Jump to content

Leaderboard


Popular Content

Showing content with the most kudos since 01/11/2019 in all areas

  1. 2 points
    Hi everyone, build 6.7.600.0 was released on Jan 10 and is available on our websites, and the pkg installer can be downloaded from the KB article https://support.eset.com/kb7026/ Please let us know should any of the issues persist even with this build. Thank you. Alex.
  2. 2 points
    In managed environments (ie. on machines with the ESMC agent installed) PUA are cleaned as though in strict cleaning mode. The users are not supposed to make decisions and PUAs are controlled by an administrator. An admin can create exclusions for specific PUA detections and also possibly restore files from quarantine remotely.
  3. 1 point
    Marcos

    Suspicious scan results "QUICKBATCH".

    As I assumed, it appears to be an issue in the unpacker and engine that causes the error message on that file. We are working on a fix. There's no reason to be concerned about since the only negative effect is the error message that is displayed.
  4. 1 point
    ebill

    Thanks to ESET and the forum

    First I hope this post is in the proper place, and proper in content I just feel the need to say some words of praise. I would like to express my thanks to ESET and to the forum here and review my first 6 months with ESET internet security. I cannot be happier with the performance of the software; I would like to detail what I like best. EIS is very low impact on system resources, significantly improving boot times and general performance on our windows 10 PC’s in our home. The software is far easier than any other security software I have used to “setup”. For me setting the “enable detection of potentially unsafe applications” to on and setting my home network and it’s all done. In my previous vendor there were so many settings I had a list to use if re-install was necessary. The advanced setup available is also a huge advantage and the great forum here is the best place to get advice if you need help (I have answered most all of my own questions by searching and reading). We practice safe computing in our home but have saw the software “protect” us by not allowing web sites to load on a few occasions in web searches. I love the “lack” of popups and background behavior, only coming up when something needs my attention. The banking and payment is a great asset, I use this feature from its shortcut (not relying on site detection) when doing any online payment activity. I have not had any problems at all accessing sites, I even use PayPal on occasion and navigation through payment is flawless. I use Firefox as my browser of choice and love that I can create customization's in the Banking and Payment browser profile to enhance my personal security preferences while in B&P while not effecting my normal profile. In migrating feature updates on Windows 10 the software was flawless this fall picking right up where it was. Also when an ESET major update is ready the updates have gone flawless as well. This is a great asset to “ease of use”. Test results prevented me from coming to ESET sooner, this forum and the detail of explanation when these questions have come up (by other forum users) helped me understand what “test results” really mean. The reputation and commitment by ESET is evident in the software’s actual use. Please accept my sincere thanks for having this great product available. Anyone needing a great preforming AV suite should give ESET a try. Also my wishes for a Happy New year and a great 2019 to all at ESET and the forum – ebill
  5. 1 point
    I don't think it's a FP, most likely it's a Toolbar.Seznam PUA as the detection name suggests. It's not the original application installers but ones provided by Seznam.cz that have also a toolbar bundled besides the original application.
  6. 1 point
    cyberhash

    Can anyone post...

    Is it a full moon or something ??? You are like a dog with a bone ................ Nobody is stupid enough to run known ransomware just to provide you with a "Screenshot". That's just like drinking poison to see if its strong enough ☠️
  7. 1 point
    Marcos

    Does Eset protect against LoJax?

    Latest versions of ESET products contain a UEFI scanner that can detect malware in UEFI. For more information, please read https://www.eset.com/int/uefi-rootkit-cyber-attack-discovered/.
  8. 1 point
    Hi DJD, I'm in the same boat at you - migrating from Microsoft SCEP - it's disappointing to see a lack of documentation and support around deploying and managing this on macOS but as always, the community has got your back! After some conversations with other helpful members of the MacAdmins Slack in #endpoint_security we've worked out how to get ESET AntiVirus configured in via the command line - both the system level settings and user-specific GUI stuff. This is all still fresh and it's the weekend but I will write this up fully soon, like I did for SCEP at my blog https://soundmacguy.wordpress.com - here's the short of it: For system level settings: Set up ESET how you need it in the GUI - scan options, disable the email/web modules etc. Then export your settings as a file via the menu icon --> Setup --> Import/export settings. Then you can use the command line esets_daemon to import them (you need to specify the full path to esets_daemon of course - I've omitted it for simplicity here): esets_daemon --import-settings /path/to/settings/file You should kill the GUI and daemon as part of this process then re-load them to avoid user nags, e.g: killall esets_gui launchctl unload /Library/LaunchDaemons/com.eset.esets_daemon.plist esets_daemon --import-settings /path/to/settings/file launchctl load /Library/LaunchDaemons/com.eset.esets_daemon.plist Then restart or log out/in to bring the GUI back - or you can add the necessary commands to do that in a script, but this might vary depending on your management tools - I would work out the username of the logged in user then run an open command on the ESET application in their context, myself - a bit beyond the scope of this post. What's slightly annoying about this is you can't change settings in a granular, programatic way - it's just the whole file's worth or nothing. Maybe ESET support can offer some guidance? For user level (GUI) settings: You'll notice that the settings file doesn't account for GUI preferences that are user specific (everything under Preferences --> User --> Interface/Alerts and Notifications). If you've turned off the web and email modules, you'll see nags about that too which are suppressed with those user level preferences - definitely something we don't want! Anyway, those are stored in the file ~/.esets/gui.cfg and you can modify those with the old esets_set command, much in the same way as you did with scep_set. You can apply individual settings to it with esets_set, or just capture that file and re-import it, e.g: esets_set --apply=/path/to/exported/gui.cfg --cfg=/Users/username/.esets/gui.cfg This has to be run in the current logged in user's context (i.e. via a Launch Agent, or with something like Outset, or appending sudo -u username to the commands if running at root level with Jamf, it depends on your environment) and the --cfg flag needs to have the full path to the user's home directory - ~ didn't work in my testing. That's easy enough via a script - e.g #!/bin/bash loggedInUser=$( scutil <<< "show State:/Users/ConsoleUser" | awk -F': ' '/[[:space:]]+Name[[:space:]]:/ { if ( $2 != "loginwindow" ) { print $2 }}' ) killall esets_gui "/Applications/ESET Endpoint Antivirus.app/Contents/MacOS/esets_set" --apply=/path/to/exported/gui.cfg --cfg=/Users/"$loggedInUser"/.esets/gui.cfg open "/Applications/ESET Endpoint Antivirus.app" I haven't tested the above example but it should work. This is basically identical to how you'd do it in SCEP and I have a detailed post about that here: https://soundmacguy.wordpress.com/2017/11/19/managing-microsoft-system-center-endpoint-protection-scep-part-3/ For proper management of the those user GUI settings I'm looking to replace ESET's Launch Agent with my own script that will set the preferences then open the GUI when users log in - that'll make sure they revert back at each login in case users change things. It'll also avoid the need to kill the process first (except during installation/deployment in the first place - that's another piece of the puzzle I'm working on but it should be solvable). ESET - it would be really great to have some administrator-level documentation on the esets_set and esets_daemon commands please (hint - the ESET Linux documentation and manpages are good here - maybe we could have manpages for the macOS version too?) - we've basically had to dig in and work all this out for ourselves. 🙂 An interesting thing I noticed was that if you install ESET on top of SCEP, it'll handle the uninstall of SCEP as well as pick up its settings - both GUI (for the logged in user if present, taking root ownership of ~/.esets - not good!) and system level stuff. Last nugget of goodness - you can grab loads of useful information with esets_daemon --status I'm working on a few Jamf Extension Attributes to pull things like the definitions versions/dates, real-time protection status etc from it (I did this with SCEP but tended to scrape files instead - I like this better but didn't discover scep_daemon until afterwards and never got around to it...) - it's quite straightforward. I'm sure other management tools could leverage it as well. Hope this helps!
  9. 1 point
    Yes--the suggestion for handling it without user notification is better. It's confusing and frustrating for users right now. The only other way to do it would be to make sure the user only gets one prompt.
  10. 1 point
    I would welcome the changes, as I currently enable strict cleaning to get similar results
  11. 1 point
    Speaking as someone who is hands-on IT management rather than a reseller or MSP: That is how I would expect it to behave and should. My endpoints are configured for strict cleaning so I have not dealt with this issue, however if end users were greeted with option dialogs during an av scan without any way for the admin to suppress I would be quite aggravated with the product.
×