remosito

the misidentified as win10 of our win11 pc vulnerabilities have disappeared now. The patch list is still showing a patch for software on a machine for which that sw actually got deinstalled a couple of weeks ago.

are having the win 10 vulnerabilities showing for win11 pcs as well. Disable/Re-enable didnt fix it so far. In addition. Patch List is still showing a patch for software on a PC for which I deinstalled the software last week. At least the corresponding vulnerability disappeared... in the computer -> details -> installed software it is not showing up anymore too. It seems just patch list doesnt seem to get updated...

that is wonderful news...thanks for being such nice guys 🙂

Howdie all, we are in the process of replacing our old computers at work with newer ones. We could of course only install ESET as the first thing once we have taken the old computer offline. But tbh that is not really very convenient as we have to do it in off-hours and every additional step during the actual replacement means more off hours work. Ideally we would prepare the new computers including ESET beforehand. Unfortunately this would get us into a temporary License overuse situation. A quick google search didnt give me results if and how forgiving ESET is towards License overuse. And if there is a time grace period and how long that one would be. Or what actually happens when License overuse occurs... - willl just the overused ESET stations not activate the Endpoint Protection. - Will it "disable" the computer in one form or other? - Will ESET Endpoint Protection not even install. - Will all seats get disabled and ESET Protection stops working on all devices? - All devices get disabled in one form or other? If it is just ESET on the devices that are over our license number not working. That would be kinda okay. We could install ESET fully on the new computers. ESET just wouldnt do it's work. On replacement day. We remove ESET on the old computers. And ESET starts working on the new ones automatically... any hints greatly appreciated

that is the reasone yes. Though we plan to split that vm into a dedicated rdp and a dedicated exchange server beginning of next year....

addendum1: eset security for exchange that is running on the rdp server didnt seem to be using those registryFileStorage.userX.cfg files anyway. And our users when on site only ever use their "own" PC. So we decided to exclude the ESET Security directory from the roaming profile via GPO. roaming profiles seem to synchronize without a hitch again. probably still a good idea for ESET to make sure ekrn.exe doesnt lock files it aint even using. Or at least release them after user logs off... but no urgency from our end anymore... 🙂

ticket submitted 🙂 thanks

Howdie all, we are running into a problem where rdp roaming profiles on our RDP server for HomeOffice are no longer synced correctly and windows uses the last local copy. Tracked the issue down to what seems to be rooted in something ESET does. The issue seems to be that ESET keeps the C:\Users\.....AppData\Roaming\ESET\ESET Security/fileregistryfilesotrage_userX.cfg locked (process explorer shows them as locked for ekrn process) even after the user logs out. Can't even open the file even as local or domain administrator.... So next time the user connects and wants to login. Windows cant synchronize that file from the roaming profile location back to C:\Users as it's getting a file permissions error... and uses the last state of the local profile. is this a known bug? Did we miss setting some configuration options when we set up ESET (not using it that long yet) Is there a work around? ESET needs to release those file when the associated user logs off I would think. any help greatly appreciated remosito

Hi again, is there a way to disable for specific groups the reporting of successfully cleaned detections? Just downloaded an EICAR file and it got caught beautifully. Gave me a desktop notification. And showed up in the detections in ESET Cloud Portal. While the last is nice in some respect. In the end. It's not really THAT interesting and relevent to know about successfully handled detections. ESET did it's job. All is well in the land of milk and honey... Now failed cleanings..that is another matter... And as the url is part of the detection notice. It's as well kinda privacy sensitive ( for homeoffice from private computers). Is there a way to disable specific group computers successfully cleaned detections showing up in cloud portal? Or at least remove URL from transmitted information? thanks in advance

No offense taken if it wasn't intended 🙂 That totally did the trick. Thank you! To be honest should have connected "Application statuses" with what I wanted myself. I guess I just took "Send" to mean via Email as can be configured elsewhere 🙂 Still learning the ropes... Marked your post as the answer to my question 🙂

Phishing attempt is not quite the same as a virus or a trojan. (nor is spam detection for that matter; or firewall) and your colleagues at development seem to be able to see the sense. Which is, I guess at least, why they added the option in policies to disable these parts... so please cut the snark. It's quite frankly unprofessional and rude and reflects badly on your employer... As for "explain since it doesnt make sense". System A with antivirus, scans (mem and disk) IDS, process hardening, analytics and quite a few other features, but not antiphishing. Versus System B with no protection at all... Well to me they are not the same at all from a security stand point. Maybe you explain to me why they are the same? As that seems to be your point with "Isn't it better then to not install it at all?"

Howdie all 🙂 in the process of setting up HO protection for our Users. One of the compromises we have to do is a setup with minimal protection. That includes no anti-phishing, ransom-ware, etc protection. Our Users wanting to risk their private computers is their choice. As long as it doesnt affect Office Network Security too severly. Creating policy for it and deploying it worked like a charm. But now all those minimal config Clients show up under "Security risks" in the dashboard. They need to disappear from there or we will miss Security risks we don't know about. They are in their own group. So Ideally, we need to remove "Antiphishing not activated" for this group only. But all I found is "mute" the given computers. Which I assume just means. All security risk notifications would be deactivated... if anybody could point me the right direction for configuring what Issues qualify for what group to show up in Dashboard under Security risk. We would be most grateful... cheers