MrWrighty
-
Posts
87 -
Joined
-
Last visited
-
Days Won
1
Posts posted by MrWrighty
-
-
You are trying to achieve something that will not provide protection or proof of operation. I would be concerned if you are looking for offline updates and consider those you found to be legitimate when in fact they are fake.
-
Sorry, but what is the point of AV on a PC not connected to the internet. How do you expect to receive the ESET NOD32 updates and test its fully functionality.
-
I have installed version 4.1.101.3 and all is stable at the moment. I will report back if any thing changes.
-
OK I have now got a stable UI, but Eset Endpoint Antivirus will not stay running long enough for me to gather anything useful.
Once crashed I can not access the internet. Uninstalling is the only way to get back internet access.
All I can get is a crash report which I have sent to Apple, A copy is in the attached file.
-
I will try, but it is almost impossible to get the MAC to respond once the Eset products are installed. The SystemUIServer hangs soon after start and the machine become unresponsive.
-
I have had both Eset Cyber Security and Eset Anti Virus 6.4 (Well latest versions as of today) installed on MAC OS Sierra and both are causing the systemUIService and occasionally the Wi-Fi services to hang.
Both Eset products eventually crash (reports sent to Apple) but neither service returns to a running state, I have to force a reboot to get things stable again. Once I have uninstalled the Eset products the system remains stable.
Mac Mini 1.4Ghz, 480GB SSD, 4GB Ram.
-
If that is the case, why is ERA Console and Server telling me I have the latest version. There is no indication from the product that I am under protected.
Surely under the circumstances ERA should indicate there are later versions available.
By the way there is no warning screen just a file ### DECRYPT MY FILES ###.txt which I cannot open (Access Denied)
-
Just been hit by Cry36. All files encrypted and the last part of the name includes [don-corleone@mortalkombat.su].vs95l
Running 4.5 File Security on server and 5.0 Set Endpoint protection on all clients. All managed by Remote Administrator.
Real time protect had been disabled by the encryptor program on the server.
Set failed to recognise the encryptor files.
Server is SBS2011 and Clients are Windows 7 64bit and Windows 10 64bit.
Have run the ESETEternalBlueChecker.exe and the server passed the test. It is fully patched.
How did this get through.
-
Have you sent the logs as requested by Marcos
-
3 minutes ago, Marcos said:
It could be caused by a 3rd party tool or possibly by malware. Please generate a Procmon boot log and also collect ELC logs as per the instructions linked in my signature. When done, compress the Procmon log(s), upload the archive together with ELC logs to a safe location and pm me download links.
Try scanning with MalwareBytes first before re-installing. If it is malware then this should pick it up.
-
Windows 10 64bit NOD 32 offered and automatic upgrade to V9 which I accepted and proceeded to up grade.
The upgrade failed and according to your online instruction manually did and update then attempted again. It failed again.
I was prompted to reboot which I did, but now Windows is failing to reboot. I am getting an BSOD critical_process_died.
Windows 10 is now continually trying to repair itself with an automatic repair and Diagnostics. I was offered a restore but this too appears to have failed as the PC never reboot.
Extremely unhappy about what has happened.
-
Its probably the way the updates are rolled out. A point release is more a bug fix update rather than any feature additions which would normally roll out under a new master revision i.e. 9 to 10.
If the differences are big enough then it would have to be a conscious decision to upgrade rather than update through the existing software. This ensures you have read the release notes and that it won't impact your usage in anyway without you knowing about it.
-
This happened in February if i'm not mistaken. How has it been allowed to happen again.
-
Please restart the computer to flush the LiveGrid url blacklist. Afterwards you should be able to access those blocked domains alright.
Thats OK if it works, why is this happening, its affecting a number of users on our domain network.
-
Suddenly Eset is blocking access to google.co.uk. Earlier today all was OK, now getting a warning of potentially dangerous content.
-
You need to find the source process that is running and kill it, then remove tmp files in the users account.
Customer of mine just been hit big time, encrypted 58000 Files. According to Eset it should also delete all VSS shadow copies but that doesn't seem to have happen as I am able to restore from previous versions.
-
Well it looks like I have finally found a solution.
It appears that the installation of Eset Endpoint AV changes the permissions of ~/library/preferences/loginwindow.plist to root:wheel.
I found this courtesy of MagerValp on https://magervalp.github.io/2015/08/17/scep-outlook-crash.html. His problem stemmed from
System Center 2012 Endpoint Protection + Outlook 2011 = CrashHe commented that System Centre 2012 Endpoint Protection was a rebrand of Eset/NOD32 hence my interest. His post is very recent 17th Aug 2015.
He wrote the following script to fix the permission issue: -
#!/bin/bash
# Restore ownership of user preference files.for preffolder in /Users/*/Library/Preferences; doif [[ -d "$preffolder" ]]; thenuidgid=$(stat -f "%u:%g" "$preffolder")chown -hR "$uidgid" "$preffolder"fidoneI have now run this script on my MAC running El Capitan, Outlook 2011 and Eset V6.1.16.0 and I now have a running stable Outlook. -
OK Thanks but that has only just appeared as a download option. It was not their before my original post.
-
Just upgraded to El Capitan 10.11 and Endpoint AV will not start showing error Unsupported OS: OS X 10.11.
I have Version 6.0.24.0 installed.
According to your own documentation it should be compatible.
I have found reference to version 6.1.12.0 which is now apparently available but I cannot find a download for it anywhere.
-
Hi
Very sorry for the late reply, but been extremely busy.
I upgrade from V5 to V6. V5 was never an issue. V6 caused Outlook to crash immediately after being installed.
-
I can confirm as Planet has said, this is Eset AV version 6.0.24.5 for OS X with Microsoft Outlook 2011 a version only available on the MAC, so no confusion.
I too have read the previous posts on this forum, to which there has been no response, this is very disconcerting from an Eset users point of view.
-
Since upgrading to V6.0.24.5, Outlook 2011 crashes every single time. This as you can imagine is a major issue as I cannot collect my business emails.
I have tried disabling email realtime protection but the problem still exists.
Urgent help required.
-
I am confused as I have the same policy for all clients, both XP 32bit and Windows 7 64Bit.
I have a policy set up that is rolled out to each client. The policy has all realtime protection features enabled. When I look at the local XP machine settings Scan on file open and Scan on File Execution are set to No but on the Windows 7 Machines is set to Yes.
In ERA when I check the configuration via ERA it says Scan on File open No and Scan on file Execution No.
Why is the configuration view not reflecting the actual settings on the machine.
-
OK when downloading the cloudcar file I was presented with a warning about the file having not been downloaded much and could be harmful. It did let me download and save the file.
I also tried the same file on a standalone V5 Installation and it correctly quarantined the file.
All machines have Realtime file system protection on, web access protection on and email client protection on, controlled by profiles from ERA.
The MalwareBytes log is below, I have replaced the users folder with xxxxxxx for security.
Malwarebytes Anti-Malware
www.malwarebytes.orgScan Date: 18/08/2015Scan Time: 14:11:36Logfile: MBAW.txtAdministrator: YesVersion: 2.1.8.1057Malware Database: v2015.08.18.04Rootkit Database: v2015.08.16.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: DisabledOS: Windows XP Service Pack 3CPU: x86File System: NTFSUser: AdministratorScan Type: Threat ScanResult: CancelledObjects Scanned: 38136Time Elapsed: 4 min, 52 secMemory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: EnabledProcesses: 1Trojan.TeslaCrypt, C:\Documents and Settings\xxxxxxxxxxx\Application Data\vcwnpd.exe, 3100, Delete-on-Reboot, [da72cb3f42496dc900bf6bf353ade21e]Modules: 0(No malicious items detected)Registry Keys: 0(No malicious items detected)Registry Values: 1Trojan.TeslaCrypt, HKU\S-1-5-21-3856658756-1690372353-575384576-1163\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MSCONFIG, C:\Documents and Settings\xxxxxxxxxx\Application Data\vcwnpd.exe, Quarantined, [da72cb3f42496dc900bf6bf353ade21e]Registry Data: 0(No malicious items detected)Folders: 0(No malicious items detected)Files: 1Trojan.TeslaCrypt, C:\Documents and Settings\xxxxxxxxxx\Application Data\vcwnpd.exe, Delete-on-Reboot, [da72cb3f42496dc900bf6bf353ade21e],Physical Sectors: 0(No malicious items detected)(end)
Windows 10 Spring Creators Update and Nod32 AV
in ESET NOD32 Antivirus
Posted
I have had the ui crash on me with this combination.