Marcos

First of all, I take liberty to assure you that we listen to our customers and strive for making ESET products fulfill your needs. Therefore we need to hear from your what you like and dislike about our products which helps us consider and plan future changes accordingly. We value any constructive feedback that you provide. As for older versions, we do not recommend using them. With new versions, new protection features will be added, such as Ransomware shield, Dynamic Threat Defense, etc. and also over time older versions will cease receiving updates and support for new builds of Windows 10. You wrote: Please elaborate more in this since the Protection status panel is still in EP6.6 and it's a vital part of the gui: This was just renamed to "Scan your computer".

Are you able to reproduce it with any browser only only with Chrome?

Please check the list of applications installed in your phone. Aren't there 2 instances of ESET Mobile Security listed? Did you purchase your license through Google Play or through ESET's website? There are 2 different versions - one for GP and one so-called "web" version that is downloable from ESET's download servers.

MDM is available as a separate VA. I'd assume that installing it on the same VA as ERA would cause performance issues and would not be secure either since MDM has to be accessible by Endpoint on mobile phones.

If you open Google Play and search for ESET Mobile Security, are you offered an update?

If I remember correctly,the product checks ESET's servers for license details once a day. The license information in the product should update within 24 hours.

You can either use Web control rules to block access to "youtube.com" and "facebook.com", or Address management in the Web protection setup to block the domains (the latter supports wildcards, ie. "*yotube.com*", "*facebook.com*". In Chrome you might need to disable QUIC support as shown below:

I'd suggest contacting your local distributor. It should be possible to get one license for 2 computers and subtract the price for the remaining period of your current license.

Web protection scans files during the download and blocks the file if a threat is detected. Files are also scanned upon access and execution, however, only newly created files and executed files are scanned thoroughly using advanced heuristics. I mean, if one downloads a malicious file with web protection and real-time protection disabled and only then re-enables real-time protection and accesses the file, it may not be detected. However, the file would be detected upon execution or if copied elsewhere so protection is ensured.

If 6.6.2046.0 works for you alright and you are not experiencing issues after upgrade from an older version, then you don't have to hurry with upgrade to 6.6.2072.X. However, if performing a clean install it is important to use the latest 6.6.2072.4 with latest modules to prevent the machines from crashing due to incompatibility of an older AntiStealth module and recent MS updates addressing Meltdown / Spectre vulnerabilities. Currently you have to create a new Software install task and send it to clients. This will be improved in ESMC (ERA v7). If you use HTTP proxy to cache files, I'd recommend sending the Software install task to one client so that the installer is cached on the proxy and then continuing with a group of other computers. If everything goes fine, send the task to the rest of the computers. Generally it is not recommended to install or upgrade Endpoint on all machines at ones because: 1, If an issue occurs, it might affect all computers. 2, If more agents started to download an Endpoint installer at the same time, it would not be cached yet and thus the installer would be downloaded multiple times from ESET's servers.

Did you also test the system for EternalBlue vulnerability using the appropriate checker tool https://help.eset.com/eset_tools/ESETEternalBlueChecker.exe as advised above? If the system is vulnerable, you should install the appropriate Windows updates to prevent the system from being infected from another machine in the network by exploiting a SMBv1 vulnerability: https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010

It might have been accessed by an add-on for instance. Are you able to reproduce it?

That's because the whole version number is currently compared with the latest version number in the repository. We plan to change this in the future, however, it's not easy and it will take some time. Removing modules from installers would prevent this inconvenience, at least partially.

It should have nothing to do with our forum. Invalid certificate is reported on the server mirror.cedia.org.ec and I doubt that the forum provider would access an Ecuadorian domain.

If you have any version 6.6.2072.X installed and is updated, there's no reason to install 6.6.2072.4 which is in fact 6.6.2072.0 with the latest modules included. It's important to use 6.6.2072.4 for new install tasks to prevent BSOD due to an issue caused by an older AntiStealth module and Microsoft's Meltdown/Spectre patches.

Honestly, it's really a weird scenario to have 2 AV products installed at a time. Definitely one should be installed only as a second opinion scanner without real-time protection, HIPS and other potentially clashing protection modules disabled. Using 2 AVs at a time may not only result in system instability (freezes, crashes, etc.) but theoretically the AVs may cancel out each other, meaning that malware normally detected by one or both AVs will be able to run undetected by any of them.

That appears to be a known issue and is listed here: https://support.eset.com/kb5949/.

You can check exported configuration in client details -> Configuration. In this case, no "Export Managed Products Configuration" has been sent to the client:

Changelog for v6.6.2072.4: v6.6.2072.0 with the most current modules included.

Yes, we attempt to write this value whenever modules are reloaded.

We have found out that under certain circumstances the module may fail to write the WindowsCompatibilityLevel value to the registry. A new AS module addressing this potential issue is being prepared and will be released probably tomorrow. As a workaround you can create the value HKLM\SOFTWARE\ESET\ESET Security\CurrentVersion\Info\WindowsCompatibilityLevel and set it to 1 yourself in safe mode or wait until the new AS module is released.

By "refresh" you mean uninstalling and installing the latest Endpoint from scratch? Definitely this should not be needed. If you see Antistealth module 1124 among installed modules and the WindowsCompatibilityLevel is not created even after a computer restart, please create a Procmon boot log as per the instructions at https://support.eset.com/kb6308/. When done, compress it, upload the archive to a safe location (e.g. Dropbox, OneDrive, etc.) and drop me a message with a download link.

It looks like ESET is not installed, otherwise the key HKLM\SOFTWARE\ESET\ESET Security would exist.

Do you have AntiStealth module 1124 installed? If so, is HKLM\SOFTWARE\ESET\ESET Security\CurrentVersion\Info\WindowsCompatibilityLevel set to 1? It may take some time for Windows to re-check another patch compatibility value after this value has been set. I assume that a system restart could speed it up but I'm not sure 100%.

Yes, you can. What matters is the version number 6.6.2072. The latest version 6.6.2072.4 is important for new installations since it contains the latest modules to prevent BSOD if Meltdown patches are installed. Already installed versions should have all modules updated.