Jump to content

Aryeh Goretsky

ESET Moderators
  • Posts

    874
  • Joined

  • Last visited

  • Days Won

    66

Aryeh Goretsky last won the day on March 3

Aryeh Goretsky had the most liked content!

6 Followers

About Aryeh Goretsky

  • Rank
    Newbie
    Newbie

Contact Methods

  • Website URL
    http://www.eset.com/

Profile Information

  • Gender
    Male
  • Location
    USA

Recent Profile Visitors

13,953 profile views
  1. Hello, Just saw the mention. I will admit my PowerShell skills are pretty amateur, but since you are instantiating it from ESET PROTECT, I'm wondering if the "-command" argument is still needed. You might want to check with business support on this and see what they advise. Regards, Aryeh Goretsky
  2. Hello, Did you post a message in ESET's forum by mistake? We make security software, not ERP software. Try visiting https://community.cdata.com/ for assistance with Snowflake, since that's the developer's support forum. Regards, Aryeh Goretsky
  3. Hello, The holiday season is upon us, and 2024 is almost here. Before we step away from our desks to spend time with our friends and families, I wanted to wish every one of you a joyous holiday season and forthcoming new year. I think it is fair to say that in 2023, the world has faced some unparalleled computer security threats, and ESET has worked diligently to protect you from them. Whether you have used our software for decades, or are new to ESET, thank you for trusting us to protect you throughout 2023 and we look forward to providing you with the very best security into 2024 and beyond. Best wishes for the season, Aryeh Goretsky
  4. Hello, Since the Lenovo forum thread specifies fully-qualified domain names, perhaps you could just add the following entries to your hosts file: 0.0.0.0 download.lenovo.com 0.0.0.0 filedownload.lenovo.com 0.0.0.0 cms.csw.lenovo.com 0.0.0.0 laapi.csw.lenovo.com 0.0.0.0 vantage.csw.lenovo.com I will point out this would block all access to these domains on the computer, not just for the Lenovo Commercial Vantage app. Regards, Aryeh Goretsky
  5. Hello, By any chance do your own smartphones have a MAC address randomization feature turned on? Regards, Aryeh Goretsky
  6. Hello, From looking at the image at https://www.eset.com/fileadmin/ESET/INT/Banners/Home/header1.jpg, it appears to be an artistic rendition of the layers of protection provided by the software. You would probably need to contact the marketing department for a more thorough answer, though. Regards, Aryeh Goretsky
  7. Hello, I do not have any information about EOL dates to share (that sort of information can be found on the https://support-eol.eset.com/ web site), but I did want to share a resource with you. About five years ago I wrote a paper on how to securely maintain computers running Microsoft Windows XP after Microsoft had ended support for it. You can find the blog post about it here (the paper itself is linked to at the end of second paragraph). While the paper itself focuses on securing Windows XP, a lot of the advice, concepts, suggestions, and recommendations are applicable to other obsolete operating systems like Windows Vista, Windows 7, and so forth. It has been five years since Microsoft ended support for the latter, and hardware manufacturers have not been making compatible devices for a while, etc. I would presume at some point Microsoft's activation servers will go offline as well. The paper outlines some strategies about maintaining parts surpluses, rotating working hardware, maintaining proper network segmentation, all of which can help ensure that old computers remain running until they can be replaced by modern hardware and operating systems. As someone who personally loves playing with all sorts of vintage and retro computers and archaic operating systems, writing it was a way for me to help out other hobbyists with similar interests. Regards, Aryeh Goretsky
  8. Hello, Please see https://forum.eset.com/topic/38251-sysrescue-do-not-update-their-database-anymore/#comment-173468 Regards, Aryeh Goretsky
  9. Hello, Consumer versions of the ESET's software are offered to small businesses with low seat counts because it is unlikely a business with 1-10 PCs has a full-time IT staff to manage an ESET PROTECT server. For that matter, they may not even have an Active Directory/Entra domain and WSUS servers; the entire network may consist of just a workgroup of PCs running Home or Pro editions of Windows, with one PC or a NAS providing file and print services. In this type of small office/home office environment where there is no dedicated information technology (or information security) staff, the operating system updates are handled by Microsoft. Handing control of this over to Microsoft ensures those PCs are running supported versions of Windows with the latest security patches. In other words, security is managed in the same way as for home users. Larger organizations have full time staff to manage PCs, and also make decisions about which versions of Windows at what patch level, and when those machines will receive updates. The editions of Windows they run are for the enterprise, and the organization has a robust management infrastructure in place to support that. In other words, they are making very careful decisions about risk, and managing their security to mitigate risk based on those decisions. That's the environment for which ESET's endpoint programs are intended. From the program code perspective, there's nothing that technically prevents a consumer version of ESET's software from running in a business environment or a business version of ESET's software from running in a home environment. Now, there may be licensing requirements that differ, but that is because programs are intended for use in the appropriate market segment. Enterprise management features are not going to be roadmapped for added to consumer versions. Now that your comment in the Future Changes to NOD32 thread has been answered, and your reply here in this thread has been replied to, I am going to redirect you back to your own thread on the matter. Any further discussion of this matter in this thread will be removed. Regards, Aryeh Goretsky
  10. Hello, As I believe my colleague Marcos noted, this is already available in the business versions of the software. If you need that functionality for your organization, I would suggest reaching out to your local ESET office, distributor, or VAR, and see if you can migrate from a home to a business version. Regards, Aryeh Goretsky
  11. Hello, Just to add to my colleague @Marcos's reply, the detection technology that ESET provides to VirusTotal is not exactly the same as what is generally available to customers. While I am unable to go into specifics because they get into some confidential discussions as well as details of our proprietary technologies, I will point out that ESET has partnered with VirusTotal for many years, dating back to when our NOD32 engine was often more recognized than our company name of ESET. That probably has more to do with why VirusTotal's reports say "ESET NOD32" in them for our detections. That was many years ago, and since then ESET is a lot more well-known and has added many products to its portfolio, such as ESET Smart Security Premium, ESET Endpoint Security, ESET LiveGuard, ESET Inspector, ESET PROTECT, and so forth. I can definitely reach out to ESET's marketing and public relations people to see about the possibility of getting the name changed to something else for branding reasons. Regards, Aryeh Goretsky
  12. Hello, Deleting the data in the partition table about the size and locations of the drives, and/or formatting those drives will remove anything that was stored in them. However… the master boot record (also known as a disk boot record, partition boot record, etc.) contains a few hundred bytes of program code before the partition table begins. That may or may not be cleared or overwritten when you delete all of the partitions on a drive. As such, I always recommend wiping the first sectors at beginning of a drive prior to installing an operating system in order to erase any code that might be present at the beginning of the drive. Here are some instructions on how to do this from a Windows installation USB /DVD/CD: How to wipe a drive using Windows installation media Formatting and even repartitioning a drive under Windows does not erase its MBR (Master Boot Record), which can be infected and replaced by bootkits. Here are instructions to erase a drive, step-by-step, so that it can be re-used. Create a new Windows Installation DVD/USB flash drive on a known-good system. Go to the problematic computer, power it up, and configure it to boot first from its DVD or USB in its BIOS/UEFI firmware and then turn it turn it off. If the computer has multiple drives inside of it, and you only wish to erase one of them, open the computer up and disconnect the power or data cables from the other drives (you do not need to disconnect both, although you can if you want to). Plug the USB flash drive into the computer and power up to have it boot directly from the USB flash drive (or insert the DVD and let the computer boot from it). Once the computer finishes booting, it should be at a Windows installation screen. Do not agree to any prompts, copyright licenses, or click on any buttons. Press the Shift + F10 keys together to open a Command Prompt. Run DISKPART to start DiskPart, the command-line disk partitioning utility. The command line prompt will change from a drive letter to DISKPART>. At the DISKPART> prompt, type LIST DISK to get the numbers of all drives in the system. Make a note of the number assigned to the infected drive. At the DISKPART> prompt, type SEL DISK n where n is the number of the infected drive--it is usually 0 or 1 but it could be something else. At the DISKPART> prompt, type CLEAN and this will erase the MBR code from the beginning of the drive. *WARNING:* After performing the clean operation, the drive now be blank/erased, and everything on it will be gone (all files, etc.). It may still be recoverable by specialist data recovery services, though. If you are planning on selling the drive and do not want the data to be recoverable, issue a CLEAN ALL command, instead. Note that you should ONLY DO THIS IF YOU DO NOT WANT TO BE ABLE TO RECOVER ANY DATA. If you are just reinstalling (regardless of whether you're dealing with malware) then just use CLEAN, if you are selling or donating the drive and do not want the data to be recoverable use CLEAN ALL. The drive is now clean. You can now exit the DiskPart program and continue with your Windows installation. Source: instructions I wrote for the r/24hoursupport wiki on Reddit at https://old.reddit.com/r/24hoursupport/wiki/index#wiki_how_to_wipe_a_drive_using_windows_installation_media Now admittedly, malware such as computer viruses and bootkits that infect an MBR are extraordinarily rare these days: Malware authors usually do not have to dig so deeply into a drive's internal structure to accomplish what they want. However, since this process takes less than a minute with practice it is an easy step to add to any reinstallation of the operating system. Regards, Aryeh Goretsky
  13. Hello, Please share the log file entries. Open the ESET user interface and select Tools → Log files to view the detection entries. Then right-click on each one and select Copy from the context menu that pops up. You can then paste these into your reply to this message. Regards, Aryeh Goretsky
  14. Hello, In addition to what my colleague @Marcos noted, you may also want to review ESET Knowledgebase Article # 2882, How to configure ESET Windows home products to automatically scan removable media devices. Regards, Aryeh Goretsky
×
×
  • Create New...