Marcos

Does the page https://help.eset.com/era_admin/65/en-US/index.html?admin_pol_how_policies_are_applied.htm help understand how policies are applied?

You can remove the license from unused device(s) via the License manager and then use to activate ESET after you reinstall the OS and install ESET.

Yes, you can use your license key to activate ESET. You can then remove the license from the former computer via the license manager at my.eset.com.

I assume that creating a filter for Active threats -> Count >= 1 should do the trick and only active threats (ie. those that could not be cleaned / deleted for whatever reason) should be included in the report then.

Please gather logs with ELC and provide me with the generated archive if you would like me to check your ESET's configuration. The log you've provided was generated by Process Monitor.

If you can't evaluate if a particular communication is good or bad, I'd strongly suggest using automatic mode without any custom rules. Otherwise it could happen that you block a legitimate communication which will cause issues with the operating system or some applications.

I don't see anything wrong with that. As long as the LiveGrid feedback is enabled, it is normal that nfi files may be created in the charon folder. Please provide me with the nfi file for perusal.

In-depth scans doesn't use Smart optimization by default and scans every file you have on a disk. Try enabling Smart optimization in the In-depth scan profile; the scan time should be reduced quite a lot.

Are you getting the pop-up only when launching IE or other browsers as well? Please provide me with logs collected by ELC to start off.

The interval has been about 15-20 minutes for a quite long time already so it's nothing new in v11. Of course, the program may query LiveGrid servers for information about specific objects as needed.

You can list the content of cache using htcacheclean when run with -A and -p%path_to_cache% options as stated at https://httpd.apache.org/docs/2.4/programs/htcacheclean.html

1, There's already a server task "Delete not connecting computers". 2, This is a very general wish. Be more specific please. In the initial announcement in this topic, we wrote: NOTE: When making your requests do not make general statements such as "better gui". If you have a specific feature or functionality you would like to see added (or improved) please post it here, but general requests to "make things better" are not helpful because they do not give ESET detailed enough information. Thank you for your understanding. 3, You can send SMTP notifications from clients upon threat detection or reports with detected threats from ERA. I'm quite sure that it's also possible to send reports about outdated clients.

Currently the latest available version is 11.0.159. We will resume updates to v11.1 (probably v11.1.52) soon. New v11.1 installers have passed QA tests and will be released within the next few days. If you want to install v11.1 manually now, download it from the links posted above and install it over your current version.

If you had SIM guard enabled, you were supposed to be asked for a security password after replacing the SIM. Is there a SIM card actually inserted in your former phone? Are you being asked for a security password when turning on the former phone?

I think this is what you are after. It's a new feature of ERA v7 and Endpoint v7 which will be unveiled later this year:

Policies are per product so if you later edit a policy and change the product to another one, it's normal that the settings previously defined for the former product will be lost. The new product you selected may not even support those settings.

No credentials are needed. Use anonymous logon.

It should look like as follows: If you would like me to check your setup, please run ELC, collect logs and other stuff and provide me with the generated archive.

Just to make sure, did you exclude "C:\Program Files\Microsoft Dynamics AX\60\Server\MicrosoftDynamicsAX_Axnos\Bin\Ax32Serv.exe" in the process exclusion list and not just "Ax32Serv.exe"? A full path the executable must be entered, otherwise it won't work and HIPS will report errors. Please provide also logs collected with ELC on the server to make sure that EFSW is configured properly.

Please collect logs with ELC and provide me with the generated archive for perusal.

Have you tried deploying the agent via GPO or SCCM as per the instructions at https://support.eset.com/kb3675/?

We use whichever protocol is available. If IPv6 is not available, we communicate over IPv4. Nothing has changed in this regard for ages I would say.

This is highly unlikely related to ESET. We are pretty much sure that uninstalling ESET would have no effect on this. I have informed in the appropriate topic that the event will be eliminated as of the HIPS module 1316. It's not meant to be fixed in the product itself.

Isn't CarbonBlack another security software with real-time protection? It is a known fact that having more security solutions at a time, especially if each uses real-time protection, is not recommended. Otherwise they will likely clash, cancelling out each other, make the system unstable, slow, etc.

First of all, we kindly ask you to write in English since this is an English forum and most moderators and users speak primarily English. Please remove C:\ProgramData\Microsoft\Windows\*.* from the exclusion list. Also I'd suggest upgrading to EFSW 6.5. Is the threat detected even if the server is disconnected from the network and the server has been rebooted?