Marcos

What browser / version / platform (32/64 bit) do you use?

The "Failed to rename file" error is being investigated. Does switching to pre-release updates in the advanced update setup resolve the issue at least temporarily?

Please provide more details as I have no clue what kind of logon you mean.

You should see the app name in the Filtered websites log. I assume it could be a browser extension which probably checks for update. The url doesn't seem to work, however.

Please contact samples[at]eset.com and provide: - examples of encrypted Office documents - payment info - ELC logs

The detection is correct. Potentially unsafe applications cover legitimate tools that can be misused in the wrong hands. They also include key finders. Detection of potentially unsafe applications is disabled by default. If you want to intentionally use a particular pot. unsafe app., you can exclude it from detection.

HIPS remains active until a computer restart on purpose.

If a threat or PUA has been cleaned, it's not reported with critical severity unless cleaning failed. Try searching for "win32", "win64" or "application" which could help you locate the appropriate detection records in the log.

This error is currently being investigated. We'll keep you posted.

There was a problem signing update files. It's been resolved and my Endpoint has just updated.

Please drop me and @metaller a pm with your email address for my.eset.com as well as the name of the device.

To put it right, EFSW 6.5 does not create a mirror for Endpoint v6.6 which uses a new format of update files. However, Endpoint 6.6 as well as all future server products will create a mirror compatible with both older and newer versions which also means that the amount of downloaded files with each update will approximately double. This is also a reason why we recommend using an http proxy for caching update files instead of using a mirror.

If you didn't use the all-in-one installer, try it or use a virtual appliance which is the least hassle-free way to use ERA.

ERA v7 is preliminary planned for release towards the end of the year. However. at this point we cannot 100% confirm that the issue will be addressed in the first v7 release.

It seems you have a general problem with your system and the issue is not related to ESET. Since rebuilding the WMI repository didn't help, I'm afraid there won't be other solution that reinstalling the OS.

Anyone having issues with web access and email protection, download and install the latest not yet released version 10.1.230 from https://www.dropbox.com/sh/4tsiifvxzviym8z/AAB4VjY71XE9pzq6woz7Ch1ua?dl=0.

Please post a complete record of the detection (ie. the whole line) from the Detected threats log in Endpoint. As for HIPS, we do not recommend disabling it as doing so would also disable other crucial protection features, such as Advanced memory scanner, Exploit blocker and Self-defense. A computer restart is needed for HIPS to get disabled.

Please let Procmon log operations for about 1-2 minutes when the issue occurs. Then compress it, upload it to a safe location and pm me a download link. Also ELC logs could help so you could collect them and upload the generated zip file as well.

Endpoint 6.6 creates a mirror for both older products and Endpoint 6.6+ as well as all future v7+ server products. Mirror creation should work this way in future products, including EFSW v7, etc. We recommend using http proxy as using mirror will double the amount of data downloaded with each update.

The detection is from 2012. Please run ELC, also select "Quarantined files" and generate a zip archive. When done, upload it to a safe location and pm me a download link.

Could you try uninstalling ESET and installing it from scratch with default settings? Enabling diagnostic logging could have adverse effect both on performance and disk usage. Should the problem persist, create a log with Process monitor when the issue occurs, compress it, upload it along ELC logs to a safe location and pm me download links. Also try to narrow it down to a particular protection feature or setting disabling which resolves the issue. Start with disabling real-time time protection. Also check if disabling automatic gamer mode activation when an application running in full screen mode is detected makes a difference.

Yes, it's highly unlikely to be caused by ESET, especially since the issue persists after uninstalling ESET. If you can afford installing Windows from scratch, I'd gradually install drivers and MS Office. Then I'd create a restore point and install ESET.

Tests are tests and reality is often different. There's nothing like 100% threat detection that you see in tests which are always performed on a very limited set of samples out of which ESET users have never encountered. Besides the score and numbers, you should also be familiar with the methodology and understand how tests were performed and how they are relevant to everyday use. E.g. measuring the time of installation of a particular software; even if it takes a few seconds longer with an AV but all subsequent scans are extremely quick, who cares. Also ESET scans installation packages of popular apps thoroughly while some other vendors skip a lot of files inside. Here you trade off performance for security, although the chance of infection in popular software installers should be low.

Rogue Detection Sensor is the only ESET application for business users that asks to install WinPcap to detect rogue computers in a network.

Please provide a video demonstrating the issue. I don't think such behavior could be cause by AV, hence I would suggest temporarily uninstalling ESET. I assume that it won't make any difference.