Marcos

Unfortunately, files encrypted by Filecoder.Crysis cannot be decrypted. Did you have ESET installed and all protection features enabled? If so, what product version it was?

We've got some reports that upgrading to the latest version macOS Sierra 10.12.3 resolved the issue, hence the question as nobody has mentioned the version of the OS.

Are you having the issue even after upgrading to MacOS Sierra 10.12.3 ?

Download and run ESET NOD32 Antivirus Live installer from https://www.eset.com/int/home/antivirus/#download.

162 MB is a standard amount of memory that ekrn.exe allocates. If if it was more than 250-300 MB and it wouldn't drop after a while, we could look into it in case it would also persist after installing the latest v10.0.390. By the way, upgrading to v10 should also lower ekrn memory consumption a bit compared to older versions, including v9.

Since January, ESET has been in discussions with NSS Labs to address industry concerns regarding their recent “Advanced Endpoint Protection 1.0” test. During these discussions, it was agreed that deadlines would be honored by both parties, communication would be improved, specified content would be provided and all outstanding issues would be resolved. We are not the only vendor to raise these concerns. We now feel it incumbent upon us to publicly communicate what we believe are violations of testing standards. We remain committed to providing open and transparent communication to our industry partners and to the public. Below, we have included a series of timelines to convey what was mutually agreed upon between ESET and NSS Labs, and their commitments to us, which many, as you will see, remain unfinished. https://www.eset.com/us/about/newsroom/corporate-blog/eset-recounts-experience-with-nss-labs-and-aep-10-test/

If you are unable to start Windows, boot to safe mode (see http://support.eset.com/kb2268/) and rename ekrn.exe to prevent it from starting. Then uninstall ESET and try installing the latest v10 downloadable from www.eset.com.

Server v6.5 products are fully compatible with any version of Windows Server systems, including Windows Server 2016. See https://forum.eset.com/topic/11322-file-security-v65120070.

Please do not hijack someone else's topic on a different subject / issue but create a new one instead. Also drop me a pm with the output from ESET Log Collector attached so that I can check the status and config of your ESET product.

The quarantine is removed when ESET is uninstalled from a computer. It normally contains only actual malware as ESET is known for having virtually very few false positives. Also it sounds weird that one would want to restore files from quarantine after a long time; even if there's a false positive it is resolved very quickly so users can restore files within a few hours or days at maximum.

It must be just a glitch with the repository. EFSW 6.5 is compatible with all Windows Server systems, including Windows Server 2012 / R2 and WS 2016 too.

Of course, we will release it for all users within a couple of weeks.

Distributors in some countries may limit licenses for use only in their country. I'd suggest contacting ESET Australia to find out if it's possible.

The latest version is 10.0.390. Please download ESS Live Installer from www.eset.com, uninstall v9 and install v10.

I've already responded above. To me it looks like a false positive from MB.

Please follow the instructions at http://support.eset.com/kb141.

With an ESET Smart Security license, you can download and use either ESET Internet Security (does not contain Anti-Theft) or ESET Smart Security which has Anti-Theft included. For a small fee you can upgrade to ESET Smart Security Premium which also features Disk encryption and Password Manager modules.

Don't confuse eicar with cloudcar. While the former serves to test detection, the latter serves to test LiveGrid's functionality. Cloudcar is downloadable from http://amtso.security-features-check.com/cloudcar.exe.

Amtso.org only hosts cloudcar.exe which is an innocuous file used to test LiveGrid's functionality. Whether the website is up or down has no effect on LiveGrid.

The website is infected. A malicious reference to the js file /fpdb/jquery.effects.scale.min.js was injected in the html code.

Applications like this one which serve to find and display a license key for particular software or the operating system fulfill the criteria for potentially unsafe applications. This kind of detection is disabled by default in ESET's products. If you don't want to disable detection of pot. unsafe applications completely, expand "More info" and select to exclude the signature from detection.

ESET does not load in safe mode and therefore none of its parts can affect the operating system either. We are not aware of any such issues and to my best knowledge nobody else has reported it so far.

Please check if you have the Translation support module 1583.1 installed which was released several hours ago and should address the issue.

Since this is an English forum, we kindly ask you to write in English, otherwise moderators as well as many other users will not understand you. Please drop me a pm with a file containing payment instructions for obtaining a decoder as well as the output from ESET Log Collector attached.

The files were encrypted by Filecoder.Crysis. Unfortunately, decryption is not possible. As you wrote, you had been using ESET v4 on the server. It's a quite old version that doesn't support modern technologies to quickly react to new malware. We strongly recommend uninstalling it and installing ESET File Security 6.5. Also remember to back up important data on a regular basis to prevent data loss in the future.