Marcos

Please provide logs collected with ESET Log Collector for a start.

ESET scans email messages during the download through POP3(S) or IMAP(S). Real-time protection does not scan mailbox files on a disk. They are not scanned by the on-demand scanner by default either as scanning mailbox files requires "email files" to be enabled in the appropriate on-demand scan profile setup.

Please provide your public license ID in the form of XXX-XXX-XXX.

The logs have been forwarded to developers for perusal. Will keep you posted. P_ESSW-18061

This may happen on systems that take longer to start. As of the next version of Endpoint v11, we will change the way we register as an AMSI provider. In the mean time, you can disable the appropriate application status so that the error is not reported in gui.

And is that actually the right question to ask? Here’s what else you should consider when it comes to keeping your accounts safe.View the full article

If you go through the support wizard https://go.eset.com/contact-support/, it will offer you an option to open a support ticket.

I was able to open the site in a browser, it was not blocked.

ESET NOD32 Antivirus Business Edition sounds like a legacy endpoint product that is quite old and is not even listed at https://support-eol.eset.com/en/policy_business/product_tables.html. I'd recommend raising a support ticket to find out what Endpoint product you have installed and why it could not be fully removed automatically.

It is weird that the issue didn't manifest right after upgrading to v11. What if you install Endpoint 11.0.2044, ie. if you don't upgrade from v10? Does the issue occur immediately? Does it occur regardless of the browser you use? Anyways, I'd recommend raising a support ticket since it's necessary to narrow it down to a particular protection module or setting that needs to be turned off for the issue not to occur.

Without the network traffic scanner disabled, ESET should not affect the HTTP(S)/POP3(S)/IMAP(S) communication whatsover. Does the issue go away after temporarily uninstalling ESET and returns as soon as you install the latest version with default settings?

Does temporarily disabling the Network traffic scanner actually make a difference?

It appears that even the latest version from 2015 is vulnerable. You can quarantine the file and in case a legitimate application cannot run, create a detection exclusion.

Probably the domain began to resolve to an IP address that had been blocked for 4 years already. It has been unblocked.

There will be a new version of ESET products with support for Ubuntu 24.04 LTS some time after the beta version with a stable kernel becomes available.

Je to vidiet napriklad v SysInspector logu.

It's a vulnerable driver that can be exploited for privilege escalation. It's on several blacklists, including the Microsoft's one.

Epfwlwf.sys nebezi, je to nejaky pozostatok zo starej verzie. Vytvoreny bol este v roku 2017. Mozete vyskusat odinstalovat ESET Smart Security Premium (ESSP) a v nudzovom rezime spustit ESET Uninstall Tool, ktory by ho mal odstranit. Po naslednej instalacii ESSP by uz vobec nemal byt medzi ovladacmi.

Release date: April 2, 2024 ESET Security for Microsoft SharePoint Server version 11.0.15002.0 has been released and is available to download. Changelog Version 11.0.15002.0 NEW: Firewall Support NEW: Vulnerability & Patch Management support NEW: ESET PROTECT Hub Support NEW: Support for SHA-256 file hash NEW: In-product support state informing according to End-of-life policy NEW: Extended generation of Automatic Exclusions with the use of arbitrary credentials NEW: ESET Shell can now export data to .csv NEW: Support for forced check of product auto-upgrades via ESET PROTECT Console IMPROVED: Configuration export is now protected by admin rights IMPROVED: ESET Cluster wizard now informs about the result of product activation on individual nodes IMPROVED: Imported configuration from cluster node (within synchronization) will have cluster as source in audit log CHANGED: Cluster menu option has been moved from “tools” to “Setup/Server” section CHANGED: Various User interface layouts in Setup/Server, Setup/Network FIXED: A problem where a path to SharePoint site containing special characters was scrambled when saved in scheduler. FIXED: A problem where incorrect language was set while deploying via GPO FIXED: A problem where an on-demand scan of .tgz archive returned “error reading archive” FIXED: A problem where it was not possible to start ESET Shell under SYSTEM account FIXED: A problem with error message: "The system failed to flush data to the transaction log" in event viewer caused by realtime filesystem protection FIXED: A problem where a status message “Updates are available” could not be dismissed FIXED: A problem with occasion of incorrect task logs informing about failed scan that actually completed successfully FIXED: A problem where execution of signed batch file through ESET Shell was not working properly REMOVED: Support of Microsoft Windows Server 2012 REMOVED: Support of Microsoft Windows Storage Server 2012 REMOVED: Support of Microsoft Windows Server 2012 Essentials REMOVED: Support of Microsoft Windows Server 2012 Foundation REMOVED: Support of Microsoft Windows MultiPoint Server 2012 Other minor fixes and changes Support Resources Online Help (user guide): ESET Security for Microsoft SharePoint Server For more information and to download the product, visit the ESET Security for Microsoft SharePoint Server download page or contact your local reseller, distributor or ESET office.

Release date: April 2, 2024 ESET Mail Security for Microsoft Windows Server version 11.0.10005.0 has been released and is available to download. Changelog Version 11.0.10005.0 NEW: Microsoft 365 On-demand scan refactored to use Graph API to prepare for discontinuation of EWS NEW: Protection statistics reports now contain information about detected file types and file extensions NEW: Protection statistics reports can now be sent in .csv NEW: The Administrator can now release the quarantined mail to the desired mailboxes only NEW: Homoglyphs are now being evaluated for phishing detection NEW: Notifications for triggered email rules can now be sent to the original recipients NEW: Vulnerability & Patch Management support NEW: ESET PROTECT Hub Support NEW: In-product support state informing according to End-of-life policy NEW: Extended generation of Automatic Exclusions with the use of arbitrary credentials NEW: ESET Shell can now export data to .csv IMPROVED: Rules now contain separate filters for .vsd and .vsdx IMPROVED: Various improvements on DKIM signing workflow design IMPROVED: ESET Shell now supports the creation of scheduler tasks for protection statistics reports IMPROVED: Quarantine report can be now password-protected IMPROVED: Optimized loading of mailboxes and public folders for on-demand scan in environments with large AD IMPROVED: IPs and URLs in Quarantine reports are now obfuscated to avoid further detection IMPROVED: Document-Reference headers checked by anti-phishing protection IMPROVED: ESET Cluster wizard now informs about the result of product activation on individual nodes IMPROVED: Imported configuration from cluster node (within synchronization) will have the cluster as source in the audit log CHANGED: Documents are now sent for analysis by default after enabling of ESET LiveGuard Advanced CHANGED: Cluster menu option has been moved from “Tools” to “Setup/Server” section FIXED: A problem with DKIM signing due to case-sensitive comparison of domains FIXED: A problem where an expired session of web quarantine returned error 403 instead of the login screen FIXED: Support for the new structure of anti-spam lists in ESET Shell FIXED: A problem where a status message “Updates are available” could not be dismissed FIXED: A problem where execution of signed batch file through ESET Shell was not working properly REMOVED: Support of Microsoft Windows Server 2012-based operating systems (NT 6.2) Support Resources Online Help (user guide): ESET Mail Security for Microsoft Exchange Server For more information and to download the product, visit the ESET Mail Security for Microsoft Exchange Server download page or contact your local reseller, distributor or ESET office.

Na Windows 10 by ste mali mat iba nasledovne ovladace: Poslite, prosim, logy z nastroja ESET Log Collector.

Could you please explain how the information about the used scan profile would help users given that profile settings can change over time? I mean, an in-depth scan run a month ago might not use the same settings as an in-depth scan run at a later time which would not be obvious from the on-demand scanner log as only the profile name would be logged.

There is more to some images than meets the eye – their seemingly innocent façade can mask a sinister threat.View the full article

It is a benign message that should be ignored. The said process is Windows protected and attempted to load the AMSI provider which failed because only Windows components can be loaded into Windows protected processes.

Jedina moznost je potom prejst na Windows 10, resp. Windows 11, kde sa epfwlwf.sys nepouziva.