Jump to content

Peter Randziak

ESET Moderators
  • Posts

  • Joined

  • Last visited

  • Days Won



  1. Upvote
    Peter Randziak received kudos from DenisSt in ARM64 Home products BETA signup   
    Hello @joedeabreu, @pinchijeffrey, @rgopikris, @ishields, @JAF, @Felipe_Saurin, @A1exandro, @Larry_2000, @DenisSt, @Roschlynn, @Ibrahim Fazal
    for sure I will grant you the access and send you details over a private message.
    I'm sorry for the longer waiting, I had a vacation...
  2. Upvote
    Peter Randziak gave kudos to PLH in ‎554 5.7.1 Rejected by ESETS_SMFI (spam)‎   
    Dobry den, 
    ano, je to v poriadku. Dakujeme za pomoc
  3. Upvote
    Peter Randziak gave kudos to mmsoar in eamonm.sys BSOD - Stop code: SYSTEM_THREAD_EXCEPTION NOT HANDLED   
    Updated last night to KB5004237.
    So far the system appears stable.  At least the MTBF is > 12 hours.
    So, whatever the changes are they appear to have largely resolved the rapid bug check issues.
    If the problems re-occurs I'll re-post, but for now, thankfully, I'll retire into the background.
  4. Upvote
    Peter Randziak gave kudos to Marcos in ESET Network Protection Proxy and Big Sur   
    Component-based remote installation via Apple Remote Desktop is described here:
    1, Create an installation package using the Remote installation mode in which you can select the components to install.
    2.Copy the following files using Copy filer or folder in Apple Remote Desktop to the /tmp folder on the target computer:
    If you are installing all components, copy:
           - esets_setup.dat
    If you are not installing all product components, copy:
           - esets_setup.dat
           - product_components.dat
  5. Upvote
    Peter Randziak gave kudos to Rami M in mirror tool no longer working   
    We have released new Mirror tool, so you can use that. Thanks for good input. We know this tool is not really usable and our team deside to make it better. We have plan add more filtering options and optimizing storing mechanism, so tool woudt be more usable that is now.
  6. Upvote
    Peter Randziak gave kudos to Marcos in ESET Network Protection Proxy and Big Sur   
    We are currently testing a deployment procedure via JAMF which will avoid the dialogs related to extension installation. We should have it ready for publishing soon.
  7. Upvote
    Peter Randziak gave kudos to Marcos in Eset Endpoint v8.1 LiveGrid connection problem   
    1, LiveGrid is an essential cloud security feature that substantially affects detection and cleaning, therefore we strongly recommend making sure that it works well and that both the LiveGrid reputation and feedback systems are enabled.
    Of course, it's possible to disable LiveGrid, antispam and Web Control at your risk but it will deteriorate protection against new borne threats.
    2, The communication is possible only via TCP and UDP port 53535.
  8. Upvote
    Peter Randziak gave kudos to Marcos in Login failed after update to ESET PROTECT   
    Looks like a known issue that will be fixed in the next service build of ESET PROTECT.
  9. Upvote
    Peter Randziak gave kudos to rekun in Server 2019 Datacentre   
    Hi @Peter Randziak
    I have sendt you a private message with the log files. It from a different server, but the issue is the same.
    I have not included the install logfiles, as i dont know how to collect them? (ie not being an MSI file).
    I have included the installer though.
  10. Upvote
    Peter Randziak gave kudos to rekun in Server 2019 Datacentre   
    I will try to gather the logs tomorrow, but question 3,4 and 5 is answered below:
    The RDS roles is simply installed from server manager.
    The server is almost empty except for Eset.
    Using Eset Protect 8.1 onprem
    EEI agent is NOT included in the AIO installer
  11. Upvote
    Peter Randziak gave kudos to offbyone in mirror tool no longer working   
    Support case created.
  12. Upvote
    Peter Randziak received kudos from Nightowl in Deep Behavioral Inspection blocks threads of .NET process after loading a golang DLL   
    Hello @Alex C,
    you are welcome, credit does to our dev team as the whole analysis was done by them.
    Keeping thing up to date is for sure recommended...
  13. Upvote
  14. Upvote
    Peter Randziak gave kudos to Jan Botha in Office 365 inbox updating no mail   
    Thanks for the reply will let you know if this helps
  15. Upvote
    Peter Randziak gave kudos to Marcos in Eset Push Notification Service servers   
    Please read the posts above to learn why we have started using EPNS in consumer products as of v14.1.20. WIth EPNS blocked, communication from ESET's licensing or Anti-Theft servers may be delayed by hours.
    However, you will be able to disable the appropriate application status about inaccessible EPNS servers soon.
  16. Upvote
    Peter Randziak gave kudos to Marcos in DotNet MSIL / Injector.VGR   
    We've nailed it down. A legit tool was backdoored and loads a malicious dll with zero detection at VT which loads the following encrypted payload:

    I expect the detection to be available momentarily via streamed/pico updates.
    Also please confirm that you have enabled the LiveGrid Feedback system for maximum protection.
  17. Upvote
    Peter Randziak gave kudos to Aryeh Goretsky in Antivirus vs Internet Security, Disabling Features.   

    Here is a snippet of a post I made on Reddit discussing the differences between ESET NOD32 Antivirus, ESET Internet Security and ESET Smart Security Premium:
    Feature Comparison
    NOTE: This section is updated from the post here discussing the ESET Version 13 consumer programs.
    Program► Feature▼ ESET NOD32 Antivirus1 ESET Internet Security ESET Smart Security Premium Advanced Machine Learning ✔️ ✔️ ✔️ Advanced Memory Scanner ✔️ ✔️ ✔️ Anti-Malware1 ✔️ ✔️ ✔️ Anti-Phishing ✔️ ✔️ ✔️ Anti-Spam 🚫 ✔️ ✔️ Anti-Theft 🚫 ✔️ ✔️ Banking & Payment Protection 🚫 ✔️ ✔️ Botnet Protection 🚫 ✔️ ✔️ Cloud-based protection2 ✔️ ✔️ ✔️ Connected Home Monitor ✔️ ✔️ ✔️ Deep Behavioral Detection ✔️ ✔️ ✔️ Exploit Blocker ✔️ ✔️ ✔️ File encryption 🚫 🚫 ✔️ Firewall 🚫 ✔️ ✔️ Native 64-bit Support ✔️ ✔️ ✔️ Network Attack Protection 🚫 ✔️ ✔️ Gamer Mode3 ✔️ ✔️ ✔️ Offline Updates4 🚫 🚫 🚫 Parental Control5 🚫 ✔️ ✔️ Password Manager 🚫 🚫 ✔️ Remote Management4 🚫 🚫 🚫 Removable Media Device Control ✔️ ✔️ ✔️ Router Vulnerability Scanner 🚫 ✔️ ✔️ Script-based Attack Protection ✔️ ✔️ ✔️ System Registry Scanner ✔️ ✔️ ✔️ System Settings Restorer ✔️ ✔️ ✔️ UEFI Scanner ✔️ ✔️ ✔️ Vulnerability Shield 🚫 ✔️ ✔️ Webcam Protection 🚫 ✔️ ✔️ WMI Scanner ✔️ ✔️ ✔️ [I'll point out that this is very much a "best effort" by me, and it's possible I got some things wrong. Check with an actual ESET sales person if you have a question about supported features.]
    1 Although this program contains the word 'Antivirus' in its name, this is strictly for marketing purposes because that's what most people use as a search term. These programs are all actually beter described as anti-malware programs, and detect adware, agents, bootkits, droppers, injectors, password stealers, potentially unsafe applications, potentially unwanted applications, ransomware, rootkits, spyware, trojans, viruses and worms, just to name a few of the things caught by the software. Today, actual computer viruses account for less than 10% of malware detected on a day-to-day basis.
    2 Also known as ESET LiveGrid (and previously called ThreatSense.Net), this provides real-time threat telemetry as well as assists in blocking certain kinds of malicious software such as ransomware, dangerous web sites, and so forth.
    3 Prevents pop-ups and messages from being disabled while running full-screen applications. Called Gamer Mode in home versions and Presentation Mode in business versions.
    4 This feature is only available in business editions. See this post fore more information.
    5 Blocking of undesirable web sites. Called Parental Control in home versions and Web Control in business versions.
    You can view the original post at https://old.reddit.com/r/eset/comments/jghcyy/eset_version_14_for_home_users_released/.


    Aryeh Goretsky
  18. Upvote
    Peter Randziak gave kudos to M.K. in Policy not whitelisting spam   
    the problematic domain you reported has been already removed from the cloud blacklist. The quickest way to solve such cases is to send the email sample to nospam_ecos@eset.com (https://support.eset.com/en/kb141-submit-a-virus-website-or-potential-false-positive-sample-to-the-eset-lab#spam) as those are handled almost immediately.
    Also based on the sample we have identified a problem in the algorithm that selects the sender's address from email headers in some cases (Return-path: header), and it will be also addressed by an automatic update.
    Regards, Matej
  19. Upvote
    Peter Randziak gave kudos to Chris_AIS in Policy not whitelisting spam   
    Thanks Peter, very much appreciate the assistance
  20. Upvote
    Peter Randziak gave kudos to MichalJ in MITRE RESULTS   
    Hello, thank you.  And yes, we do have plans to add Linux coverage, in the reasonable future. 
  21. Upvote
    Peter Randziak gave kudos to Marcos in  Email Client Protection   
    No, email protection also use detections from streamed (pico) updates, leverage LiveGrid as well as ESET Dynamic Threat Defense (business versions with EDTD license) to detect malware.
    I'd also emphasize that the term "signature" implies a kind of primitive detection, e.g. based on the hash of a file. However, we rather use the term "detection" which is a pattern that describes the structure or behavior of malware rather than something specific.
  22. Upvote
    Peter Randziak gave kudos to itman in High use of Memory by ESET Internet Security   
    Once you returned to the regular update channel, Eset download modules used on that channel. As far as Internet Module is concerned, that is ver. 1423. The only way you will receive ver. 1425 that contains the memory usage fix is to remain on the pre-release update channel. Once Eset releases ver. 1425 on the regular update channel, you can then switch back to that channel. Again, it may be some time till ver. 1425 is released on the regular update channel.
  23. Upvote
    Peter Randziak gave kudos to peteyt in High use of Memory by ESET Internet Security   
    Eset do recommended people use pre release updates on non production computers. The reason is often they will release new versions for people to test, often fixing issues, and by multiple people using it they can test if it works and also if there are any compatibility issues
    E.g. they could release a pre release update to the main stable channel that could actually have issues but they weren't detected because not many people had used that version. Eset does have quality control, checks etc. But issues can happen, things missed etc.
  24. Upvote
    Peter Randziak gave kudos to Marcos in repair installation option isn't available when starting the downloaded installer again   
    This is not possible without downloading the whole msi installer. After a microPCU update has been applied, the Repair option changes to Export.
  25. Upvote
    Peter Randziak gave kudos to Marcos in repair installation option isn't available when starting the downloaded installer again   
    It was changed in the past. The thing is the last msi installer you may have locally stored may be v12 or 13 so repairing v14 would actually downgrade to v12 or v13 and you'll need to download upgrade to v14 again which is not desired.
  • Create New...