Marcos

Looks like a WMI issue given that even WSC queries failed. Try re-building the WMI repository from scratch.

2 days ago ESET update servers where temporarily under a heavy load due to a bigger Advanced heuristic module that was released. As a result, the download speed was slower than usual. The load was gone after a few hours.

It is a known issue in EPv6.6. It is also listed in the KB with known issues at http://support.eset.com/kb5949. As for EPv6.5, the issue is currently being looked at.

Please post the appropriate records (the whole line) from the Filtered websites log.

ESET does not open files for write unless cleaning is attempted. If the file was actually detected, provide a complete record (the whole line) from the Detected threats or on-demand scanner log.

See https://forum.eset.com/topic/13073-jsmindsparke/. Try removing the browser extension which is causing the detection. To prevent duplicate topics, we'll draw this one to a close.

Endpoint v6.6 has already been released recently.

Please be more specific as to what you mean by blocking access. Is ESET alerting you with a red alert or how exactly does the issue manifests?

Please carry on as follows: - enable advanced update engine logging in the advanced setup -> tools-> diagnostics - manually run update - disable logging Post the updater*.etl log from the Diagnostic folder. Did you upgrade from v9 to v10?

Please enable advanced update engine logging and advanced firewall logging in the update setup -> tools -> diagnostics and manually run update. Then disable logging, collect logs with ELC, upload the generated zip file to a safe location and pm me a download link.

The detection is correct. Remove the browser extension which is causing the detection. I'd also recommend upgrading to the latest EEA v6.6. The one you use is Endpoint v5 which doesn't provide as good protection as the latest v6.6. Since this topic is already discussed at https://forum.eset.com/topic/13073-jsmindsparke/, we'll draw this one to a close.

That's correct. Please enable advanced update engine logging in the advanced setup -> tools -> diagnostics. Then run manual update, disable logging and post the updater*.etl log from Diagnostics folder.

Today we've released an update of the Advanced heuristic module which is bigger than usual and thus may cause load on update servers (e.g. when there's morning in the USA and many users try to attempt at the same time). The situation should get better relatively quickly.

For a list of parameters and switches, run "ecls.exe --help". To disable scanning of archives, use "/no-arch /no-sfx". To enable standard cleaning, use "/clean-mode=standard".

We will announce it in this ERA forum when available.

It could be caused by automatic activation of gamer mode. Try disabling the option to activate gamer mode automatically if an application running in full screen mode is detected. Alternatively you can disable notifications about gamer mode activation in the advanced setup -> tools -> user interface -> application statuses.

It should be enough to uninstall it the standard way. Should the problem persist, then resort to using the Unistall tool in safe mode.

Please contact Octagon, your local reseller, to answer your questions, especially 1 and 3. As for question 2, you can upgrade to ESS Premium which also contains Disk encryption and Password manager. If you purchase an upgrade to ESSP, uninstall EIS, install ESSP and activate it using the ESSP license key that you'll receive. In the future, it should be possible just to enter your license key and choose the product that you want.

There must be a network connection problem either between ESET update servers and the VA or between the VA and Endpoint. Does direct update from ESET servers always work alright?

If it message continues to appear, enable advanced firewall logging in the advanced setup -> tools -> diagnostics, wait until a duplicate IP address is detected, then disable logging and provide me with the pcap file created in the Diagnostics folder.

Haven't checked it yet but if there's a raw script malware on the website, it's likely to be detected. Instead of posting a raw code, it's better to use images and possibly make the code downloadable via a link for instance (the files should be in a password protected archive).

Please enable advanced personal firewall logging in the advanced setup -> tools -> diagnostics, restart the computer and then collect logs with ELC. When done, upload the generated zip archive to a safe location and pm me a download link. If you update from ESET's servers, you can also try upgrading to the latest Endpoint v6.6.

First of all, you have enabled logging of blocked operations in the advanced HIPS setup. This is intended only for diagnostic purposes when troubleshooting issues with HIPS, otherwise the setting should be kept disabled. Enabling it will not only have adverse effect on performance due to extensive logging but it may also generate unnecessarily huge HIPS logs.

In our products we use only the term "license key" so I assume it's same, just a different name.

It could be that permissions to the ESS folder were changed. Make sure that the Administrators group and system account have full permissions granted. If that doesn't help, you can try removing ESET in safe mode as per http://support.eset.sk/kb2289/ and installing the latest version from scratch.