Aryeh Goretsky

Hello, According to the VirusTotal link you posted, the file is detected by 43 out of 64 of the anti-malware engines used on that site. Nevertheless, if you feel the file is clean and ESET plus the other two-thirds of the anti-malware engines used on VirusTotal are wrong, you can report the file to ESET's threat researchers by following the instructions at http://support.eset.com/kb141/. Regards, Aryeh Goretsky

Hello, As TomFace has given you the same reply as any ESET staff member would, we will draw this thread to a close. Remember, http://support.eset.com/kb141/#SubmitWebsite is the best way to report web sites to ESET as it is monitored around the clock by ESET's threat researchers. Regards, Aryeh Goretsky

Hello, Just to add to my colleague Marcos' comment, the upgrade from ESET Smart Security 7 to 10 is free. You just use your existing license from v7 to activate it once it is installed. Regards, Aryeh Goretsky

Hello, Try opening Device Manager (filename; DEVMGMT.MSC), navigating to the entries for the EPSON XP-200 and Canon Pixma MX870 AIO printers, right-clicking on each one, respectively, and selecting Update driver from the context menu that pops up. This tells Device Manager to query the Windows Catalog repository with the hardware's GUID and performs a version check against the installed driver. If a newer one is available in the Windows Catalog repository, this should cause it to get downloaded and installed onto your system. Note that a reboot is sometimes required when a driver is updated. I posted a somewhat-longish message on Reddit at reddit.com/r/buildapc/comments/6c7m22/built_a_midtier_gaming_pc_missing_drivers_quite/dhszac3/ giving some historical context to why this occurs. Regards, Aryeh Goretsky

Hello, You should be able to download ESET Smart Security from the download page at https://www.eset.com/us/home/smart-security/download/. If that does not work for some reason, try the following direct links: ESET Smart Security (x64) - https://download.eset.com/com/eset/apps/home/ess/windows/latest/ess_nt64_enu.exe ESET Smart Security (x86) - https://download.eset.com/com/eset/apps/home/ess/windows/latest/ess_nt32_enu.exe User Guide [PDF] - https://download.eset.com/com/eset/apps/home/ess/windows/latest/eset_ess_10_userguide_enu.pdf Quick Start Guide [PDF] - https://download.eset.com/com/eset/apps/home/ess/windows/latest/eset_ess_10_quickstartguide_enu.pdf The above download links are for version 10, which your license covers (ESET software licenses are per product, regardless of version). Regards, Aryeh Goretsky

Hello, Microsoft is still making small changes to Windows 10 Creators Update (aka Redstone 2), and while no major issues have been found, until the release version is generally available, we won't have an authoritative answer. ESET and Microsoft work closely together to ensure compatibility with Microsoft's operating systems and applications, and that allows us to make programs which work well with each other, but we also need time to verify this, as sometimes small changes can occur which impact behavior. We don't tend to have interoperability problems with each other, but if you can wait a few days to be sure that's always a good idea. Of course, if you're a Microsoft Windows Insider, participate in ESET's public betas, etc., it's great to do so, and be sure to give both Microsoft and ESET feedback if you come across something which doesn't work as expected. Regards, Aryeh Goretsky

Hello, Just to follow up to my colleague Marcos' comments, ESET's softwre flags sites as malicious for a variety of reasons. It might be the site has a malicious binary on it, has a malicious script on it, is involved in criminal activity (phishing, for example), or somehow does something which affects the confidentiality, integrity or availability of your computer. ESET is a company whose business is protecting its customers from computer-borne threats. Of course, there are dozens of companies which do this besides ESET, and ESET strives to be the one that you choose over all those others by providing your computer with the best protection possible. And that means relying on ESET to make decisions about what is or is not harmful to your computer. Now, ESET has all sorts of classifications for different types of threats (potentially unwanted applications, potentially unsafe applications, websites etc.) which it uses to categorize those risks. And, occasionally, it might get those wrong, which is what we call a false positive (i.e., a report of something when something isn't there). My colleague has asked for a list of URLs that are being blocked so he can investigate why they are being blocked. It could be they are hosting some kind of malware. Or maybe it's an example of the aforementioned false positive scenario. But, the point is, without telling ESET which sites are being blocked, ESET cannot tell you why the sites are being blocked. If you don't feel comfortable mentioning the web sites in a public message, that's fine. Send a private message with the web sites, or report them to ESET's researchers by following the instructions in http://support.eset.com/kb141/?locale=en_US. Someone from ESET can then investigate your report. Otherwise, we're kind of stuck in a situation where no one can put together enough pieces of information to determine what's actually happening. Regards, Aryeh Goretsky

Hello, We have standardized on English for this support forum, but you can contact ESET's Israeli distributor directly for support in Hebrew. From looking around https://www.eset.co.il/support/ I found the following contact information: ESET NOD32 Antivirus and ESET Internet Security are Windows programs, and a chart showing their differences can be found here in English.. ESET has two programs for Android, ESET Mobile Security and ESET Parental Control. ESET's Israeli distributor can provide information about these in Hebrew. Regards, Aryeh Goretsky

Hello, I have notified ESET's web team, and will let you know where the file has been moved to or when it is restored. Thanks for the report. Regards, Aryeh Goretsky

Hello, ESET can certainly assist you with that. You will first need to generate an unlock code on the computer, and then contact technical support with that, who can then provide you with instructions on how to reset the password. Specific instructions can be found in ESET Knowledgebase Article #333, "Reset your settings password using the ESET unlock tool". Regards, Aryeh Goretsky

Hello, Without knowing which of ESET's programs you are running and which version it is, it would be difficult to answer your question. For example, Marco asked if you were running one of our Windows desktop programs (ESET NOD32 Antivirus, ESET Smart Security, etc.), but when I first read your message, I was wondering if you might be asking about one of our mobile programs, like ESET Mobile Security for Android. It is pretty standard for software and hardware vendors to ask you which product you're using, a version or model number and so forth. That way, we know exactly what you are using, and can provide an answer that is correct to your operating environment. Regards, Aryeh Goretsky

Hello, You installed the correct version of ESET Endpoint Antivirus 5 for your operating system, Calgresh. ESET Endpoint Antivirus 5 contains a mixture of both 32-bit and 64-bit code, with parts that need to be 64-bit, such as drivers, compiled as 64-bit code, while other parts may be 32-bit or 64-bit. This does not affect in any way how the program operates or protects your computer--it's just how that version of the software was engineered. Regards, Aryeh Goretsky

Hello, From the ESET NOD32 Antivirus Product Overview paper: Script-Based Attack Protection Detects attacks by malicious scripts that try to exploit Windows PowerShell Also detects malicious JavaScripts that can attack via your browser. Mozilla Firefox, Google Chrome, Microsoft Internet Explorer and Microsoft Edge browsers are all supported Source: https://cdn1-prodint.esetstatic.com/ESET/INT/Products/Home/EAV/v10/Product_Overview-ESET-NOD32-Antivirus.pdf [PDF] This also applies to ESET Internet Security, ESET Smart Security and ESET Smart Security Premium v10. Regards, Aryeh Goretsky

Hello, This is very odd. You should be getting a notice when it expires, but certainly not one per second. Can you please check to make sure the time and date are set correctly on your computer? Regards, Aryeh Goretsky

Hello, Very odd. I just tested on a Lenovo ThinkPad X140e (subnote with AMD CPU/GPU and AMD HD Audio) which was reporting the exact same message and updating the driver solved it. Do you have any updates which are pending, not just for Windows 10 or device drivers, but third-party software? If so, perhaps they are acting as a blocker to preventing the updated device driver from finalizing the installation. Try rebooting the computer and see if you still get a report of an available Windows Update from your ESET software. Regards, Aryeh Goretsky

Hello, I don't have an AMD system from me, but if it's anything like the laptop I'm on right now, try the following: Run Device Manager (filename: DEVMMGT.MSC). Double-click on Sound, video and game controllers entry to expand it. Right-click on the entry for AMD High Definition Audio Device and select Update driver software… from the context menu which pops up. Doing so should install the latest AMD HD Audio driver from the Windows Update Catalog onto your computer. If there's no entry for the AMD HD Audio device in the Sound, video and game controllers section, try checking the Audio inputs and outputs section, or any other multimedia-related section in the Device Manager. Regards, Aryeh Goretsky

Hello, We do not have anything in beta test at the moment, as we just shipped V10 of our home user programs, and V6.5 of the programs for businesses. Public beta test cycles for new programs will start up later in the year. For more information, including a signup form, visit https://beta.eset.com/. Regards, Aryeh Goretsky

Hello, ESET's name for this threat actor is Sednit, and has released extensive reports on their activities over the past three years or so. Here are some of the articles: Sednit: A very digested read [2016-11-11] En Route with Sednit: Full Whitepaper [2016-10-27] En route with Sednit - Part 2: Observing the Comings and Goings [2016-10-25] Lifting the lid on Sednit: A closer look at the software it uses [2016-10-25] New ESET research paper puts Sednit under the microscope [2016-10-20] Sednit APT Group Meets Hacking Team [2015-07-10] Sednit Espionage Group Attacking Air-Gapped Networks [2014-11-11] Sednit espionage group now using custom exploit kit [2014-10-08] Back in BlackEnergy*: 2014 Targeted Attacks in Ukraine and Poland [2014-09-22] Miniduke still duking it out [2014-05-20] And here is a very partial listing from ESET's threat encyclopedia entries: Win32/SandaEva Win32/Sednit Win32/USBStealer Win32/Exploit.CVE-2014-1761 And here are some direct links to white papers mentioned in the above: En Route with Sednit - Part 1: Approaching the target [PDF] En Route with Sednit - Part 2: Observing the Comings and Goings [PDF] En Route with Sednit - Part 3: A Mysterious Downloader [PDF] En Route with Sednit: Full Whitepaper [PDF] (combines the three preceding reports into one ~140 page report) And here are some related links with additional IoCs and related research from ESET's GitHub account: ESET | Malware-IoC | Sednit Indicators of Compromise ESET | Malware-Research | Miniduke It would appear that some of the information in the GRIZZLY STEPPE report may have been borrowed from ESET's research, although it is hard to say since no security companies were mentioned in it. As a reminder, ESET identifies this threat actor as the Sednit group. ESET makes no claim as to their affiliation (or lack thereof) with any government, as attribution is a matter for governments and outside the scope of ESET's mission. Regards, Aryeh Goretsky

Hello, If you can give ESET's office a call at +1 (866) 343-3738 during business hours, a customer service rep should be able to give you information on the license's history. Regards, Aryeh Goretsky

Hello, You can use the form at https://www.eset.com/us/support/lost-license/ to retrieve your license key. Regards, Aryeh Goretsky

Hello, This can occur if you run third-party programs which offer to clean up the system, optimize it, remove un-needed files, etc. As it turns out, they can break things by removing files your system needs, like uninstaller for the older version of ESET Smart Security that was on your system. You can run the ESET Uninstall Tool to manually remove the old version of ESET Smart Security. When it is finished, go ahead and reboot and install the current version. The tool and instructions can be downloaded from http://support.eset.com/kb2289/?locale=en_US. Regards, Aryeh Goretsky

Hello, This sounds like it might be a USB autorun worm of some kind that is modifying HTML and JS files on your system in order to include a link to a network-based copy of itself. If your copy of ESET's software didn't detect it, you may wish to send some copy of the infected file, as well as a few modified files to the virus per the instructions in ESET Knowledgebase Article #141, "How to submit a virus, website or potential false positive sample to ESET's lab." Regards, Aryeh Goretsky

Hello, This occurs when notification level for Windows Updates in your copy of ESET NOD32 Antivirus is set to Optional Updates, correct? Various hardware manufacturers (motherboard, network card/PHY, modem, sound card, video card, etc.) have been submitting updated versions of their device drivers to Microsoft’s Update Catalog as soon as they complete WHCK testing and get their WHQL certification. This is something Microsoft has been requesting those manufacturers do for a while, because it ensures that computers will always get the latest device drivers available when they do their checks for Windows updates. Basically, it’s similar to what Microsoft’s doing with Windows 10, where it wants all computers to have the latest Windows version installed. In this case, though, it's not just patches and updates from Microsoft, but device drivers from third-parties as well. Some manufacturers, like Intel, update their drivers more frequently in the Microsoft Update Catalog than they do for the device drivers they release to the public for download from their support web sites. Of course, there are manufacturers who do the opposite as well, releasing device drivers to the public as they become available but only uploading them to Windows Update Catalog once a year (or maybe even just once at all), like Creative Labs. Both approaches have their pro's and cons, but it can get a little messy sometimes if version checks don't work well, or if a new device driver gets installed which only has partial support for older hardware. Anyways, ESET's check for missing updates does a system call that pulls data about the update status from the Windows Update Catalog, which is why these are showing up in the ESET user interface. The problem with doing this via a system call, though, is that while that device drivers are published to the Windows Update Catalog, they won’t always show up as packages published or released for download via Windows Update (the program you run under Windows). They can still get installed, but you have to do so manually through the Device Manager, which does get its driver updates though the catalog. Here’s how to do that, step-by-step: Open Device Manager (filename: DEVMGMT.MSC). Select View | Show Hidden Devices from the menu bar at the top. Navigate through each tree of items until you find the respective listings for each device. The Intel Watchdog Timer will be under System Devices as "Motherboard resources" and the Samsung hardware may be under Network Adapters or Universal Serial Bus Controllers. When you come to one of the devices, right-click on it, and select Update Driver Software from the context menu which pops up. This will cause Device Manager to request the updated drivers directly from the Windows Catalog of drivers, bypassing the Windows Update universal app. When all is finished and down, you'll have the latest drivers installed. In some cases, a reboot may be required to allow the newer driver to load. By the way, unlike previous versions of Windows, where you could launch Windows Update by creating a shortcut to run WUAPP.EXE, Windows 10 no longer includes that program since it's now a part of the Preferences universal app. You can create a shortcut to launch Windows Update, though, by creating a shortcut with a target of ms-settings:windowsupdate (which, for some reason, is case-sensitive) or if that doesn't work, by using a target of CONTROL.EXE /name Microsoft.WindowsUpdate (which is not case-sensitive, as far as I can tell). Regards, Aryeh Goretsky

Hello, As part of our ongoing desire to provide you with the best and most secure experience possible, on December 15, 2016, the ESET Security Forum will be upgrading to a new version of its forum software. This change will largely be transparent for most users, and should have no impact on your ability to log in, search for answers, or ask questions. A couple of changes, however, may affect some users: Usernames will no longer be shown on messages. Only the Display Name will appear. BBCode is being deprecated in favor of new HTML-based WYSIWYG editor. The Friends system is being dropped due to lack of usage. There may be some other small changes in the forum's look and feel, but these will largely be cosmetic in nature. We will be updating the forum's online help to match these new experiences. If you have any questions, please feel free to ask them, below. Regards, Aryeh Goretsky

Hello, There are plans to release a new version of ESET SysRescue, however, I don't have a timeframe for when it will be available yet. Regards, Aryeh Goretsky