Jump to content

Leaderboard

Popular Content

Showing content with the most kudos since 07/24/2020 in all areas

  1. Marcos

    DotNet MSIL / Injector.VGR

    We've nailed it down. A legit tool was backdoored and loads a malicious dll with zero detection at VT which loads the following encrypted payload: I expect the detection to be available momentarily via streamed/pico updates. Also please confirm that you have enabled the LiveGrid Feedback system for maximum protection.
    5 points
  2. Marcos

    Website is clean now

    This forum is not intended for disputing blocks or detections. Since the malware has been removed, the website was unblocked but the applications will continue to be detected. Having said that, we'll draw this topic to a close.
    3 points
  3. the world is rocked by the horrifying news of how despotic authoritarian governments and their agencies have used the spyware pegasus made by NSO from israel to intrude the phones & privacy of journalists/opposition leaders/judges/activists etc. from all accounts, it is now becoming clear that the two primary operating systems on phones, android & ios by google & apple have intentional backdoors disguised as security bugs to allow the security agencies to snoop into any smart phone worldwide. my question is, as a responsible antivirus vendor, will eset ever be able to protect the users from such illegal intrusions ? is it ever possible, considering that the OS itself has been laid bare to such intrusions by incorporating "security bugs". phones, especially the smart phones are are no longer secure, but the stunning silence of all AV vendors is even more cause for concern.
    3 points
  4. Tell me, Eset - are you insane? A few days ago you released version 8.0.2039 . We started a rollout for a few thousand endpoints and now you releasing 8.1.2031??
    3 points
  5. Hi, the problematic domain you reported has been already removed from the cloud blacklist. The quickest way to solve such cases is to send the email sample to nospam_ecos@eset.com (https://support.eset.com/en/kb141-submit-a-virus-website-or-potential-false-positive-sample-to-the-eset-lab#spam) as those are handled almost immediately. Also based on the sample we have identified a problem in the algorithm that selects the sender's address from email headers in some cases (Return-path: header), and it will be also addressed by an automatic update. Regards, Matej
    3 points
  6. Component upgrade task upgrades only ESMC/EP components, as is ESET Management Agent, ESMC Server and ESMC WebConsole, but it does not upgrade other, especially third-party components as is Apache Tomcat, Apache HTTP Proxy or MS SQL Server. Thus benefit of performing manual upgrade using all-ine-one installer for Windows, or performing upgrade ot EP/ESMC Appliance using "migration" to new version, is that also third-party and and possibly other support tools are upgraded. Also note that manual upgrade is less prone to failures caused by environment issues, as are those network related, but also those caused by missing dependencies (for example minimal supported version of OS or database itself). My recommendation would be to perform manual upgrade, as it is fairly simple from users perspective, and it offers more control. Also I would recommend to perform database backup before doing so, but hat should be case also for automatic upgrade.
    3 points
  7. Marcos

    MacOS 11 Update Issues

    We are in the process of finalizing a new version of Endpoint with all system extensions compatible with Big Sur 11.2. It should be released towards the end of March.
    3 points
  8. Primordiarch

    2FA for my.eset.com

    Hello. Please add 2FA feature on my.eset.com. Thanks.
    3 points
  9. Hello @Kostadin_k, EFDE for mac utilizes FileVault because there is no other way to FDE macOS. Apple prevents its system to use FDE from 3rd party vendors. EFDE for win is a different story. Microsoft allows for vendor´s proprietary encryption and we have this covered. So we are pretty much covered on both macOS and Windows. But yes, adding Bitlocker management to ESET Protect (Cloud) is an option, but even if we go this direction in the future, it will not work as seamlessly as you described. Taking over management of an already encrypted machine is more than complicated because of recovery password that belongs to a particular encrypted system. Migration of these recovery passwords from Active Directory (where Bitlocker stores them) to our console followed by a seamless "takeover" of the machines by the console is very complicated (if even possible). At this moment, adding management of Bitlocker to our EFDE/EP(C) solution is not on our roadmap. Ervin Rendek PM for Encryption solutions
    3 points
  10. When we update our ESET Agents we find that we need to have all our machines reboot. With the reboot option in the management console the machines just reboot with no warning. Any open work is lost and the user is confused, thus generating a call to the help desk. Would it be possible to have a reboot notification when pushing a reboot on a machine. ESET is finishing an update and will reboot in 30min. Reboot later or reboot now. I reached out to support and was told to post this request here.
    3 points
  11. Today (February 25) we plan to release a Detection engine update with expected size around 12,2 - 12,4 MB. We expect that the update will be available on the update servers for the clients to download at around 14:00 CET (+/- 30 minutes). This change will optimize the way how we store the data and will reduce the Detection engine size, it's memory footprint and also will make further updates smaller. The Micro updates scheduled on February 26 will have the weekly update package around 13 MB in size and the monthly update package up to 15 MB. Peter on behalf of the teams involved
    3 points
  12. Problem fixed. Windows server updates had reactivated a couple of services which had nabbed port 80. Simply disabling them negated the issue. I'm now planning on moving the EEE server onto a different port to resolve the issue permanently during the downtime over the weekend.
    3 points
  13. Hello ESET Endpoint Security / Antivirus users, It’s been quite a while since we released the 7th generation of our Endpoint solutions, so naturally you may ask when the generation 8 will be released. We have good news to share, as we are approaching the final stages of development and preparation for the release, we would like to share it with you so you can try it before it gets released officially and give us feedback on it, which is very valuable for us. I guess the first question, which comes to mind is what will be the new features of it. Let me briefly name some: Secured browser bringing additional security to the browsing experience as it protects the browser’s memory, restricts the extensions and protects the keyboard inputs as well. Micro Program Component Update which will be manageable from the management console as a practical solution to keep the product up to date with ease. Installed endpoint can wait for its application, without affecting the protection level. Moreover the updates are differential, thus much smaller than standard installation packages. WMI Database and System registry scans added as a scan targets, allowing the users / administrators to initiate on-demand scans on them. Unified exclusions for IDS bringing the unified UX to those exclusions as well. To find out more and try it yourself, join the BETA program… I hope the described features and improvements made you interested, you sign up here by a reply, or by sending me or TomasP a private message. By joining the BETA you agree with our BETA Program agreement. We are looking forward to your feedback. Thank you in advance, Peter Randziak on behalf of teams involved
    3 points
  14. Hi Thomas, My solution is the following: 1.: - I created a dynamic group for collect the computers with error message "Restart required" : 2.: - Then I defined a CRON triggered task for send a pop-up window message into the affected computers: "Hello Collegue, please restart your computer as soon as possible because an ESET software update...bla..bla" or something like this You can configure the CRON for example launch the message hourly, every 10 minutes or as you want It works pretty fine
    3 points
  15. Avast blog article here: https://blog.avast.com/cybercapture-protection-against-zero-second-attacks . Detail on configuration options here: https://support.avast.com/en-us/article/54/ Of note is this feature exists even in Avast free version. Time Eset "get with the program" and offer same like capability for their home use products.
    3 points
  16. The fact is Eset has all the internal mechanisms in place to accomplish this. All they have to do is block the process until LiveGrid black list determination processing has completed. As to the false positive element, I say "to hell with that." Most home users would not be significantly impacted by such process blocking. This could be also further refined by adding Trusted Publisher, signing, etc. criteria to Eset Reputation scanner. Failure on reputation coupled with suspected malicious activity should be enough to block until LiveGrid initial scanning is completed.
    3 points
  17. We are aware of the problem with Windows applications and the changing path with each update. There is a plan to come with up a solution to this in long term. Also I can assure you that we value any constructive feedback or suggestion and it's discussed with product managers and developers.
    3 points
  18. This was in Cloud Administrator topic but should be here too Description: A new task/setting to reboot computers with a popup message warning,Detail: Add the possibility to notify user that computer will be restarted when reboot computer task is triggered and let them for example 5 minutes to save/close programs/data.
    3 points
  19. It had been discussed again and again. but I still want to say: with endpoint 8.0, Please give up stupid MySQL and use MariaDB. check current system requirement it is really funny: MySQL ODBC driver versions 5.3.11 and later, 8.0.0 – 8.0.15 and 8.0.18 and later are not supported.
    3 points
  20. Yes, v14 is going to be released later this year. It will be announced here as well as via other marketing channels.
    3 points
  21. Hello guys, thank you for your feedback. We will add Bitwarden to the list of whitelisted extensions that can be loaded in the protected browser. Regards, Tomas
    3 points
  22. The free version of ZoneAlarm definitely has been using the Kaspersky engine for a while: https://www.pcmag.com/reviews/check-point-zonealarm-free-antivirus-plus . The paid consumer and enterprise versions use more Kaspersky components: http://svendsen.me/worried-checkpoints-use-kaspersky-products-heres-disable-remove/
    2 points
  23. If the Eset update hang issue was related to this, it would have not resolved itself after a system reboot as I see it.
    2 points
  24. What I find funny is the people behind pegasus keep saying this person and this person etc. weren't being tracked by the software and the next thing they say they don't have access to customer data so can't see who/what their customers are spying on, which contradicts the previous statements
    2 points
  25. Hi Gang, Components: ESET Protect (8.0.2225.0) ESET Endpoint (8.0.2039.0) As part of a task, we install a specific version, in this case Endpoint 8.0.2039.0. This let's us ensure that all nodes are at least on the same version and potentially avoid any niggles by always going on the latest. However, ESET Protect always sees the latest version? This is currently Endpoint 8.1.2031.0. Thus ESET Protect now shows in the status dashboard that all our Endpoint nodes are now out of date. My question, how do we baseline or set a static version so that ESET Protect is not always referring to the latest version? I'd rather us determine what level we deem is up to do. I thought I achieved this with the task for installing Endpoint but that seems not to be the case. This is what I am referring to: Thank you, Daniel
    2 points
  26. I dont think this is the right place to ask about "cracked" apk files 😬
    2 points
  27. It was changed in the past. The thing is the last msi installer you may have locally stored may be v12 or 13 so repairing v14 would actually downgrade to v12 or v13 and you'll need to download upgrade to v14 again which is not desired.
    2 points
  28. I recommend contacting your local ESET distributor and asking for the feature while providing more information on the use case. The more users will request it, the higher chance we will consider adding it providing that the feature would be useful for many of our users. Since everything has been said and explained, we'll draw this topic to a close.
    2 points
  29. Hello @Ufoto As of now, this is indeed not possible. I assume, that you are a reseller, and you have more than one customer, that has their own EPC instances. As of now, you will have to have a different aliases for every such instance, as one "EBA USER" can be linked only to one EBA instance, and one EPC Instance. We are working on a new reseller focus portal, which will allow you to have a "service level login" to all your customers EPC instances. So yes, there is plan to add multi instance access, however I can´t confirm exact timeline at this moment. But our target experience is similar to the one you are referring to. Regards, Michal
    2 points
  30. Hi Kostadin, If you set policy via Protect, you can't change that locally. Password protected settings are meant in case you're not managed or some settings are not managed... If you set every setting like that (even defaults) from Protect, user can't change that. On Mac, ESET Agent password protection is not present. To limit/protect against uninstallation ensure, that users are not administrators (root access) of a machine. In UNIX world, root can do everything.
    2 points
  31. Yes, every user session the services will be created with a different hex number suffix.
    2 points
  32. Release Date: February 11, 2021 ESET PROTECT 8.0.19.0 has been released and is available to download. Changelog: Version 8.0.19.0 (hotfix) IMPROVED: An explanation message is displayed when trying to insert a bundle license that must be inserted to ESET Business Account first FIXED: License synchronization fails after upgrade to ESET PROTECT 8.0 when multiple EBA/EMA accounts containing the same license are linked to ESET PROTECT FIXED: Offline licenses are not displayed after upgrade from ESET Security Management Center to ESET PROTECT FIXED: Issue with opening/reading PDF reports sent by email (base64-encoded) FIXED: Synchronization of static groups could cause a crash during the removal of duplicates or end with errors about recreated computers FIXED: Custom Apache configuration is overwritten during the upgrade FIXED: In some cases, Detail in the "Audit Log" overlapping other lines FIXED: Unwanted Timestamps in filenames of reports FIXED: Various other bug fixes Upgrade to Latest Version Upgrade my ESMC server to the latest version Support Resources ESET provides support in the form of Online Help (user guides), fully localized application and Online Help, online Knowledgebase, and applicable to your region, chat, email or phone support. Online Help (user guides) Visit www.eset.com/contact to email ESET technical support
    2 points
  33. i have lost my EBA Account and i lost my backup code too. is there any other way to open my eba account ? - ESET Secure is uninstalled while refreshing the device
    2 points
  34. Hi, today at 11:30 a bunch of our enpoints updated and the TLS connection to our IMAP server with thunderbird stopped working. We saw that about at 14 another update came out but it isn't fixing the proken clients and we need to reinstall nod32 or create a new thunderbird profile. Are you working on an update that is going to fix the issue? Regards Giuseppe
    2 points
  35. Hi, We're currently reviewing our server protection, we have around 150 on a mix of ESET File Security 7.0 and 7.1 (Windows only) which according to the EOL page is in support (Limited for 7.0, Full for 7.1). With ESET Endpoint AV V8 being released for clients is there any rough estimated date/quarter/year on when the next major version for File Security will be released? I've noticed 7.3 released for ESET File Security last month (EOL page not updated to show that?) but we're reviewing whether we should upgrade all our 7.0/7.1 servers to 7.3 or wait for V8. It be months of work to go to 7.3 only for V8 be released and have to do it all again so be good to know! Thanks
    2 points
  36. itman

    I Am Very Ticked Off!

    Why did I anticipate this was going to be the answer? So let's analyze this. I have been an Eset customer since 2014. Not only do I pay a full license renew price, but the renewal price is considerable higher that a new license price. So it appears Eset's sales strategy is "to sock it to" their existing customers so they can lower the price to entice new customers. This might be for me "the last straw that permanently broke the Eset use back." Also considering the amount of time I spend on the Eset forum helping others, I should receive a free Eset license each year!
    2 points
  37. Yes, in case of multiple commands, one have to enter delimited one-liner, as it would be done in one-line BAT file. Just a note, this will be improved in upcoming released, where multi-line commands will be possible, which should simplify such scenarios.
    2 points
  38. According to https://support.eset.com/en/news7604-eset-support-of-macos-11-big-sur, a version compatible with Big Sur that will include a firewall is planned for Dec 2020:
    2 points
  39. Unfortunately it's by design. The plug-in writes information about scan to emails which causes the unwanted behavior. This will ultimately change with a new Outlook plug-in that will be most likely introduced next year.
    2 points
  40. While I completely agree with your statement, nothing can be 100 percent, but does that mean we shouldn't put in things to try and stop it? By that logic couldn't we argue that why bother with protection if some kind of malware could theoretically be designed to bypass or disable an AV (yes I know my comparison is slightly different to the issue we are talking about and AVs have tech to stop these). I do think we will see a lot more people requesting a folder system for ransomware protection. As mentioned before I'd love to see a better system for advanced users for warning them about files with no to low reputation. I get that eset doesn't want to cause issues and confusion for average users but surely that shouldn't mean the more advanced users should go without. Just make it harder to find and enable these things and make it clear when enabling the risks.
    2 points
  41. Unlike companies like Microsoft, ESET operates on the base of partnership. Therefore, with the exception of a few countries, ESET does not have its own presence on the market, but is instead represented by a local company that has the rights to distribute the products and use the logo, name, domain, trademarks, etc. These companies then can sell the products themselves, as well as via a network of resellers - the prices are generally the same, so it does not matter whether the customer buys the license from ESET's website, or an authorized reseller. The redirection is not done to ESET's website from the reseller's website, but only from other country's ESET website to the customer's local ESET website - and that is to ensure each customer can get support in their own local language, which is something ESET takes pride in. The resellers may be listed on the local ESET website, so that they can be checked by prospective customers, but in other countries, this may be done differently to fit the situation or local customs. As for Slovakia, where ESET HQ is located, we have the list published at https://www.eset.com/sk/firemna-it-bezpecnost/partnerstvo/kraje/ (it is even broken down by regions). Buying from these resellers guarantees the license is genuine and there is no shady activity involved. Buying from other resellers may still turn out okay, provided they obtained the license in the same country and don't resell it multiple times, but that is a risk we do not recommend taking. (Also, the unauthorized reseller is breaking the product's EULA, as they are not allowed to further sell the license). Suspiciously low-priced licenses are always indicators of piracy, as they tend to be purchased in countries where the prices are lower, copying the buying power of that market, and then resold without ESET's authorization elsewhere, most often to several people at the same time too. When ESET is made aware of such licenses, they may be deactivated without prior notice. A good indication of a trusted reseller is that when you purchase the license, you obtain a license key that you can register yourself in ESET's systems under your own name and email address. Unauthorized resellers generally don't have access to such "blank" licenses, so they register the license under their own name and email and only provide you with the license key to use in the product, but you can't register it on ESET's website as your own, because it was already registered by the reseller. Therefore, in ESET's database, the reseller is the rightful owner who may use the license, not you. Sorry if this was too technical or too long, I just wanted to explain the licensing and sales model properly, so that it is understood well by everybody.
    2 points
  42. We can't change what happened and you're unlucky that a non-authorized seller sold you a pirated license 2 years ago. Now if you're still reluctant to buy from your local ESET website then you may go to one of the authorized partner by yourself and buy a physical copy of it from there and this time make sure to register the ESET license to your ESET account. An account isn't needed but it lets you see if the license you is being used on a PC or not. https://www.eset.com/lt/platintojai/
    2 points
  43. Read Marcos' post above, it is literally a few posts above!
    2 points
  44. Also just started migrating our users across to ECA - worked fine last week, can't sign in without errors this morning. Any estimated time to fix? Do you have a status page somewhere, rather than relying on paying customers stumbling across a user forum that I had no idea that existed until 5 minutes ago ?
    2 points
  45. actually this is a really good idea. if it's possible, i'd love to see it implemented in the future.
    2 points
  46. Kvako

    ESMC MSP API Problem

    Hi, You're almost there, just need to put a single word Bearer in front of the access token (separated by a space) When using swagger - after you receive an access token, you can Authorize by clicking Authorize button on the top with Bearer {{----token----}} written into text field Using API directly, your call should look like this curl -X GET "https://mspapi.eset.com/api/User/Current" -H "accept: application/json" -H "Authorization: Bearer eyJgbGciOiJSUzI1NiIsImtpZCI6ImU1WTdkMGJEUGtORmFDV094VWlBaUU5MDBDbyIsInR5cCI6IkpXVCIsIng1dCI6ImU1WTdkMGJEUGtORmFDV094VWlBaUU5MDBDbyJ9.eyJuYmYiOjE1OTg4NTk1NDUsImV4cCI6MTU5ODg1OTYwNSwiaXNzIjoiaHR0cHM6Ly9pZGVudGl0eS5lc2V0LmNvbSIsImF1ZCI6WyJodHRwczovL2lkZW50aXR5LmVzZXQuY29tL3Jlc291cmNlcyIsImVtYTJfYXBpIl0sImNsaWVudF9pZCI6IkVzZXQuRU1BLkFQSSIsInN1YiI6IjFjZmFkZTliLggiODUtNGU5Mi04Zjc0LTZhMTY4ZGEzYjdhNyIsImF1dGhfdGltZSI6MTU5ODg1OTU0NSwiaWRwIjoibG9jYWwiLCJzY29wZSI6WyJlbWEyX2FwaSIsIm9mZmxpbmVfYWNjZXNzIl0sImFtciI6WyJjdXN0b20iXX0.sG65OnNxQsstp5Su_Da-i9b25Q3SO_dU4va3IvdRU4m2s7jQ6zm6MqR_JV8d2E4B23HTKuwTl6XJvsVNMtL6KrggrJVmbPkgmR64XodNOtnrfnHtL_dPUy6cmbTMgjdeMGhUMZLKCauj60uK2nLyJbQKVU_VTj5E1eew0G4q3tIAnFtgNlJ3SHD_YAhNoet4Wu7b-dXLKlpFlmvjav1sXp-iSjUxDLS2rjcmNfMqRdW3C1lXL58daKZx3xGkoPSSMXAK7tPJEreFOepPeon-u5JuPqy5fIc1XJ7VDX60arqa7Ejq3z34tbj2vABJ6Qx3M7e1jRZF7v-7Bye0J-jSjVF" Thank you, Martin
    2 points
  47. Hello @Zen11t, thank you very much for your explanation again. It helps us to understand your needs better. I hope this trick will help you You can filter the computers with an outdated version of agents and then click on any item in the table and select "In computer page (all)". It will navigate you to the computers section, where you will have only computers with outdated agents, and here you can also check the last connection status.
    2 points
  48. Hello @Peter Randziak, Thank you for following up! Sounds good, I will bump this again in a month or so to check on it's status and hopefully remind you. William
    2 points
  49. Hello, this option is already available in ESET Cloud Administrator console. Currently, as agents are updated via "Components upgrade task", which does not differentiate between agents, and other components of the ESMC infrastructure (server / webconsole) this option was disabled. However, in Cloud the server is fully hosted / maintained by ESET, so "one click agent updates" are possible. Please note, that for the future releases we work on "automatic agent upgrades", meaning agents would automatically upgrade themselves to the version compatible / matching with the server.
    2 points
  50. The ESET Knowledgebase YouTube Channel celebrates its 10-year anniversary today! https://www.youtube.com/user/ESETKnowledgebase/community Check out the infographic for our lifetime YouTube statistics for the channel. The ESET Knowledgebase channel includes step-by-step video tutorials demonstrating the key processes and features of our ESET products, from ESET NOD32 Antivirus and ESET Internet Security to business products like ESET Security Management Center. In addition, our channel is yet another way for our customers to reach us with feedback and questions. We make every effort to respond to support-related comments and yes, we do take video suggestions!
    2 points
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...