Leaderboard

Greetings! Listed as fixed in 7.3 "An on-demand scan launched from the ESMC console could shut down the computer even if this post-scan action was not selected" is exactly what started happening after I've upgraded Endpoint clients to 7.3. Never happened before. The process C:\Program Files\ESET\ESET Security\ekrn.exe (WKST-VRN-BKP01) has initiated the power off of computer WKST-VRN-BKP01 on behalf of user NT AUTHORITY\SYSTEM for the following reason: Other (Planned) Reason Code: 0x80000000 Shutdown Type: power off Comment: Computer scan completed That comes from sche

https://www.eset.com/sk/o-nas/press-centrum/eset-tlacove-spravy/nadacia-eset-podporila-vyvoj-slovenskeho-testu-na-koronavirus-a-financuje-prvych-100-000-kusov/ Machine translation: Scientists from Slovak companies MultiplexDX, Lambda Life and ProScience Tech have joined forces with virologists from the Biomedical Center of the Slovak Academy of Sciences (BMC SAV) to build a reagent kit according to the World Health Organization (WHO) protocol for reliable detection of SARS-CoV-2. In the first phase they plan to produce and make available 100,000 PCR tests. The ESET Foundation suppo

Hello, As 2019 comes to a close, and just before computers are turned off so that we can spend time with friends and family, I would like to take a moment to wish each and every one of you best wishes for the holiday season, and the forthcoming New Year as well. This past year has been equally exciting, challenging and sometimes even terrifying in terms of computer security, and we know that you have many choices when it comes to whom you choose to protect your computers. We are grateful that you have chosen to place your trust in ESET, and we will do our utmost to ensure that

Hello, this option is already available in ESET Cloud Administrator console. Currently, as agents are updated via "Components upgrade task", which does not differentiate between agents, and other components of the ESMC infrastructure (server / webconsole) this option was disabled. However, in Cloud the server is fully hosted / maintained by ESET, so "one click agent updates" are possible. Please note, that for the future releases we work on "automatic agent upgrades", meaning agents would automatically upgrade themselves to the version compatible / matching with the server.

It's been a slow forum posting weekend and it appears this thread has run its course. We have all had the opportunity to "rant and rave" about Eset Home version protection features we all wished we had and in reality, probably never will have. So it is time to expose this Python POC for what it is - fake ransonware. Err ..... what, you say? The POC encrypted files. Well so does a lot of legit encryption and other apps including user created ones. So lets get into this. A few years back, the NextGen security software vendors were trying "to get traction" against the established AV vendors

There are many reasons for that, not just one. One of the things we do is that the resource-intensive code emulation is done once and the result is cached for future use so advanced heuristics doesn't have to emulate files each time they are accesses and scanned. Then there are other safe caching mechanisms to ensure that files are re-scanned only when needed (e.g. after module updates), trusted / whitelisted files are scanned less frequently, etc. which also positively affects performance.

You can see in the test that ESET detected 100% of the samples in that SYNTHETIC (ie. not a real-world) "test" so no better result could be achieved. We have already commented on it as follows: This test is completely wrong. First of all, you skip the very first layer of defense - Web access protection which is very strong in ESET and blocks download from malicious urls which could save users in many cases from new malware even entering the system. Secondly, by disabling real-time protection you prevent HIPS from receiving events on the file system level and thus make HIPS and all HI

Cherishing memories

There will be a fix for the issue in both Endpoint and ESET NOD32 for Linux desktop according to the latest news.

Hello ESET Endpoint Security / Antivirus users, It’s been quite a while since we released the 7th generation of our Endpoint solutions, so naturally you may ask when the generation 8 will be released. We have good news to share, as we are approaching the final stages of development and preparation for the release, we would like to share it with you so you can try it before it gets released officially and give us feedback on it, which is very valuable for us. I guess the first question, which comes to mind is what will be the new features of it. Let me briefly name some: Secure

This was in Cloud Administrator topic but should be here too Description: A new task/setting to reboot computers with a popup message warning,Detail: Add the possibility to notify user that computer will be restarted when reboot computer task is triggered and let them for example 5 minutes to save/close programs/data.

Yes, v14 is going to be released later this year. It will be announced here as well as via other marketing channels.

Hello guys, thank you for your feedback. We will add Bitwarden to the list of whitelisted extensions that can be loaded in the protected browser. Regards, Tomas

It's been more than 5 years I've use ESET software on my computer and ESET is the best for me. here are some reasons I still use this Boy: Inexpensive Easy-to-use interface Good malware protection Secure browser for online payments Fast scans Lots of useful extra features Small system-performance impact File encryption, hardened browser extension, webcam protection What else do you need for your security? for me having a VPN access is the one but it's not a big problem. I very much appreciate your support ESET.

You are just angry at something that you can't change , all companies do the same , they release an update and then they give the change notes after a while , or go meet Microsoft , they won't tell you what changed. or say hello to Steam I don't represent ESET , and I don't work for them , but a delay of a bit or few hours after being posted in their download page and after that to their forum , it doesn't mean anything bad , they have posted it they didn't hide them , It's just a matter of a little bit of time delaying the upgrade so you can read the notes and after than initiate your up

I think this is resolved in just-released ESMC 7.2 where it look like this:

We are currently debugging the issue. Most likely we will be able to address it via an automatic HIPS module update.

The PUA detection is correct. It's optional. For more information what PUA are, please read https://support.eset.com/en/kb2629-what-is-a-potentially-unwanted-application-or-potentially-unwanted-content. If you think that benefits of using a particular PUA outweigh possible risks, you can exclude the PUA from detection.

ESET NOD32 Antivirus for Linux desktop is a legacy product. Legacy products do not support activation but require a username and password for update.These are not usually included in the license email since current products require only a license key for activation but can be provided by customer care on request. I'm gonna send you a personal message with your U/P momentarily.

Just some photos I found on the internet that can bring some good moments and make your white hair shine brighter. Hmmm , I used to love that GUI ! , so simple and basic but powerful.

ESET has been protecting users worldwide for decades already and have always provided state-of-the-art protection. While it was always our digital worlds that ESET has been protecting, now with the epidemic of the SARS-CoV-2 coronavirus the need to protect also users themselves became inevitable. Besides supporting various scientific and charity events, we are now creating a fund to support effective diagnosis of SARS-CoV-2 coronavirus, giving 300,000 EUR to support the purchase of a diagnostic system capable of analyzing 4000 samples per day. By purchasing ESET's products you can be sure

AMON is the former name of the real-time protection module. We still call it internally that way and also real-time protection driver in the latest v13 is called eamonm.sys.

I have a local account. I do not use online anytihng for this win10 debacle. I have SHUTUP switch off almost everything. I have no one drive, I have no microsoft accounts. microspasm have, over the years, clearly demonstrated their mistrust, disgust and lack of customer service for the very people who made them the global garbage patch they now are. As for a Linux recommendation, clearly, the front runner for new folk is Ubuntu. The GUI has evolved vastly over the years, it is stable, useful and easy to get to grips with. The standard desktop version contains all the workable soft

Update (Feb 10, 16:30 CET): 1, A fix tool that will replace ekrn.exe with a fixed version will be ready within today (Feb 10). The tool will need to be run on machines with affected ESET Security products that are malfunctioning. No restart should be needed to get the product work. The tool should work for affected Endpoint v5 as well as v6.5 products also on Windows XP and Windows Server 2003. 2, If you have an affected version of the product and it still works alright, do not restart the computer yet. Tomorrow (Feb 11) we'll be releasing Antivirus and antispyware module which will patch

Hi, I just published a brief guide to ESMC implementation in Proxmox : ESET Security Management Center 7 deployment in Proxmox VE I hope it is useful. Regards

As I wrote, there will be a hotfix of ESET NOD32 for Linux desktop that will address the issue.

just my reply : https://www.youtube.com/watch?v=Uh7l8dx-h8M

Not too long ago we were here, in another thread, discussing about the previous test from this very same guy who gave ESET appalling scores with a major war of words ongoing on this place for weeks. That was when i joined the ESET family and this forum. Because while everyone was fighting based on the opinions of this guy, what i did was to download ESET, then set it up with maximum settings, including the HIPS rules which i added manually from an ESET guide and, that is my understanding, later on were added by ESET as standard in their product. The result was me leaving another product a

Description: Color code failing tasks Detail: The server used to color code the tasks that are failing. I'm running the latest ESMC, and now, that doesn't happen, and I have a hard time figuring out which tasks are failing. Is there a way to color code it again, or where can I see it? All I get is a generic email saying: "At least one client task has invalid configuration and therefore will fail."

False positive reports To submit a possible False Positive see Submit a suspicious website / potential false positive / potential miscategorization by Parental control to ESET for analysis when you wish to submit via email or use Submit sample for analysis function from the program GUI of ESET product installed on your computer. Whitelisting ESET does provide a whitelisting service for software vendors by which you can submit your software to minimize the chances of false positives, e.g., when your software is being downloaded. This service is intended as preventive measure for t

itman would be undoubtedly the person to award for his big contribution of helping others on this forum 👌

Unfortunately it's by design. The plug-in writes information about scan to emails which causes the unwanted behavior. This will ultimately change with a new Outlook plug-in that will be most likely introduced next year.

Hello @damtechmatt I have good news for you. Towards the end of the year, we will be releasing an update to ESET Cloud Administrator (It will come with adjusted naming) that will remove the "size limitation" of 250 seats, and will also be available for our MSP partners to order / provision cloud instance from the ESET MSP Administrator (msp.eset.com). So stay tuned for upcoming news in the following months.

Also just started migrating our users across to ECA - worked fine last week, can't sign in without errors this morning. Any estimated time to fix? Do you have a status page somewhere, rather than relying on paying customers stumbling across a user forum that I had no idea that existed until 5 minutes ago ?

Just remember that technical support requests need to be directed to one of those counties; i.e. country of purchase. Assumed is the language to be used would be Arabic. However, 70% of Turkey's residents speak Turkish.

Hello @Peter Randziak, Thank you for following up! Sounds good, I will bump this again in a month or so to check on it's status and hopefully remind you. William

Hello @itman, the .exe itself is not malicious, it loads the .dll, which is being detected... Peter

It's enabled for newly created and modified by default which is enough. Moreover, web access, email protection, startup scanner and idle-state scanner have it enabled by default too.

Got it, Turns out I had made the change already. My memory just isn't what it used to be. Getting old isn't fun at all, but it beats the alternative. Thanks to both of you for your help.

I'm stating two issues here in one topic. First, ESET has two types of installers, one is an online installer and the other is offline. But both are totally misleading. The offline installer is merely a 53 mb file which only installs the product but the all the modules data is downloaded after installing. Then the online installer which should do what the name suggests but it doesn't. All it does is downloads that 53 mb installer and install and of course downloads all the modules data after installing. Why even say it an online installer while it's definitely not! Highly misleading. Lite

The script uploaded to VT is the initiator script that will run the payload script that has been previously dropped here: C:\updatewins.js . As such, this JavaScript itself is not malicious; the script in the C:\ root directory is. Hence why no one on VT detects the initiator script. Full analysis of this initiator script is here: https://www.hybrid-analysis.com/sample/1b1640edb3f7213f4338c6e0017a1b9028c6b324d64f3e63c09169540e82f4a5?environmentId=120

Yeah, the problematic driver that we saw in another case with BSOD was from 2016 too. Please uninstall v7.2 in safe mode and install 7.3 after starting Windows in normal mode.

With EDTD, any file potentially carrying malware is submitted for analysis in the cloud where the file will be run. Based on the behavior analysis and evaluation by 3 different machine learning models, the file is then evaluated either as malicious, highly suspicious, suspicious and probably clean. EDTD can be configured to block access to files downloaded by browsers or email clients until a result of EDTD analysis is received. Let's assume a spammed VBA office document with a malicious macro that is not covered by a detection. Without EDTD: A user receives the email and opens the a

Does creating a permissive bi-directional firewall rule for the following app help? /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper.app

Application Control is planned. A research was already made, currently there are no plans to back up files. We focus on protection since letting malware run has always negative consequences and 100% remedy is often not possible. Not to say that backing up any files in the event of modification has adverse effect on performance and that could render the machine unusable if big files are modified. ESET software is install-and-forget. End users use automatic mode in which they are not prompted for actions (firewall, HIPS, malware cleaning, etc.). Patch management is not cu

Agreed - we are also seeing this on multiple English systems

Probably you've missed what was written above. The module concerns Customer Experience Improvement Program that you can OPT IN during ESET installation. For more information and for a list of what data is gathered, please refer to https://help.eset.com/eis/13/en-US/ceip.html What types of information do we collect? Data about interaction with the product This information tells us more about how our products are used. Thanks to this we know, for example, which functionalities are used often, what settings users modify or how much time they spend using the product.

Hi, You should create a full chain certificate which contains SSL cert, intermediate, root and private key. - Download XCA and install it. - Download OpenSSL and install it. 1.) Create a empty file (C:\temp\cert-chain.txt) on your PC and past the following inside it: -----BEGIN CERTIFICATE----- (Your Primary SSL certificate from C:\temp\your_domain_name.crt) -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- (Your Intermediate certificate from C:\temp\TheIntermediateCA.crt) -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- (Your Roo

You have a rootkit there. Either boot from a clean medium (e.g. ESET SysRescue) and run a full disk scan, or do the following: - start Windows in safe mode - move C:\Windows\System32\Ms96FB23EEApp.dll to another folder, e.g. to c:\eset - start Windows in normal mode - run a full disk scan.

@TheMartin Thanks for the feedback / suggestion. I will contact our documentation team, and ask them to prepare the tutorial (video / documentation) with the topic "how to update my ESET environment on the latest version in the simplest way". I agree, it would be a helpful content, which should be more actively promoted in documentation and KB.