Jump to content


Popular Content

Showing content with the most kudos since 02/18/2019 in all areas

  1. 5 points
    Hello, As 2019 comes to a close, and just before computers are turned off so that we can spend time with friends and family, I would like to take a moment to wish each and every one of you best wishes for the holiday season, and the forthcoming New Year as well. This past year has been equally exciting, challenging and sometimes even terrifying in terms of computer security, and we know that you have many choices when it comes to whom you choose to protect your computers. We are grateful that you have chosen to place your trust in ESET, and we will do our utmost to ensure that we continue to earn that trust into 2020 and beyond. On a personal note, 2019 marks my thirtieth year in the field. In 1989, I began my career by driving to John McAfee's house and answering the single phone line in-between taking classes at college. Back then, there were perhaps a couple of dozen computer viruses for PCs running DOS, and about the same for Macs (running the classic Mac OS). In the intervening three decades, we have seen the rise (and fall) of several computing platforms and entire ecosystems. We've gone from the dream of having a computer in every home to having one in every room (and sometimes more than one). Classic computer viruses (i.e., recursively self-replicating code that creates a possibly evolved copy of itself) have become almost extinct as a standalone threat, replaced by an alphabestiary of malicious software, some of which do incorporate viral-like techniques. The one thing I can say, though, is that I never thought the problem of malicious code would get as bad as it has become today. The flip side of this, though, is that I am constantly amazed at how good companies like ESET have gotten at combating those threats. To be a part of ESET and see how the company does things at scale has definitely been a highlight of my career so far, and I hope to continue helping protect your computers for many years to come. Wishing you all the best, Aryeh Goretsky
  2. 4 points
    There will be a fix for the issue in both Endpoint and ESET NOD32 for Linux desktop according to the latest news.
  3. 3 points
    Update (Feb 10, 16:30 CET): 1, A fix tool that will replace ekrn.exe with a fixed version will be ready within today (Feb 10). The tool will need to be run on machines with affected ESET Security products that are malfunctioning. No restart should be needed to get the product work. The tool should work for affected Endpoint v5 as well as v6.5 products also on Windows XP and Windows Server 2003. 2, If you have an affected version of the product and it still works alright, do not restart the computer yet. Tomorrow (Feb 11) we'll be releasing Antivirus and antispyware module which will patch ekrn to fix the issue. 3, We should have 6.5 installers with a fixed ekrn.exe ready by tomorrow and will replace them in the repository too. 4, After remedying the issue, please consider upgrading to the latest Endpoint v7.2 wherever possible. While Endpoint v5 and 6.5 products will work until they reach EOL, we strongly encourage you to use the latest version which not only addresses bugs and issues from older versions but also brings substantially better protection against current threats.
  4. 3 points
    Hi, I just published a brief guide to ESMC implementation in Proxmox : ESET Security Management Center 7 deployment in Proxmox VE I hope it is useful. Regards
  5. 3 points
    As I wrote, there will be a hotfix of ESET NOD32 for Linux desktop that will address the issue.
  6. 3 points
    just my reply : https://www.youtube.com/watch?v=Uh7l8dx-h8M
  7. 3 points
    The ESET Knowledgebase YouTube Channel celebrates its 10-year anniversary today! https://www.youtube.com/user/ESETKnowledgebase/community Check out the infographic for our lifetime YouTube statistics for the channel. The ESET Knowledgebase channel includes step-by-step video tutorials demonstrating the key processes and features of our ESET products, from ESET NOD32 Antivirus and ESET Internet Security to business products like ESET Security Management Center. In addition, our channel is yet another way for our customers to reach us with feedback and questions. We make every effort to respond to support-related comments and yes, we do take video suggestions!
  8. 3 points
    False positive reports To submit a possible False Positive see Submit a suspicious website / potential false positive / potential miscategorization by Parental control to ESET for analysis when you wish to submit via email or use Submit sample for analysis function from the program GUI of ESET product installed on your computer. Whitelisting ESET does provide a whitelisting service for software vendors by which you can submit your software to minimize the chances of false positives, e.g., when your software is being downloaded. This service is intended as preventive measure for trusted and undetected applications to minimize risk of future false positives. Whitelisting service is not a channel for removing existing detections, disputes or solving other unrelated problems. If you want to register your software for whitelisting, please follow the instructions in the KB article How do I whitelist my software with ESET? Requirement for False positive submissions When submitting false positive file(s) via email or via program GUI, it is necessary to send copy of falsely detected file(s) as well as description of the file. I will explain what information is needed and why it is important. 1) Name of the legitimate application the file belongs to. When submitting false positives you must be able to identify what is the name of application that is being falsely detected. No-name false positive reports (when information about the application name is missing) are harder/slower to examine and in many cases indicate correctly detected malware rather then false positive. Example of correctly provided information: “This file belongs to VLC media player 3.0.6.” When you provide the specific version number, it helps. Example how not to submit false positives: “I don’t know what it is and why I have it on my computer but I think it is a false positive.” If you don’t know what the file is, don’t report it as false positive. 2) Name of the application’s author, developer, vendor or website where you downloaded the software Each legitimate software have known author or there is known company who developed it. There is known source/origin where the software can be obtained and you can learn information about it. This information is needed in investigation process. Researchers need to verify whether the software is safe and they may need the full installer to evaluate the software properly. Researchers may need to investigate whether other versions of the same software were affected by false positive or not. It is important to know the source/website where you downloaded the software because some download websites provide different installers than original vendors. 3) Application's purpose Let the researchers know what the application is supposed to do, what value does it offer to you. This information is usually available on vendor’s website but there are many old applications where the website is no longer available, or software was distributed only on CD-ROM/DVD, or the software is custom/in-house developed and the description is not generally available. Examples how of application’s purpose: This is a picture viewer, video convertor, movie player, communication software, printing program, database program, web browser, accounting software, computer game, tool I use for programming, etc. Don’t hesitate to provide any additional information you deem important. You may add the specific detection name you saw when detection occurred. In case some specific circumstances are needed to reproduce the problem, tell it to the researchers how (For example it may happen that the file itself is not detected but it downloads/creates other files that trigger detection). You may submit false positives via email or directly from ESET product via Submit sample for analysis function. In order to use the function open GUI of ESET Internet Security, you will find following icon in Tools and clicking More Tools: Please select “False positive file” option and attach the file you want to submit. Please provide all necessary information (as described above) researchers need to process your false positive submission. Information you provide indeed significantly helps ESET laboratories in the identification and processing of samples. Thank you for your submission!
  9. 2 points
    Tonight (CET) we are going to publish links to fixes for Endpoint v5. A bit later we plan to release also a fix that will be smaller in size and will download the appropriate installed of the latest v5 Endpoint instead of having it bundled.
  10. 2 points
    Agreed - we are also seeing this on multiple English systems
  11. 2 points
    @Marcos What about the endpoints that request a username and password when you go to advanced settings after applying the patch? Also any update if we NEED to update after applying the 6.5 patch? Like 10000+ workstations updaten without any era would take a few months.
  12. 2 points
    On machines that have been restarted and where ESET doesn't work (ie. neither update does), it will be necessary to run the fix tool that we are testing right now. We'll announce it here when ready.
  13. 2 points

    Telemetry module EIS

    Probably you've missed what was written above. The module concerns Customer Experience Improvement Program that you can OPT IN during ESET installation. For more information and for a list of what data is gathered, please refer to https://help.eset.com/eis/13/en-US/ceip.html What types of information do we collect? Data about interaction with the product This information tells us more about how our products are used. Thanks to this we know, for example, which functionalities are used often, what settings users modify or how much time they spend using the product. Data about devices We collect this information to understand where and what devices our products are used on. Typical examples are device model, country, version and name of the operating system. Error diagnostics data Information about error and crash situations is also collected. For example, what error has occurred and which actions led to it. Why do we collect this information? This anonymous information lets us improve our products for you, our user. It helps us to make them the most relevant, easy-to-use and faultless as possible. Who controls this information? ESET, spol. s r.o. is the sole controller of data collected in the Program. This information is not shared with third parties.
  14. 2 points

    ESET NOD32 Google Chrome 79 crashes

    @Kirill Licenses for ESET products are not sold for a specific product version. Meaning, that with your current license you will be eligible to use the new V7 as well. Linux Endpoint product is the last one running the old version of architecture / scanning core, and it will be updated to V7 soon. We are already running a beta program (available here), V7 should not have this issue at all.
  15. 2 points
    The current up-to-date version for desktop edition is the v4 Endpoint edition v7 is running as BETA currently , once it goes stable I believe they will start looking at building the v7 for desktop. The fix that Marcos talked about would be probably a small fix (hotfix) that will solve the issue with browsers and that's it , not a major upgrade.
  16. 2 points

    MDM certificate

    Hi, You should create a full chain certificate which contains SSL cert, intermediate, root and private key. - Download XCA and install it. - Download OpenSSL and install it. 1.) Create a empty file (C:\temp\cert-chain.txt) on your PC and past the following inside it: -----BEGIN CERTIFICATE----- (Your Primary SSL certificate from C:\temp\your_domain_name.crt) -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- (Your Intermediate certificate from C:\temp\TheIntermediateCA.crt) -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- (Your Root certificate part from C:\temp\TheTrustedRoot.crt) -----END CERTIFICATE----- 2.) Now replace the content inside the brackets with your certificates (which you can export via XCA; PEM txt format). The order above is VERY important so do not mix it! 2.) Export the private key (unencrypted in text format) with XCA from your certificate and store it inside C:\temp\server.pemkey 3.) Now merge everything together as pkcs12 (filename extension for PKCS #12 files is .p12 or .pfx). To do that open a CMD (run as admin) and perform: cd C:\OpenSSL-Win32 openssl pkcs12 -export -inkey C:\temp\server.pemkey -in C:\temp\cert-chain.txt -password pass:ABCD -out C:\temp\certificate(chain_and_key).pfx 4.) Your PFX file is now ready to be used.
  17. 2 points


    You have a rootkit there. Either boot from a clean medium (e.g. ESET SysRescue) and run a full disk scan, or do the following: - start Windows in safe mode - move C:\Windows\System32\Ms96FB23EEApp.dll to another folder, e.g. to c:\eset - start Windows in normal mode - run a full disk scan.
  18. 2 points

    Files encrypted by ransomware

    In fact, I provided a proof that on Windows 10 ESET detected and blocked execution of the ransomware and protected the user where the other "free" AV failed. If you have a proof that ESET doesn't protect users well, please provide a proof and support it with logs and other necessary stuff.
  19. 2 points

    IDS on Server2008 R2

    It's because of this: https://support.microsoft.com/en-us/help/2664888/computer-stops-responding-when-you-run-an-application-that-uses-the-wi So the solution is to make sure the hotfix is installed, then install EFSW and enable Web & Network protection during installation.
  20. 2 points
    Aryeh Goretsky

    Gryphon Router

    Hello, Hmm… this is kind of a long answer. ESET is always looking at all sorts of new (and not-so-new) technologies and how we can better protect people, and the Internet of Things is one of those areas where there are a lot of challenges and a lot of interest. We have done everything from finding vulnerable devices and reporting them to their vendors (under responsible disclosure guidelines, BTW), as well as looked at the space from the perspective of a higher level overview. So, from that perspective, ESET does have interest in the space. But, that said, it is important to understand that there are a lot of non-obvious background activities that go into shipping actual hardware. My last employer (before I joined ESET in 2005) was a telephony hardware manufacturer that made embedded systems like VoIP handsets, PoE switches, PBXes and the like. While that may sound dissimilar to an "IoT device" at first glance, they are really largely the same: General purpose (commodity) hardware and operating systems software that has been highly-optimized and engineered to perform a few set-purpose activities. In the case of those devices, that involved things like taking and placing calls, handling voicemail, toggling MWI (message waiting indicator) LEDs and connecting to a variety of standards-based (SIP) and proprietary (Cisco) devices. To get to all of that, though, the company had to go through all sorts of prototyping to design and then test the hardware, source component suppliers, find printed circuit board manufacturers, assembly partners, etc. Doing all of that requires having lots of electronics engineering talent, with specialization not just in embedded but telecommunications and networking as well. You have to design the plastics (or contract that out to a design firm), as well as do things like get certification from various regulatory agencies and safety organizations (FCC, UL, TUV and so forth). You even have to design crush-proof packaging and foam inserts which is a highly-specialized field. Getting device through certification is not always easy (when I left my last employer, they were going through a multi-month long process to get a Bluetooth radio module inside a handset certified for EU use) or cheap. And, once you've finally got a working, certifiable product, it gets even more complicated. If you have a physical product like hardware, you have to have physical space for engineers to sit in, warehouse space for inventory, a shipping department, a QA/testing department, an RMA department for analyzing why units failed in the field and repairing them and so forth. Also, expect to re-spin (revise) your product's hardware several times over its life-cycle to fix bugs in it. Those will occur, no matter how much you design or test for them. At my last employer, they had one product with a circuit board on revision H (8th revision) because revisions A though G had flaws in them. Even something as simple as the Raspberry Pi 4 has design flaws that need to be fixed with a board redesign. All together, that is a lot of work, and while ESET has engaged in some activities-at-scale before which required some specialized engineering, making an IoT security device is in a different kind of direction than the has historically been in. That's not to say that you will never see an ESET IoT security device, but just not to expect anything in the near term, because there's a lot of work to do to get into the hardware space. It may instead be more effective to partner with companies to provide that kind of functionality. But, that's a discussion far beyond my area of expertise. Regards, Aryeh Goretsky
  21. 2 points

    Understanding EEI Dashboard

    The higher a circle is on the Y axis, the more machines in your LAN have particular files. The further a circle is on the X axis, the more ESET users have the file (ie. the more popular it is worldwide). The bigger a circle is, the more such files you have. To illustrate it on a concrete example: The red-marked circle means that you have quite many files that exist only on 1 computer in your LAN but are quite popular among ESET users since the LG popularity is 7 (1-10 mil. of users):
  22. 2 points

    Files encrypted by ransomware

    I have long argued that what is need is a "professional" version of Eset consumer products. For example, the above mentioned EES 7.2 aggressive option could be one feature provided. Another I would like to see is more aggressive reputational scanning options such as the ability to alert/block unknown non-system processes and the like. Etc., etc.. To date, this has fallen "on deaf" Eset ears.
  23. 2 points
    Description: Color code failing tasks Detail: The server used to color code the tasks that are failing. I'm running the latest ESMC, and now, that doesn't happen, and I have a hard time figuring out which tasks are failing. Is there a way to color code it again, or where can I see it? All I get is a generic email saying: "At least one client task has invalid configuration and therefore will fail."
  24. 2 points

    Version 1.0.0


    Diagnostic.Agent.7.1_91.0_x64.zip This file should be downloaded and used only if instructed so by customer care staff.
  25. 2 points
    It is very simple. Use SetThreadExecutionState. See: link to Microsoft Windows Dev Center.
  26. 2 points
    Description: Prevent sleep during scan. Detail: Windows can put the computer to sleep before the scan is finished. That is very annoying. There should be an option to prevent that from happening. Oops, it's a coincidence that @zeromido asked someting similar here right above. Before I started typing, I first searched the forum for "scan prevent sleep".
  27. 1 point
    Please refer to https://forum.eset.com/announcement/5-endpoint-50-65-and-eset-server-products-65-non-functional-as-of-feb-8-antivirus-and-antiphising-is-non-functional-reported/ and the KB article https://support.eset.com/en/alert7396-legacy-products-startup-issue. This was caused by a bug in old versions of our products, namely Endpoint 5.0.2248+ (except the very latest version 5.0.2271) and versions 6.5. There is already a fix for Endpoint v5, please refer to https://support.eset.com/en/alert7396-legacy-products-startup-issue and the section How to download the fixing tool for v5. Please elaborate more on "The 'Personal Firewall' is work only in 'Eset Smart Security V5'. V6 and V7 not working properly." The firewall works properly both in v6 and v7. What works differently for you in v5? Endpoint v5 is going to reach end of life by the end of this year which means that even engine updates will not be guaranteed afterwards. We strongly recommend to upgrade to Endpoint 7.2 to those who can upgrade as soon as possible. Also please keep in mind that Endpoint v5 is not effective enough to protect you from current emerging threats while v7.2 provides a bunch of new protection features to keep you safe. Last but not least, neither Endpoint 6.6 nor 7.0, 7.1 and 7.2 were affected by this issue.
  28. 1 point

    Endpoint Security Anti phishing non functional

    How did you do it? I don't believe you changed the dates on the computers. I need some help here, all my systems are on 5.0.2265 EAV and cant make them work.
  29. 1 point
    It could be since ekrn does not load any dlls one of which is a plug-in for Outlook.
  30. 1 point

    ESET Internet Security

    If it's still not there check it hasn't accidentally landed in the spam folder
  31. 1 point
    @mcrouse in my case system date must be 7.2 or before, so it can 6.5 load correct and uninstall correctly. For installing another version system date must be today. If you are installing 6.6 or 7.x on 6.5, then the date must be 7.2 or earlier during installation, to be able to properly uninstall 6.5. You can then change the date to today before restart.
  32. 1 point
    Thanks to both, it was somewhat helpful. I ended up deleting all the tasks from the queue for that particular laptop, then ran new tasks to deactivate, remove, delete... Now I got a license freed up and I am little happier.
  33. 1 point

    How To Know Infected PC

    The worm is replicating itself from one of the computers or shares in the Network , ESET won't be able to remove it from the remote location , it will only be able to protect the computer that it's installed on You need to clean the worm from the infected PC/share , first of all you should disconnect it from the network to prevent it from keep trying replicate itself to others, then you try to clean it off and make sure the machine is fine and then you put it back to the network.
  34. 1 point
    Peter Randziak

    Telemetry module EIS

    Hello @mhmd, the module is related to "Customer Experience Improvement Program", the details are described at https://help.eset.com/eis/13/en-US/ceip.html Peter
  35. 1 point
    hello BeanSlappers thanks for your reply I have never gotten to use port forwarding the main router I use it for everyday tasks like youtube facebook games etc already when I need to do something I use a second router for it although the results on this main router confuse me because I have never gotten to use it for other tasks besides the daily ones thank you very much for your attention
  36. 1 point
    Moreover, url scan and website content scan are two completely different things.
  37. 1 point
    Each distributor provides technical support for local customers and contacts ESET HQ in cases when deeper investigation is needed. After contacting customer care, you should receive a confirmation email with a ticket ID. If you didn't receive any, check the spam or junk folder. You can also try contacting customer care via the web form that is available through the wizard https://www.eset.com/uk/customer-care-wizard/.
  38. 1 point
    The patch was included in the Jan. cumulative update for Win 10 release last Tues.. For Win Server 2016 and 2019 which are also vulnerable, one will have to check with Microsoft on how the patch is being delivered or download the patch from the Win Catalog web site.
  39. 1 point
    Hello, What you have to do is to configure the proxy for both the agent, and the mac security product. In case the macs are showing not correct "last connected time" it would mean that they are not able to connect to the server at all, which is the thing you should troubleshoot. To confirm this, please check the status.html of one of the mac agents. Also, what makes me confused is, that you mix topic of proxy and mirror. When you refer to mirror, do you mean actual offline generated mirror by mirror tool, or you utilize the proxy caching function. In this case, you just need to configure both agent / endpoint to communicate via proxy, and they should get the updates from there automatically. Please note, that in ESMC 7.1 you can configure proxy details for the agent live installer, and also choose a policy that will be applied to the machine. @Marcos can you please move this to "ERA" portion of the forum?
  40. 1 point

    EM008K_64.DLL BSOD 0x1D , Windows 10

    Do you know when this update will be released publicly? Or how can I avoid this error? At the moment, I get a BSOD several times a day, as well as data loss in some programs due to incorrect file saving. The minidump shows the same driver with the same parameters. As an option, I see only the complete removal of ESET Internet Security, since it is not known when the update will be released.
  41. 1 point
    Please elaborate more on what benefits using gamer mode has for you. If you disable automatic gamer mode activation for applications running in full-screen mode, what issues do you observe while playing games?
  42. 1 point
    There are no such agreements. It would mean that every AV maker would have to have an agreement with every company or person in the world that compiles files and creates applications. It is obvious that AV makers fix false positives in their own interest as well. Also I wrote that the detection was fixed so your conclusion is incorrect.
  43. 1 point
    that's a great news. we are waiting for it. thanks a lot!
  44. 1 point

    ESET v12.2.29 bug?

    Try the newer version of EIS when available later this week or by the beginning of the following one.
  45. 1 point
    I don't think so. For instance, Windows Defender doesn't have any at all.
  46. 1 point
    Description: A Manage application section like Kaspersky or an Application network rules section like Kaspersky or maybe both. Details: Currently there is no way to know which programs I ran on my PC that was trusted by Eset or not. By having an Application manager it would make really easy give a detailed representation. Eset already kind of has this but that's for running processes only but not for all the products and also this window just shows information but I can't interact with it like it's possible in Kaspersky. And for Firewall, it's possible to add rules for specific programs of course but it would be better if there was list of all applications to show what is set to allowed by Eset and what not. This should be interactive too so if a user want to deny let's say "Cleaner" internet connection then the he/she would select Ccleaner from the list and deny it internet access instead of the current situation where user need to manually browser the program to block it in Firewall. The current implementation should always be there of course but my proposed interface would make everything much easier. Also a program can have multiple files that access to the internet. From this list it would be much easier to find that out. So, overall user experience would improve a lot. To have a closer look you may try installing Kaspersky to understand how this two mode works on their product. I don't want Eset to have the exact same to same that Kaspersky has but the basic idea should be the same. I love Eset because it's great product and super lite. But I want Eset to have these features. I'm sure it's not just me but everybody would appreciate it and it will make the product even better. Examples:
  47. 1 point

    Introduce yourself

    Are you looking for protection for Windows or Linux? For Windows we have ESET Internet Security and ESET Smart Security Premium (which is basically EIS with disk encryption and password manager added). Both will protect you at various layers in the system as described at https://www.eset.com/int/about/technology/. You can download EIS from https://www.eset.com/int/home/internet-security/download/. For Linux we have ESET NOD32 Antivirus for Linux desktop. It can be downloaded from https://www.eset.com/int/home/antivirus-linux/.
  48. 1 point
    Thank You @MichalJ and @MartinK for explaination
  49. 1 point
    A cleanup option for firewall rules when using the interactive mode, that deletes all rules that are pointing to applications that no longer exist on the computer, would be very helpful indeed. (I fully agree with JoMos here above.) Especially now more and more applications move to a new folder with every update, the number of useless firewall rules grows rapidly. Deleting them manually isn't a pleasant job and keeping them might slow the firewall after some time.
  50. 1 point
    Sam Fonteno

    Future changes to ESET Endpoint programs

    Description: Policy settings reverse-lookup Detail: The ability in SMC/Endpoint Security to see which policy is responsible for which setting in effect on the computer. Basically something like a GPRESULT report available for diagnosing Active Directory Group Policy Objects's effects. A very simple example of that is shown here: https://4sysops.com/wp-content/uploads/2012/02/gpresult.exe-HTML-output.png
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
  • Create New...