fixed in future versions or maybe via an automatic module update.
  42. 1 point
    Try deselecting WMI and registry in the targets setup. The number of not scanned files should decrease significantly.
  43. 1 point
    Please open a ticket with your local ESET support and provide logs collected as per the instructions at https://support.eset.com/en/kb3404-use-eset-logcollector-on-macos-and-send-the-logs-to-eset-technical-support.
  44. 1 point
    I'd recommend opening a ticket with your local support. Provide ELC logs as well as a dump of ekrn (create it via the advanced setup -> tools -> diagnostics -> create). Prior to creating the dump, do following: - turn off protected mode - restart the machine - attempt to activate the product - create a dump of ekrn but not later than 20s after you attempted activation
  45. 1 point
    As far as I know, it's a rule of thumb that vendors publish changelogs with the release which also happened this time. In the course of testing a new version, changes may not be final and may still occur to the final version.
  46. 1 point
    Microsoft releases every month updates to the Office 365 suite and posts changelog here: https://docs.microsoft.com/en-us/officeupdates/update-history-microsoft365-apps-by-date It does SEVERAL hours after the updates are available. You can check next week (patch tuesday). Many other Software vendors do the same. Please calm down and move on.
  47. 1 point
    Just wait till you see official notes before you upgrade , or refuse the upgrade if you don't know the changes.
  48. 1 point
    MichalJ

    Trigger on static group

    I have been able to reproduce the behavior. It seems to me as a bug, so I will report it to our QA / DEV teams. that a confusing description is displayed for the group, as indeed it shows "dynamic group" even when "static group" is set as target. It only shows like that when you try to "edit trigger".
  49. 1 point
    In my experience with Pre-6.5 agents on XP machines and in some cases, Win7 machines, I've always had a problem getting the agents on these machines updated. Even with GPO, these agents would always fail to update. I would end up just copying the EsetUninstaller.exe to these machines and running them in safe mode to get rid of the agent and av software. I too had spent a lot of time fiddling with ESMC and GPOs to get the Agents updated but gave up and did it the hard way. That said, have you taken a look at the agent logs on the problematic machines? These logs should at least point you to what's bugging the update process. That's the way I had figured the XP agents weren't liking the update command.
  50. 1 point
    Hello Nightowl, excuse me for my late answer! I didnt expected a second reply. Thank you for your adivce. I even considered to change Adblock Plus to uBlock. I will change it shortly. And i didn't know uMatrix but i will have a look to it. It sounds like it is from the same developer how uBlock is. I think i will try this too also when websites will look broken.
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...