pps gave kudos to itman in Snatch ransomware reboots PCs in Windows Safe Mode to bypass antivirus
Off the top of my head, the best way to prevent this is to create a HIPS rule to monitor the running of shutdown.exe. Note that malware since the XP days have used this to force a reboot to run their nasty at boot time. As such, it would not surprise me that Eset already as a built-in HIPS rule to monitor the start up of shutdown.exe.
pps gave kudos to Peter Randziak in Windows 7 enterprise sp1 & eset endpoint 7.2.2055.0
I guess the patches are not installed, see https://help.eset.com/ees/7/en-US/?sysreq.html
"Microsoft® Windows® 7 SP1 with latest Windows updates (at least KB4474419 and KB4490628)"
pps gave kudos to Marcos in 0x643 error when installing EndPoint Product (Antivirus)
Endpoint 6.5 is the last one with official support for Windows XP.
As for Windows 7, SP1 as well as the updates KB4474419 and KB4490628 are required.
pps gave kudos to JOKEEFE in 0x643 error when installing EndPoint Product (Antivirus)
"as well as the updates KB4474419 and KB4490628 are required"
That's interesting, because I have found that several of the machines giving the error, needed KB4490628. I'm not sure how that one gets missed. Once I installed that, the remote install worked as planned.
For now, I am making sure they are fully patched before trying to install ESET.
pps gave kudos to itman in HIPS Problem
I suspect your problem is how you coded your HIPS rule for the Brave browser. You coded "C:\Users\\AppData ............... Wildcards of any type are not supported in file path names other than at the end of the path name; e.g. .......\* or ........\*.*.
Add the missing user name; e.g. "C:\Users\xxxxxx\AppData .........", and retest.
pps received kudos from kanok ramsint in Future changes to ESET Security Management Center / ESET Remote Administrator
Description: Icon when clients are up to date with latest policies
Detail: In Computer screen it would be helpful if there is an icon that you can see that clients are up to date with all the latest policies (such as status column)
pps gave kudos to sdnian in No need password to disable firewall in EES
The EES version is 7.1.2053. I've set a password protect in EES. When I right click the EES icon in the systray, click 'Pause firewall (allow all traffic)', a popup window appears asking for a password on the screen. Just ignore it, right click the EES icon to pause firewall again. Then the firewall been disabled now. It seems a bug, please check it.
pps gave kudos to Sam Fonteno in Future changes to ESET Endpoint programs
Description: Policy settings reverse-lookup
Detail: The ability in SMC/Endpoint Security to see which policy is responsible for which setting in effect on the computer.
Basically something like a GPRESULT report available for diagnosing Active Directory Group Policy Objects's effects.
A very simple example of that is shown here: https://4sysops.com/wp-content/uploads/2012/02/gpresult.exe-HTML-output.png
pps received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator
Hello @MichalJ just make an AD synchronization and get the computers from there.
pps gave kudos to Society in Future changes to ESET Security Management Center / ESET Remote Administrator
Description: Save reports to a shared folder / network directory.
Detail: Currently, it's just possible to save reports in ERA 6 to the default Windows/ Linux path. This is a bit difficulty to get results faster.
pps gave kudos to AStevens.SHG in Future changes to ESET Security Management Center / ESET Remote Administrator
Description: Nested OR and AND in Dynamic Groups / Virtual Machines
Detail: Nested OR and AND in Dynamic Groups creation, so you can have two or more sets of OR under an AND, or two or more sets of OR under an AND, or any combination.
Example Virtual Machine or not (Physical) so we can split these two types apart, some advice here for how to determine it, will likely require nested criteria:
PS. What's the rough expected release date for ESMC V7 at the moment?
pps gave kudos to fchelp in Future changes to ESET Security Management Center / ESET Remote Administrator
Description: Reuse old triggers
Detail: Since you pointed out that the triggers are editable, i think that when we select a computer and run a task on it (from the actions menu), it should ask us if we want to use an existing trigger, or if we want to create a new one, or maybe even more, when executing a task from the actions menu, it always runs with a "Execute ASAP" trigger, so why can't it just reuse always the same trigger instead of creating new triggers for every time, the reason i'm asking it, as i keep on running tasks and my list of triggers is growing, and here comes my second recommendation.
Description: Delete multiple triggers
Detail: The ability to delete multiple triggers at once (maybe by adding check boxes next to the triggers).