Выбрать дату в календареВыбрать дату в календаре

1 2 3 4 5 6 7 8 9 10 11 ... 23 След.
kprocesshacker.sys - потенциально опасное ПО , или нет ?
[QUOTE]Можно ли узнать, почему лаборатория Eset Nod не считает файл "kprocesshacker.sys" потенциально опасным ? Касперский и Доктор веб занесли его в свои базы как "Not-a-Virus" и "Tool" (потенциально опасное ПО).[/QUOTE]

[QUOTE]Время;Сканер;Тип объекта;Объект;Угроза;Действие;Пользователь;Информация;Хэш;Первое обнаружение
10.10.2018 13:56:28;Защита в режиме реального времени;файл;C:\vir\kprocesshacker.sys;модифицированный Win64/ProcessHacker.A потенциально опасная программа;очищен удалением;nickm;Событие произошло в файле модифицированном приложением: C:\Program Files\Far Manager\Far.exe (CB75BFB289BC84C9354E2C73F5B6CDD83DF638E4).;624A63232E0ACC4992CE01F3E836711E4F6DA2F1;18.05.2017 12:48:55[/QUOTE]
Шестое поколение продуктов ESET(Бизнес версия), Обсуждение новых функций, настройки, и исправлений 6-й версии продукта.
Цитата: [I]Для того чтобы удалить файл после перезагрузки компьютера Windows использует PendingFileRenameOperations.
В разделе реестра HKLM\SYSTEM\CurrentControlSet\Control\Session Manager создаётся многостроковая переменная PendingFileRenameOperations.
В качестве аргументов в неё записываются имена файлов с их расположением которые...[/I]
ERA + ubuntu 18.04
Скорее всего и в этот раз очень много нужно поработать "ручками"...
А Вы прямо с параметрами из примера запускали? У Вас то ведь наверное данные другие или Вы под пример все подвели?
Шестое поколение продуктов ESET(Бизнес версия), Обсуждение новых функций, настройки, и исправлений 6-й версии продукта.
[QUOTE]Сергей написал:
[QUOTE] Мартынов Николай написал:
Можно поступить так -  сохранить значение параметра, удалить значение и повторить запуск инсталлера ESET.[/QUOTE]Укажите пожалуйста какую ветку и от чего очистить?
    [/QUOTE]

Ровно ту, о которой Я и написал в сообщении:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations]
Шестое поколение продуктов ESET(Бизнес версия), Обсуждение новых функций, настройки, и исправлений 6-й версии продукта.
Сергей, Я Вам в [URL=https://forum.esetnod32.ru/messages/forum4/topic12530/message104376/#message104376]этом[/URL] сообщении указал на возможную причину, а в [URL=https://forum.esetnod32.ru/messages/forum4/topic12530/message104381/#message104381]этом сообщении[/URL] предложил вариант как ее обойти.
Шестое поколение продуктов ESET(Бизнес версия), Обсуждение новых функций, настройки, и исправлений 6-й версии продукта.
[QUOTE]Сергей написал:
Этого параметра как раз в реестре и нет.[/QUOTE]

Так Вы же Сами привели скрин
Шестое поколение продуктов ESET(Бизнес версия), Обсуждение новых функций, настройки, и исправлений 6-й версии продукта.
[QUOTE]Сергей написал:

Вот
  Пытался обновить поверх старой, ставил с нуля на двух 2016, на 2008 и 10-ку тоже пытался, я так понимаю что то с доменными политиками сетап не ладит. Затык на HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate­ ­\Auto Update\RebootRequired происходит.[/QUOTE]

У Вас система запланировала удаление/переименование файла при перезагрузке. Пока данный параметр не "очистится" инсталлер будет твердить, что Вам требуется перезагрузка для установки обновления. Можно поступить так -  сохранить значение параметра, удалить значение и повторить запуск инсталлера ESET.
Изменено: Мартынов Николай - 12.09.2018 19:24:46
Шестое поколение продуктов ESET(Бизнес версия), Обсуждение новых функций, настройки, и исправлений 6-й версии продукта.
[QUOTE]Сергей написал:
Попытался по мануалу сделать, наткнулся на проверку Windows Update, которая просит перегрузить сервер...и все, у кого установка центра вышла?[/QUOTE]

Перезагрузка не помогает?

Проверьте ветку реестра

[IMG WIDTH=1833 HEIGHT=90]https://i.imgur.com/QMizdXg.png[/IMG]
Шестое поколение продуктов ESET(Бизнес версия), Обсуждение новых функций, настройки, и исправлений 6-й версии продукта.
В пору новую тему открывать

[B]ESET Endpoint Security/Antivirus[/B]
[CODE]Version 7.0.2073.0

   Added: Ransomware shield
   Added: Product auto-update/microPCU
   Added: Date/Time-based scheduling for Web control/Device control
   Added: Support for local (white/black/url/exception) lists, in managed environment
   Added: ESET Dynamic Threat Defense support
   Added: Native ESET Enterprise Inspector support
   Improved: Licensing upgrades to allow subscriptions
   Improved: Visual/navigation improvements in advanced configuration (Cloud-based protection, LiveGrid)
   Added: System-wide process exclusions
   Added: System-wide object exclusions based on hash checksum
   Improved: Optional fast track for updates with smaller modules/definitions (picoUpdates)
   Changed: Default-enabled SSL scanning of web-traffic
[/CODE]

[B]ESET File Security for Microsoft Windows Server[/B]
[CODE]Version 7.0.12014.0

   Changed: End of support for Microsoft Windows Server 2003
   Added: Compatibility with Windows Server 2016 Fall Release
   Added: True 64-bit product core
   Added: Ransomware shield
   Added: Script tracing for PowerShell (AMSI)
   Added: Scanning of Microsoft Office 365 - OneDrive storage
   Added: ESET Dynamic Threat Defense support
   Added: Native ESET Enterprise Inspector support
   Improved: Licensing upgrades to allow subscriptions
   Added: ESET Remote Monitoring & Management support (eRMM)
   Added: Date/Time-based scheduling for Device control
   Added: System-wide object exclusions based on hash checksum
   Improved: Optional fast track for updates with smaller modules/definitions (picoUpdates)
[/CODE]

Походу на замену ERA пришел "ESET Security Management Center". Интересно, а поверх установкой можно будет обойтись?

[CODE]Version 7.0.66.1 (compared to version 6.5)

   Added: Automatic detection of “machine cloning” by a sophisticated hardware fingerprint detection to allow automatic resolving of cloning and advanced setup of environment for native support of VDI and golden master image environment
   Added: New section that details which files were submitted to ESET LiveGrid® or ESET Dynamic Threat Defense (either manually, or automatically)
   Added: DB info in “About” screen
   Added: Enhanced filtering options by product name, version, number of alerts, policies, threats and many other options (autocomplete is available for some report input fields such as installed software, version or Operating System
   Added: ESET Products dashboard as well as all reports where ESET applications are reported, now includes “one-click upgrade” option, even fr om aggregated data
   Added: Expand all / collapse all option in Reports screen
   Added: Extended options for filtering for specific values, for example, to sel ect values reported in the Database by Operating System, Installed Applications and others
   Added: You can set exclusions (by Hash) directly into policies fr om the footer and the details for each file display what was submitted, when, and the results of the submission
   Added: Full-text search for reports screen is available by typing any substring fr om each name / description
   Added: You can drill-down the Group details screen that shows the aggregated view on parent / children, as well as the summary (computers, alerts, unresolved threats, tasks, policies)
   Added: Hardware Inventory – ESET Management Agent now collects information about installed hardware fr om Windows, Mac and Linux systems.
   Added: In Computer details, “applicable dynamic groups” are also shown under “device info”
   Added: Information about “current detection engine version“ was added as well as calculated SHA1 value
   Added: You can create an exclusion into policy with one click
   Added: You can filter Threats Screen by cause, threat type, scan, scanner and define more granular criteria for the time filter in threats
   Added: You can initiate a scan with cleaning with one click, targeting only a desired path that will mark the threat as resolved (automatically) and verify whether the infection is still present
   Added: You can initiate manual submission of a file to ESET Dynamic Threat Defense from threat details
   Added: Native support for the new products ESET Enterprise Inspector (EEI) (mutual resolving of alarms, EEI deployable via repository, policies for EEI agent), ESET Dynamic Threat Defense (EDTD) (corresponding ESMC UI section, policies section, license handling, reporting) and Endpoint version 7 (ransomware shield)
   Added: “Incident Overview” dashboard that provides navigation to detected/reported threats with one click and an overview of unresolved threats including their severity, detection method, resolution status and top 10 computers/users with incidents
   Added: “Overview“ dashboard, with suggested steps (when empty), one-click navigation and RSS feed integration (We Live Security and Product Release News)
   Added: “Remove computer from management“ wizard that displays the steps needed to remove the selected computer from management
   Added: New columns in the computers view for number / highest severity of alerts, cloning questions and hardware detection reliability status (relevant for automatic detection of cloning)
   Added: Filter to “hide not-assigned policies”
   Added: New hardware / OS info tile and links to hardware inventory section (details/hardware)
   Added: Predefined policies for optimal usage of ESET Live Grid, and updates to existing recommended templates for “Maximum protection”
   Added: Report template categories added for Enterprise Inspector, Dynamic Threat Defense, Hardware Inventory, Cloning Detection and other categories were expanded (more than 40 new report templates added)
   Added: Settings for iOS devices running latest iOS versions
   Added: New task types – Diagnostic (enable diagnostic mode / log collector generation) and Send File to ESET Dynamic Threat Defense
   Added: You can create Notifications on new event types (blocked files, etc.) with advanced filtering options
   Added: You can resolve “resolvable” actions with one click such as to activate, reboot, upd ate OS, or various protection issues (for instance, to re-enable protection features) and additional “Search the web” function will open Google with the specific error value (always containing ESET and respecting the language of the error)
   Added: Ability to allow “local lists” on Endpoint clients with the result to have merged values from configured policies and locally specified entries (when local lists are enabled, values are no longer read-only for the local administrator)
   Added: You can edit multiple notifications at once (define users / enable / set timezone / se t monitored static group)
   Added: You can enable / disable notification(s)
   Added: You can open “Behaviors” for the files submitted to EDTD (with the ability to configure sensitivity of detection in ESET products via policies)
   Added: Ability to specify a monitored static group to filter out computers based on the static group membership
   Added: Proactive notification about “new version of ESMC server is available” and suggested steps
   Added: Support for Subscription licenses
   Changed: ERA Proxy is discontinued in ESMC. ESMC has a new replication protocol with the usage of “EPNS” (ESET Push Notification Service) and multicast support for WOL. New protocol no longer requires “ESMC Proxy” for agents – server communication caching. Upgrade with caution by following the Online Help instructions: Upgrade infrastructure with ERA 6.5 Proxy
   Changed: “Deploy agent” screen, with simpler options, and the ability to generate installers
   Changed: New client details view with clickable tile elements that each shows different information related to info / hardware & OS / status / products & licenses / users
   Changed: New layout of the “Reports screen” and ability to generate reports and add report templates with one click
   Changed: Policy details showing “Assigned to” that combines computers / groups and “Applied on” (that is, applied targets)
   Changed: Redesigned quick links and help links
   Improved: “Add new computer” wizard for computers / mobile devices with the ability to initiate the “AD sync” task from computers directly as well as support for “device owner” enrollment for Android 7 devices
   Improved: “Context-sensitive context menus” do not show invalid options
   Improved: “Show preview” displays the content that is available in the ESMC Database
   Improved: Alert (problem) details are reported from the supported security products Endpoint version 7, version 7 server products and all future business products to be released
   Improved: Behavior change of the “Threats section” wh ere threats are automatically marked as resolved in ESMC
   Improved: Better tooltips showing accurate license usage
   Improved: Completely new and redesigned notifications section with many new notification templates available by default
   Improved: Dashboard reports visualizations with numbers shown in the aggregated charts and color adjustments
   Improved: Enhanced search allows a search for “Assigned users”
   Improved: Mobile-centric client details are available for mobile devices with mobile-specific content (locate / open map, etc.)
   Improved: More explanations added to “Display Message” task and “Security Management Center Infrastructure Upgrade” task
   Improved: Installed applications now allows you to update with one click
   Improved: The ability to locate threats detected by the same scan and to drill down from scan reports to threats, and vice versa
   Improved: Redesigned line charts including correct “0” values reporting to make any line chart more readable and accurate
   Improved: Mirror tool allows creation of offline repository only for selected products and language versions
   Improved: Mobile Device Connector is more robust and secure
   Improved: More conditions and improved creation wizard for the Dynamic Group templates such as renamed conditions and the ability to prefill values from the database
   Improved: More details about update settings in ESMC Server settings
   Improved: New layout for wizard elements allows simpler navigation, more clean identification of missing element and also simpler navigation by buttons
   Improved: New self-monitoring alerts for ESMC reported in “Security Management Server” dashboard section
   Improved: New status overview with tiles design and suggestions about “External Services” status, “Questions” and “Invalid Objects” that all comprise the health monitoring center of ESMC
   Improved: New task creation wizard
   Improved: New user details with sections ALL
   Improved: Notifications are sent as HTML
   Improved: Notifications feature the new WYSIWYG (what you see is what you get) editor, wh ere you can configure the notification subject and body out of available variables within the ESMC DB
   Improved: Option to sync computer users from Active Directory accessible from the screen
   Improved: Ability to define “sequential database cleanup” for different types of logs (diagnostic / monitoring / audit / management / incident)
   Improved: Ability to use multicast addresses to initiate Wake On Lan
   Improved: Ability to initiate product activation task when selecting a license, with one click
   Improved: Products & Licenses navigates to details/products and licenses wh ere more details are displayed about the license such as license type and seat name for the new ESMC compatible products
   Improved: Redesigned installer generation flow for all-in-one installers and more explanations about behavior
   Improved: Redesigned “Add licenses” wizard with added support for ESET Business Account and backward support for ESET License Administrator
   Improved: Redesigned anti-theft actions that support “Lost mode” switching for the iOS devices under Device Enrollment Program (DEP) and more descriptions added to explain the behavior of the task
   Improved: Redesigned filter bar with the option to remove / reset / save filter presets and “Category filter” moved to “Filters” section
   Improved: Restyled report creation wizard making it simpler to navigate
   Improved: The “Logs” section now includes tabs to display “Log Collector” wh ere the download can be initiated fr om ESMC and a new section for “Diagnostic logs” allows you to initiate diagnostic mode
   Improved: Software installation task performs a pre-execution check and reports “Task failed” with additional details such as another install running, pending reboot, etc.
   Improved: When a scan is run on an endpoint and the scan includes all targets on the endpoint, all previously reported antivirus threats are automatically marked as resolved
   Improved: All-in-one installer now allows you to select only the Agent when creating a new package
   Many minor fixes and performance and stability improvements
[/CODE]
Изменено: Мартынов Николай - 18.08.2018 14:29:42
Шестое поколение продуктов ESET(Бизнес версия), Обсуждение новых функций, настройки, и исправлений 6-й версии продукта.
[B]ESET Endpoint Security/Antivirus[/B]

[QUOTE]Version 6.6.2086.1 [LIST]
[*]Fixed: Added Microsoft compatible registry entry for HIPS module to installer binaries
[*]Fixed: On-demand scanner log resend to ESET Remote Administrator version 6 when ESET Endpoint Antivirus is upgraded from version 5 to version 6
[*]Fixed: Protocol filtering IP exclusions do not work
[*]Fixed: Some alerts do not display in Alerts section in ESET Remote Administrator
[*]Fixed: Link to enable Web Control is not paused after sending Run Command in ESET Remote Administrator
[/LIST][/QUOTE]
1 2 3 4 5 6 7 8 9 10 11 ... 23 След.