Marcos

In automatic mode, all non-initiated inbound traffic is blocked. RDP is allowed in trusted zone by default. There's a possibility to configure the firewall to honor existing Windows firewall zones and allowing rules so if you had Windows firewall configured to allow RDP from particular IP addresses, it should work fine then. Also you can add a new network, set it as home/office network and also set the desired network parameters for identification. Such network will be trusted and RDP allowed as mentioned above. Alternatively you can create individual a firewall rule with remote IP addresses and allowing the local RDP port and put the rule on the top to ensure that it will be applied as first.

The latest version is Endpoint 6.6. If you create a software install task and send it to a client, does it fail with the same error? Are you able to install it locally?

The problem was with the configuration of update servers. I'll need to check with the respective guys if this has already been addressed.

It's not possible to compare scan time between computers unless they have very same files on the disk and the settings are same as well. What could take long are large archives, such as iso files as each file in an archive needs to be unpacked and scanned. Try disabling scanning of archives to see how much faster the scan will be.

Learning mode is ok if you plan to review generated rules. Isn't automatic mode suitable to use on Endpoint on clients? I'm not speaking about computers in DMZ which would need to have the firewall configured strictly.

This is impossible as the signature was completely removed several days ago. Please provide ELC logs from the machine where it's still being detected.

What about removing remote port from the rule?

Do you use Edge as browser? Does disabling automatic activation of gamer mode if an application running in full screen mode is detected make a difference?

Banking and payment protection will be supported with Chrome v61 as of v10.1.231 which should be released soon.

Do you have any non-standard Outlook add-ins installed besides ESET? I'd suggest contacting Customer care that should provide you with a logging version of the add-in that would generate a log with diagnostic information.

Please refer to https://support.eset.com/kb3690 for information about components version belonging to a particular ERA release.

Correct.

Yes, ESET Smart Security has become ESET Internet Security which also contains Anti-Theft as of v11.

It won't take long until all other language versions of v11 are released.

If the files were really deleted and not encrypted, you could try using a data recovery tool. There are plenty of free tools available.

Never seen nor heard from users about such behavior. You could try contacting customer care but the chances we could do something about it are rather slim.

That's correct.

Currently you need to prepend the detection name with "@NAME=" in order for PUA exclusions by name to work.

Make sure that you have synchronization in Chrome disabled and run a full disk scan. Since there's another topic on this subject, we'll draw this topic to a close. Please continue at https://forum.eset.com/topic/13073-jsmindsparke/.

Please pm me and @metaller (ESET's developer) your registration email address to my.eset.com so that we can check your account.

Check also the version of the Translation support module. What type of update do you have selected in the Server setup? With "regular update", I have the following modules: Update module 1069 (20161122) Translation support module 1630 (20170922) Configuration module 1526.2 (20170811) SysInspector module 1269 (20170321) Regarding disabled Web access protection, if would like I could provide you with some very fresh phishing/scam/malicious links that would be blocked by ESET. You could try them on an isolated system to find out if your current solution would block them or not. Nevertheless, it's also important to take into account that ESET's protection modules are interconnected and information from the firewall or Web access protection could be used by other protection modules while evaluating the suspiciousness of an object.

Please continue the discussion in the existing topic here: https://forum.eset.com/topic/13244-addthis_widgetjs-alert-spam/ To prevent duplicate topics, we'll draw this one to a close.

ESET's products check for newer updates in 1-hour interval by default. We don't recommend changing the default update task. Also make sure that you don't use deferred / delayed updates which would make up for the delay in getting the detection removed.

That's correct. It should be a Filecoder detected by anti-ransomware protection.

What server and certificate is listed in the alert? Also click the certificate hyperlink and post a screen shot of the certificate details.