Marcos

You can retrieve your license information via https://www.eset.com/int/support/lost-license/ or contact your local customer care.

This is not currently supported. The icon is either visible to all or nobody. I have no clue if it'd be technically possible to display notifications and alerts in the session of several users / administrators. When you have any requirements, ideas, etc. I'd suggest reporting them via your local distributor who will subsequently pass them to ESET HQ for consideration.

Haven't tested it myself but the help says: Terminal - No notifications or alerts will be displayed. GUI can only be started by the Administrator. The user interface should be set to Terminal if graphical elements slow the performance of your computer or cause other problems. You may also want to turn off the GUI on a Terminal server. For more information about ESET File Security installed on Terminal server, see Disable GUI on Terminal Server topic. That said, if gui cannot be started by administrators there must be some issue. It shouldn't be a global problem since this is something that should be covered by QA tests and other users would have already noticed and reported such bug. I'd recommend raising a support ticket with your local customer care.

What version of MS Outlook do you use? Do you receive email via MAPI from a MS Exchange server? Does temporarily disabling integration with MS Outlook makes a difference? If not, what about temporarily disabling protocol filtering?

It's not a false positive: setup-lightshot.exe\INNO\{tmp}\downloader.exe Win32/Bundled.Toolbar.Yandex potentially unsafe application Other files in the installer also show that there's a Yandex toolbar bundled: elements-eula-tr.rtf yandex_browser_setup_ru.bmp downloader.exe browser-page-ru.rtf yandex_logo_en.bmp elements-eula-ru.rtf browser-elements-eula-tr.rtf browser-page-tr.rtf setupupdater.exe yandex_logo_ru.bmp browser-elements-eula-ru.rtf browser-eula-tr.rtf browser-eula-ru.rtf yandex_browser_setup_tr.bmp PUsA detection is optional and is disabled by default. If one needs to use a particular application detected as PUsA, he or she should exclude it from detection by the detection name. As for the CPU-Z driver, it's not detected at VT because VT doesn't use real-time protection but on-demand scanners to scan files. In this particular case it makes a difference.

I assume it's related to a javascript that downloads ads and PUAs like this

The detection is correct, the said drivers are detected as a potentially unsafe application which is an optional detection and is disabled by default. CPU-Z had vulnerable drivers.

It's weekend currently. It might be a bug but without discussing it with developers it's impossible to tell for sure. Have you already raised a support ticket and received a ticket ID?

Have you upgraded to ESMC (v7) in the mean time and not using ERA v6.x?

Do you have ESET Mobile Security 5.2.11 installed?

I have newer modules but also have updates from the pre-release update channel enabled: I would check the ESMC server trace log for possible update errors. You can also enforce update of modules by restarting the ESMC server service.

Please read this before you post Do not report blocked websites After cleaning a website from malware and taking measures to prevent further re-infection, request a re-check as per the instructions in the FAQ. This forum does not serve as a channel for requesting website re-check or disputing blocks or detections. According to your screen shot, it was taken 7 days ago. The url was unblocked several days ago. Before you report something, please make sure it's still valid and do not rely on old information.

It was a false positive of a detection from April. It's been already fixed.

Please post a screen shot since it's not clear what red screen you mean.

It's been blocked just recently. However, the OP seems to have come here to propagate his cleaner; some links and stuff were removed from his post and profile.

There are not really many AVs that block the site:

It's impossible to tell what could have happened when you ran the file. The thing is the payload on servers may change in time, there may be no payload at times, connections to the server may fail, the downloaded payload may be undetected, etc. If running a full disk scan doesn't reveal any threat on the machine, I'd consider it clean.

Since the doc file is not detected only by ESET but also by other AVs, it's unlikely to be clean. However, after scanning the file with ESET the malicious macro should have been sanitized and the file should be no longer detected by us (some other AVs may still detect it though).

Actually 3rd party AVs don't turn off Defender. AVs register to WSC and Windows itself subsequently turns off Defender. It sounds like it takes longer to start the Security Center service so Defender turns on and after the SC service starts, ESET registers to it and Windows turns off Defender.

What does actually fail with an error? If you open your bank's site in a normal browser, are you offered a redirection to the secure browser? If you open a bank's site in the secure browser, it opens alright as you wrote.

This was considered before we started developing BPP but there were more cons than pros for that approach.

By ERA are you referring to the latest version of ESET Security Management Center? Have you tried using the ESET Remote Deployment tool as per https://help.eset.com/esmc_smb/70/en-US/deployment_tool.html ?

There has been no intentional change in this regard. If you have all addresses blocked and want to allow http/https communication with specific addresses, then these must be added in allowed addresses.

ESET's server products do not have a firewall included. A personal firewall is included only in ESET Endpoint Security. In automatic mode (default) it allows all outbound communication and blocks all non-initiated inbound communication which would require creation of rules on systems running server applications.

Thanks for the heads-up itman, I've informed the appropriate person.