Jump to content


Popular Content

Showing content with the most kudos since 12/18/2018 in all areas

  1. 6 points
    Aryeh Goretsky

    A holiday message from ESET for 2018

    Hello, With the holiday season upon us, and the forthcoming New Year just around the corner, it's time to put aside the keyboard and mouse for a moment and spend some time with friends and family. But before we do that, I did want to take a moment to wish each and every one of you a happy holiday, greetings of the season, and best wishes for the new year. We realize that you have many choices when choosing security providers, and thank you for trusting us to protect you in 2018 and all the years past. And, of course, we look forward to providing you with the same high levels of security in the years ahead. Thank you for being part of the ESET family. Best regards, Aryeh Goretsky
  2. 4 points

    Merry Christmas

    I'd like to wish all the ESET Administrators, Moderators, Staff, Associates, Partners, Forum members and guests (including all the families) a Merry Christmas. Have a peaceful and joyous holiday Best regards, Tom
  3. 2 points


    Downloaded the first sample with very few detections on VT and ESET picked it up as JS/TrojanDropper.Agent.NQS and the second link shows that ESET already detects it. Don't forget that ESET Advanced Memory Scanner would likely detect it as soon as it decloaked in memory.
  4. 2 points
    I've captured a short demonstration video of how ESET detects today's fresh Filecoder.FS by HIPS/AMS with 3 weeks outdated modules. Moreover network was disabled to prevent updates and possible influence by LiveGrid:
  5. 2 points

    Thank you

    Hi all, I want to thank all the great administrators, staff, contributors and ESET users. Because all of us together, this product gets better and ever each time. I love the way that ESET does care for everyone out there. Respect for the great team. Again, thanks for making such a great software. I just love it.
  6. 1 point

    Version 6.7.600


    The new ESET CyberSecurity Pro Release Candidate version 6.7.600 addresses various issues on macOS Mojave. It is planned to be released soon.
  7. 1 point


    Hi, I want to know why ESET don't join forums like MalwareTips to detect new viruses/Ransomwares more faster ? An example: https://www.virustotal.com/#/file/05bfd83bb0d4e7d27bbfc2c057b2b692612de808cc4bca73d9e0ae1d9d479623/detection I know it's a new Ransomware but it could be detected by now ? Another Example: https://www.virustotal.com/#/file/3203dc5ea66e86755254214b7b1ca8cb38271978e3ac2bdda35bce973ed0146c/detection And Merry Christmas everyone
  8. 1 point

    HIPS and FIREWALL in default installation

    I second that. It's easy to cherry pick malware that a chosen AV product won't detect and the machine will get infected.
  9. 1 point
    @ondrish, it was less an issue of the Config profile not working, and more an issue with the version of the ESET client. @TomasP provided me with a new client that did honor the Full Disk access whitelist. Hope this helps.
  10. 1 point


    Let me begin with it is almost impossible to stop malicious use of PowerShell by a determined attacker. One might think that creating a HIPS ask rule to monitor the startup of C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe and C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe will detect all PowerShell execution. It won't. Past examples of malicious use of PowerShell include to name few: 1. The attacker downloading the old version of PowerShell, ver. 2.0, used in Win 7 and running it. This version for example, will run fine on Win 10 as long as .Net 2.0 or 3.5 is installed. 2. Downloading the current ver. of PowerShell to any directory, possibly renamed but not necessary to do so, and running it from that location. 3. Executing .Net subassemblies associated with PowerShell via C#, C, etc. program means. The only way to completely stop PowerShell execution would be to employ a security product that can block execution by hash value and then create ask/block rules for hash values associated with every known version of PowerShell. Also, setting PowerShell to Constrained Language mode or using AppContainer which does the same. Eset has a few knowledgebase articles on PowerShell and other script use mitigations: 1. Firewall rules: https://support.eset.com/kb6132/ 2. HIPS rules: https://support.eset.com/kb6119/ These will prevent the most prevalent malicious use of PowerShell. They will not prevent all malicious use of PowerShell.
  11. 1 point
    I am very satisfied with ESET today. But I think they could add a sandbox so the user could execute suspicious files without the possibility of infecting the computer. Another thing is please do not do anything that would compromise the system's disengagement as other famous brands did. I really like ESET because of its good detection and low impact on the system.
  12. 1 point
    Hello @cutting_edgetech, While you are on the "Network connections" tab in the ESET GUI, right click in the "Network connections" pane and uncheck "Show only TCP connections". UDP connections should now show along with the TCP connections. I hope this helps...
  13. 1 point
    There are several ways how to create a new policy in ECA: Update profiles can be managed here:
  14. 1 point

    Unable to Download

    Are you unable to open www.eset.com in a browser?
  15. 1 point

    EES 6.7.500 Crashes Macs

    Installed the beta 6.7.600.0 patch on the MacbookPro with most issues and so far so good no more crashes! Thanks!
  16. 1 point
    @sindbad We are already tracking improvements to be able to generate reports based on the license usage (used license). I will extend it with your request.
  17. 1 point
    @katycomputersystems Functionality to change the group in the computer details is coming back. It was accidentally removed during the redesign. @Zen11t We have a project/ feature tracked to globally control all of the interactive windows for the future. I will add your comment to there.
  18. 1 point
    Description: anti-phishing Ignore button disable optionDetail: when user open a phishing website user can ignore the warning and open the site. We need a function where we can disable "Ignore threat" button. I did't find any option under Anti-phishing protection settings. Please add it to ESMC policy's too.
  19. 1 point
    Like Marcos says above, anything i have ever tried works perfectly alongside your ESET product as an on demand scanner. Used to use ESET with either MBAM or Superantispyware, but it's been fruitless over the past 2 or 3 years doing so as ESET on its own has protected/found everything as a stand alone product.
  20. 1 point

    Remote Admin Agent password

    If the agent still connects to your ERA/ESMC server, remove or change the password via an agent policy prior to uninstall the agent:
  21. 1 point

    Firewall engine

    I'm a long time user of pf on BSD and macOS, and iptables on Linux. I get very frustrated by the firewall availability on Windows machines, as they're generally nowhere near as fine-grained or powerful as *nix offerings. Eset's Internet Security finally gave me the control I desired; namely per-interface/IP zones and rules, to easily allow application-specific traffic over VPN interfaces but not the LAN/ISP etc. It even now has a top-to-bottom ruleset like pf. Nice! On my MacBook Pro I currently use the excellent built-in pf firewall, with Murus Pro acting as front-end. I'm more than capable of writing pf rulesets/conf files by hand, and always double-check the resulting pf.conf before pushing it into production, but a GUI is quicker to generate the initial config so whatever. My question is, does Eset's Cyber Security Pro for Mac utilise macOS' underlying pf, or does it use a custom engine? I'm really hoping it just acts as a GUI front-end for pf, as it's such a feature rich, powerful and battle-tested firewall there's no real reason to change it. Eset do make a nice GUI (and excellent AV) though, so that'd be icing on the cake. I did do a search before posting, but the one topic I saw asking this and a few other questions had all questions answered but this (most important!) one. Thanks in advance.
  22. 1 point

    Very poor test result

    Below find my personal comments that may not represent an official response of the company on this test. 1, It's not a real world test and it appears that some protection layers were bypassed (e.g. web protection with more aggressive detection and url blocking), ie. the results might not reflect how ESET would protect users in real life. Also the question is if the missed sample was actual or synthetic threat. Since we didn't get missed samples for verification, we don't know how prevalent in the world they are. 2, A false positive test was not a part of the test. It's easy to detect 100% of malware if also clean files are detected. 3, The author works for Emsisoft. Despite the claims of being independent, it's hard to believe that this did not affect the test in any way. It's also interesting that Bitdefender got best results and Emsisoft uses its engine as well. Employees of AV companies should not perform tests that they proclaim to be independent and unbiased. Only prestigious and respectful AV testing organizations should do that where independence is ensured. It would not be too difficult to make a test where an AV scoring 100% in other tests would get 0% if the "right" samples were picked in the test set. 4, "If a sample successfully makes it to memory and begins execution, it is considered a miss." This is a flawed methodology. A file has to be first unpacked in memory before it is executed. Advanced memory scanner triggers a scan only after a file has been executed and unpacked in memory. I strongly recommend taking tests from youtube or performed by other than non-professional testers with a pinch of salt. One must consider and understand all aspects of how a test was performed in order to take the results seriously.
  23. 1 point

    Firewall engine

    Never mind. I tested it anyway and unfortunately the firewall has more holes than Swiss cheese. It doesn't recognise virtual interfaces (eg utun), so even when connecting to a WireGuard VPN interface/server (for example), Eset doesn't notice. Even when manually setting the rules and zones like this: - Public - Block all incoming {Public IP} - Public - Block all incoming Once the tunnel is established (with a static public IPv4 address at the server end), all ports on the local machine are open to the internet, even with Eset running and configured to block everything. Seriously, seriously bad. I'll stick to Murus/pf then.
  24. 1 point
    I would welcome the changes, as I currently enable strict cleaning to get similar results
  25. 1 point
    Speaking as someone who is hands-on IT management rather than a reseller or MSP: That is how I would expect it to behave and should. My endpoints are configured for strict cleaning so I have not dealt with this issue, however if end users were greeted with option dialogs during an av scan without any way for the admin to suppress I would be quite aggravated with the product.