Jump to content


Popular Content

Showing content with the most kudos since 07/06/2020 in all areas

  1. 3 points
    You are just angry at something that you can't change , all companies do the same , they release an update and then they give the change notes after a while , or go meet Microsoft , they won't tell you what changed. or say hello to Steam I don't represent ESET , and I don't work for them , but a delay of a bit or few hours after being posted in their download page and after that to their forum , it doesn't mean anything bad , they have posted it they didn't hide them , It's just a matter of a little bit of time delaying the upgrade so you can read the notes and after than initiate your upgrade or delay it for next version.
  2. 2 points

    Advanced heuristics/DNA signatures

    It's enabled for newly created and modified by default which is enough. Moreover, web access, email protection, startup scanner and idle-state scanner have it enabled by default too.
  3. 2 points
    Hello, this option is already available in ESET Cloud Administrator console. Currently, as agents are updated via "Components upgrade task", which does not differentiate between agents, and other components of the ESMC infrastructure (server / webconsole) this option was disabled. However, in Cloud the server is fully hosted / maintained by ESET, so "one click agent updates" are possible. Please note, that for the future releases we work on "automatic agent upgrades", meaning agents would automatically upgrade themselves to the version compatible / matching with the server.
  4. 1 point

    Slow Virus Scan After Update

    I recently updated to v13.2.15. Scanning has slowed considerably. Today I started a full scan of my laptop using in-depth-scanning. I stopped the scan after over 3 hours and it shows less that 300,000 objects scanned. Why is scanning so much slower than before the product update?
  5. 1 point
    Make sure that you are using a supported browser. Try it with Chrome and Firefox. On my mobile phone the website you sent me through a PM was blocked by ESET Mobile Security. Make sure that this test page is blocked: https://www.amtso.org/check-desktop-phishing-page/
  6. 1 point
    Mobile Security needs some kind of permissions for Anti-Phishing to work properly , have you enabled that?
  7. 1 point

    Slow Virus Scan After Update

    Run a default scan which uses the Smart scan profile by default. If it isn't obvious that a registry scan is running which should be, scroll to the top of files being scanned window where the scan parameters are shown. You will indeed note that a registry and WMI scan has been selected by default.
  8. 1 point
    It is generally not a good idea to disable AV and play with malware samples on a real machine. What you can do is to check for registry changes reported by app.run on your machine and revert the necessary values.
  9. 1 point

    Slow Virus Scan After Update

    This doesn't work! Any profile based scan auto scans registry and WMI. Doesn't bode well for anyone that has set up Eset scheduled scans, Only thing that appears to bypass the registry and WMI scanning is a Custom scan with of course, those options not selected.
  10. 1 point

    Slow Virus Scan After Update

    Yes, the scans with this build take much longer, it takes about twice the scanning time for the same files as the previous build!
  11. 1 point

    Many bugs in Eset Internet Security

    The only known issue with v13.2.15 is that the registry and WMI scanners attempt to scan also non-existing objects. This will be fixed via a module update soon. As for other issues, I'm not aware of other users having reported them with one exception. Please report them to your local ESET support with steps how to reproduce them. If necessary, the support will ask for further logs necessary for troubleshooting. As for a bug-free software, there's nothing like that. We don't live in a perfect world and every software maker releases new versions and updates to address reported issues. Even Microsoft releases monthly updates with fixes.
  12. 1 point

    Manual update

  13. 1 point

    Slow Virus Scan After Update

    Here's the problem. The default Eset scan uses the Smart profile. Scans targets are N/A for this scan type. Appears Eset selects them by default and its including the Registry and WMI database scans. My present workaround till this is fixed was to create a new scan profile named; e.g. Smart scan w/o registry and WMI, and set that as the default profile. See below posting.
  14. 1 point

    uninstall from commandline if password set

    It's possible to use the PASSWORD="%password%" parameter (https://help.eset.com/era/53/en-US/idh_ra_remoteinst_commandline.html) from the command-line.
  15. 1 point

    Manual update

    I will also add that in-product updating is always a more secure update method that manual updating; contrary to popular belief. Manual updating opens one up to a phishing attack. A recent example is the WastedLocker ransomware that deployed a fake Google Chrome update request.
  16. 1 point
    I would simplify it further; "Used" and "Available for use."
  17. 1 point
    I guess the wording could be better and read "Consumed seats" and "Available seats" or something along that line. "Available devices" means that you can activate the license on 1 more device.
  18. 1 point
    What it's showing is one license seat has been activated and one license seat is available. Eset's uses the term "seat" to refer to how many devices Eset can be installed on. In your case, you only have one Eset license issued to you and that license can be installed on up two a maximum of two devices; i.e. seats.
  19. 1 point

    Manual update

    Correct. However, I don't see any good reason for not updating modules automatically.
  20. 1 point

    Detection occurred but not cleaned

    If you ran a custom scan, make sure that you didn't enable scan without cleaning:
  21. 1 point

    WMI provider crash

    Periodic WMI crashes have occured before: https://support.microsoft.com/en-us/help/959493/the-wmi-provider-host-program-wmiprvse-exe-may-crash-on-a-windows-serv So I suspect an issue exists in Win 10 2004 given all its problems to date. Why this might manifest with Eset installed remains to be determined.
  22. 1 point
    Hello, Yesterday NOD32 urged me to upgrade to 13.2.15, but there was no official mention of this new version here. Only a few hours ago you published here such an announcement post... This is a bad way of work - before I upgrade, I wish to know what is changed. Please, in the future - do not release the binaries to be updated at clients before you have a public matching post with details about the new version. Thank you.
  23. 1 point
    The above files were detected on the C drive according to the screen shot. However, it's unlikely to be FP and it's most likely Lojack by Absolute Software that Lenovo used to install to laptops.
  24. 1 point
    The only way to get rid of this detection is to get an UEFI/BIOS version from Lenovo that doesn't include the Computrace components and re-flash the UEFI/BIOS.
  25. 1 point
    EFI/Computrace detection is correct, it's not a false positive.
  26. 1 point
    There is currently an issue that many non-existing objects are attempted to be scanned. This will be fixed in future versions or maybe via an automatic module update.
  27. 1 point
    Try deselecting WMI and registry in the targets setup. The number of not scanned files should decrease significantly.
  28. 1 point
    Please open a ticket with your local ESET support and provide logs collected as per the instructions at https://support.eset.com/en/kb3404-use-eset-logcollector-on-macos-and-send-the-logs-to-eset-technical-support.
  29. 1 point
    I'd recommend opening a ticket with your local support. Provide ELC logs as well as a dump of ekrn (create it via the advanced setup -> tools -> diagnostics -> create). Prior to creating the dump, do following: - turn off protected mode - restart the machine - attempt to activate the product - create a dump of ekrn but not later than 20s after you attempted activation
  30. 1 point
    As far as I know, it's a rule of thumb that vendors publish changelogs with the release which also happened this time. In the course of testing a new version, changes may not be final and may still occur to the final version.
  31. 1 point
    Microsoft releases every month updates to the Office 365 suite and posts changelog here: https://docs.microsoft.com/en-us/officeupdates/update-history-microsoft365-apps-by-date It does SEVERAL hours after the updates are available. You can check next week (patch tuesday). Many other Software vendors do the same. Please calm down and move on.
  32. 1 point
    Just wait till you see official notes before you upgrade , or refuse the upgrade if you don't know the changes.
  33. 1 point

    Trigger on static group

    I have been able to reproduce the behavior. It seems to me as a bug, so I will report it to our QA / DEV teams. that a confusing description is displayed for the group, as indeed it shows "dynamic group" even when "static group" is set as target. It only shows like that when you try to "edit trigger".
  34. 1 point
    In my experience with Pre-6.5 agents on XP machines and in some cases, Win7 machines, I've always had a problem getting the agents on these machines updated. Even with GPO, these agents would always fail to update. I would end up just copying the EsetUninstaller.exe to these machines and running them in safe mode to get rid of the agent and av software. I too had spent a lot of time fiddling with ESMC and GPOs to get the Agents updated but gave up and did it the hard way. That said, have you taken a look at the agent logs on the problematic machines? These logs should at least point you to what's bugging the update process. That's the way I had figured the XP agents weren't liking the update command.
  35. 1 point

    Individually controllable update settings

    Thanks for your fast reactions. I really appreciate it. The situation is a bit complicated, but try to explain: We are a large, heterogeneous research institute. There is no central ActiveDirectory that manages all clients. We have Windows, MacOS and various Linux clients. We are currently preparing to switch from ERAC 5 to ESMC 7, finally. We have clients that only have access to our internal network; clients that are allowed to access the Intranet and the Internet; and clients that are operated outside our network for a long time (e.g. external research locations). Many employees are only with us for a few months and also bring their private devices with them. As long as they work with us, they get an institute account and are obliged to use our ESET Antivir solution. However, if these employees leave, we want to prevent them from continuing to benefit from our ESET license. With protecting the update-server with authentication; when their account expires with their departure, they can no longer access our update mirror server. So far with ERAC 5, we have had 2 update servers. Once the ERAC as a mirror-server itself via http without password protection in the internal network. And in addition, precisely because many of our devices are operated outside of our network for a longer time, an https mirror with password protection. Each user has their own login data, which become invalid when the user leaves our institute. With the switch to ESMC 7, the idea is now to provide a single update mirror server in the DMZ. All clients within our network (whether they have an internet connection or are only allowed to use local resources) can receive their updates from this update mirror without a password based on internal IP addresses. Clients who are temporarily or a longer time outside the internal network should use a password to access their ESET updates as long as the user has an activated institute account. This password is only known by the user, so they must enter it into the ESET antivir settings on their client. Clients, who leave our institute and therefore have no valid account anymore, should of course no longer be able to use our ESET antivir infrastructure. So thats why almost every client setting should therefore be set by a server-side Policy, except for the update setting where user name and password are stored. This is exactly what is currently not possible with Windows clients. But it is possible with MacOS / Linux Client Policies, so it would be nice if this were possible with Windows Client Policies also.
  36. 1 point

    device control

    If you don't need to control access to removable devices, keep Device control disabled.
  37. 1 point

    7.3.2036.0 "Hotfix" still a fail ESET

    Since figuring out the root cause of the issue will require further troubleshooting and also more information will be required, I would strongly recommend opening a ticket with your local ESET support to ensure that the case is tracked and dealt with properly.
  38. 1 point
    I'm not telling you to install a consumer product 13.1. It was a mistake and I amended the version number after I realized that you had Endpoint installed and not a consumer product. The version of drivers doesn't tell anything about what version of products it's used with. You wrote that you had Endpoint v7.2 installed on some machines and the troublesome version of driver was included in it so I don't see any issue with the driver not updating during upgrade.
  39. 1 point
    Hello Nightowl, excuse me for my late answer! I didnt expected a second reply. Thank you for your adivce. I even considered to change Adblock Plus to uBlock. I will change it shortly. And i didn't know uMatrix but i will have a look to it. It sounds like it is from the same developer how uBlock is. I think i will try this too also when websites will look broken.
  40. 1 point
    This is not true. It makes good sense to have both static and dynamic groups and users use both a lot. Unlike static groups dynamic groups are evaluated by agent on clients. For instance, with static groups only, it would not be possible to change the membership and run specific tasks on clients if they were not reporting to ESMC (e.g. roaming clients) and an unhandled threat would be detected.
  41. 1 point
    False positive reports To submit a possible False Positive see Submit a suspicious website / potential false positive / potential miscategorization by Parental control to ESET for analysis when you wish to submit via email or use Submit sample for analysis function from the program GUI of ESET product installed on your computer. Whitelisting ESET does provide a whitelisting service for software vendors by which you can submit your software to minimize the chances of false positives, e.g., when your software is being downloaded. This service is intended as preventive measure for trusted and undetected applications to minimize risk of future false positives. Whitelisting service is not a channel for removing existing detections, disputes or solving other unrelated problems. If you want to register your software for whitelisting, please follow the instructions in the KB article How do I whitelist my software with ESET? Requirement for False positive submissions When submitting false positive file(s) via email or via program GUI, it is necessary to send copy of falsely detected file(s) as well as description of the file. I will explain what information is needed and why it is important. 1) Name of the legitimate application the file belongs to. When submitting false positives you must be able to identify what is the name of application that is being falsely detected. No-name false positive reports (when information about the application name is missing) are harder/slower to examine and in many cases indicate correctly detected malware rather then false positive. Example of correctly provided information: “This file belongs to VLC media player 3.0.6.” When you provide the specific version number, it helps. Example how not to submit false positives: “I don’t know what it is and why I have it on my computer but I think it is a false positive.” If you don’t know what the file is, don’t report it as false positive. 2) Name of the application’s author, developer, vendor or website where you downloaded the software Each legitimate software have known author or there is known company who developed it. There is known source/origin where the software can be obtained and you can learn information about it. This information is needed in investigation process. Researchers need to verify whether the software is safe and they may need the full installer to evaluate the software properly. Researchers may need to investigate whether other versions of the same software were affected by false positive or not. It is important to know the source/website where you downloaded the software because some download websites provide different installers than original vendors. 3) Application's purpose Let the researchers know what the application is supposed to do, what value does it offer to you. This information is usually available on vendor’s website but there are many old applications where the website is no longer available, or software was distributed only on CD-ROM/DVD, or the software is custom/in-house developed and the description is not generally available. Examples how of application’s purpose: This is a picture viewer, video convertor, movie player, communication software, printing program, database program, web browser, accounting software, computer game, tool I use for programming, etc. Don’t hesitate to provide any additional information you deem important. You may add the specific detection name you saw when detection occurred. In case some specific circumstances are needed to reproduce the problem, tell it to the researchers how (For example it may happen that the file itself is not detected but it downloads/creates other files that trigger detection). You may submit false positives via email or directly from ESET product via Submit sample for analysis function. In order to use the function open GUI of ESET Internet Security, you will find following icon in Tools and clicking More Tools: Please select “False positive file” option and attach the file you want to submit. Please provide all necessary information (as described above) researchers need to process your false positive submission. Information you provide indeed significantly helps ESET laboratories in the identification and processing of samples. Thank you for your submission!
  42. 1 point
    Hi Team, Description: Example REST API usage with Perl / Python Detail: An example document on how to use the API with Perl would be helpful you have one using C however I would just like to create a few script based calls to it using Perl for use with Nagios and other systems I have to integrate further with our other tools. Description: Failure Details inside Web Interface, Detail: Most of the time when a task fails it provides hardly any details why I need to follow the rabbit hole to the trace log, Description: Slackware Linux Support /+ Native x64 support without 32 bit libs Detail: I run 100s of Slackware Servers and have gone away from multilib etc, Also activate product from Remote Administrator rather than having to download an offline license for them Description: Use Latest option for software install Detail: Software install of ESET use latest option would be helpful eg tick a box and policy would always use the latest version available of eg Endpoint Antivirus when running the task Description: From Dashboard take filters and generate a Dynamic Group / Action Detail: I forever have out of date machine on the dashboard and have to copy the filters down and go an create a dynamic group from them to trigger an upgrade can a button be incorporated ( where you have generate CSV /PDF etc ) to say generate dynamic group please Thanks Tim
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
  • Create New...