Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Marcos

  1. Currently it's not possible to disable the green border of a secure browser window. We'll consider adding such option.
  2. Didn't you add the freemium license key manually to the license manager?
  3. The same setting enables you to disable reporting of particular application statuses to the ESET PROTECT server. Just uncheck the appropriate check-box in the Send column:
  4. If you don't use a freemium license of EMS for Android, you can remove it from the license manager. Actually it doesn't make sense to manage freemium licenses.
  5. Your username (email address) and password might have leaked in other breaches: Please change your password to my.eset.com as soon as possible. We or your local ESET distributor can reset your license key on request. This will require reactivation of your ESET product on each device using the new license key.
  6. This is a legacy product ESET NOD32 Antivirus for Linux desktop. We do not provide trial licenses for legacy products that are going to be discontinued soon. However, if you are considering purchase you could contact your local ESET distributor and they might provide you with a temporary license. Holders of an ESET NOD32 Antivirus for Linux desktop license will get a replacement product probably some time next year.
  7. You can run the ESET uninstall tool in safe mode and then install ESET from scratch.
  8. It is not possible to get a list of applications installed per user. If applications are installed for all users in c:\program files, these should be included in reports.
  9. We will unblock the website after it has been completely cleaned from malware. There is still malware being detected on the website.
  10. Does temporarily pausing the firewall allow you to connect via VPN?
  11. It's weird because: 1, egui and egui_proxy cannot be killed due to being protected by self-defense 2, update is performed by ekrn.exe, not by the above processes.
  12. We'll need you do the following: - quit any network-aware application - enable advanced logging under Help and support -> Technical support - run update - wait at least 5 minutes If update is stuck at "updating product" and the number of transmitted packets doesn't appear to be growing - disable logging - generate a dump of ekrn (adv. setup -> tools -> diagnostics -> create) - collect logs with ESET Log Collector and provide the generated archive.
  13. This will need to be investigated. Please open a support ticket and provide logs collected with ESET Log Collector for a start.
  14. We don't blame users. We have been telling that the communication with ESET's servers has changed as of Endpoint v8.1 and communication on UDP and TCP port 53535 must be allowed on a firewall in order for LiveGrid, Antispam and Web Control to work.
  15. With Endpoint 8.1 the communication with LiveGrid has changed and instead of DNS it is now carried out via TCP and UDP on port 53535. In case of using an http proxy, you don't need to open communication on port 53535 but the proxy needs to have http tunnel to avcloud.eset.sk:53535 allowed.
  16. Is ekrn.exe granted access to all these IP addresses listed in https://support.eset.com/en/kb332 ? Hostname h1-c01.eset.com h1-c02.eset.com h1-c03.eset.com h1-c04.eset.com h1-c05.eset.com h3-c01.eset.com h3-c02.eset.com h3-c03.eset.com h3-c04.eset.com h5-c01.eset.com, 38-90-226-11.ptr.eset.com h5-c02.eset.com, 38-90-226-12.ptr.eset.com h5-c03.eset.com, 38-90-226-13.ptr.eset.com IP address Domains used by ESET Live Grid: Hostnames a.cwip.eset.com ae.cwip.eset.com avcloud.e5.sk c.cwip.eset.com ce.cwip.eset.com dnsj.e5.sk dnsje.e5.sk i1.cwip.eset.com i1e.cwip.eset.com i3.cwip.eset.com i4.cwip.eset.com i4e.cwip.eset.com u.cwip.eset.com ue.cwip.eset.com c.eset.com a.c.eset.com u.eset.com i1.c.eset.com i3.c.eset.com i4.c.eset.com i5.c.eset.com These IP addresses need to be enabled for HTTP port 80. Also, an access to your local DNS server is required for DNS queries on UDP port 53.
  17. It's possible to customize reporting of application statuses. While I would understand disabling anti-phishing protection on an offline machine (it wouldn't make sense but whatever), disabling real-time protection would render ESET just an on-demand scanner which might not detect all threats that the other protection modules could. Please clarify why you need to keep real-time protection disabled since it affects also other protection modules, including HIPS and ransomware protection.
  18. The actual issue may start occurring about 30 minutes earlier before it's reported by a pop-up notification. The program tries to re-connect several times with delays between attempts. Does the issue occur on computers that connect to the Internet directly or through a proxy server? Are they behind a firewall which should allow TCP and UDP communication on port 53535?
  19. Searching for "img.php?id='+token();" should help you locate the malicious JS in files on your website.
  20. Please carry on as follows: - enable advanced logging under Help and support -> Technical support - reboot the machine - quit any network-aware applications that may generate network communication - wait until a warning about limited LG connectivity pops up - disable logging - collect logs with ESET Log Collector. When done, upload the generated archive to a safe location and drop me a personal message with a download link.
  21. Yes, ESET like any other AV can detect malware in files (exe, dll, archives, documents,etc.) as well as in other objects, such as WMI or registry.
  22. The detection is correct. The website was compromised and contains the JS/Agent.OZD trojan. However, since the tools offered on the website fulfill the criteria for potentially unsafe/unwanted applications, users with PUA detection enabled will have to allow access even after cleaning the malware on the website.
  23. Yes but only existing holders of a NOD32 AV for Linux desktop will be eligible to get it. That said, it won't be possible to use an EAV/EIS/ESSP for Windows license for activation.
  24. The said license was issued in Germany and was canceled. It was registered to giXXXXXXX4@mXXXid.com. If you have purchased the license from an authorized partner or reseller, please contact them for a resolution.
  25. Please adhere to this forum rules: 2, Post in English. If you don't speak English, use a machine translator.
  • Create New...