Marcos

By default, logs with lower severity are removed after 1 month. This can be configured in the advanced ESMC Server setup: If you create a Web Control rule with higher severity (warnings / critical), the records are retained for 6 months. We do not recommend creating a Web Control rule that would log every accessed url or it will generate huge logs on clients and performance issues not only on clients but also on the ESMC server which may result in inability to log in due to server overload caused by processing a huge number of records.

First of all, you should take measures to prevent attackers from getting administrator access to the machine, typically via RDP. I will drop you a personal message shortly.

The error means a problem connecting to a proxy server. Is it disabled as shown below? Is it disabled on other machines where you successfully activated Endpoint as well?

It is only possible to block whole devices (e.g. hard disks), not only particular partitions. Check the system Device manager and post a screen shot of where the troublesome disk appear in the device tree.

I mean, what error do you get if you enter the license key here? A registration email sent after purchase contains the license key (not a file). You can try to retrieve it through https://www.eset.com/int/support/lost-license/ or by contacting the partner from whom you purchased the license.

You should be able to find the detection records in the Detected threats log.

Probably you have an adware-like browser extension installed. Try running Chrome without extensions, ie. with the "--disable-extensions" parameter or disable/remove extensions one by one until you narrow it down to the offending one.

I'll wait for ELC logs since only an xml file with exported configuration can tell if the rules are actually duplicate.

Please gather logs with ESET Log Collector and provide me with the generated archive. Couldn't it be that the path to an application changes? Isn't it applications installed in c:\Program files\WindowsApps folder that you are asked for an action repeatedly?

If you check client details, do you see a recent connection to the ESMC server there?

The reason why you cannot pause protection is that protection module are enabled via a policy, ie. the lockpad icon may not appear next to particular protection modules in your screen shot. I assume that activating Override mode should do the trick:

If you mean the master password, it cannot be retrieved: https://forum.eset.com/topic/17870-password-manager/

Please read https://help.eset.com/ees/7/en-US/whats_new_7.html?installation.html.

You wrote that you tried activating manually but you forgot to mention what error you got which is what I asked.