Marcos

I'm not sure if this can be accomplished programmatically. I'd tend to believe it's the OS that should detect active processes and prevent the computer from entering sleep mode.

Startup scan should clean automatically as it's usually run when gui is not started yet. If you had malware, startup scan would only block it but the malware would remain on the disk and you might not know about it. ESET is known for having virtually no false positives due to various techniques that we leverage and even cleaned files are quarantined so they can be restored at any time, if needed.

Please elaborate more on what you mean. Cleaning level can be set for particular protection modules and on-demand scanner profiles separately. If set to "No cleaning", you will be prompted for an action upon detection. This is not recommended as gui may not be running when a threat is detected. Perhaps details about detections from the Detected threats logs would shed more light.

He meant that Microsoft stopped supporting Windows XP quite long ago. Without security patches, Windows XP will remain vulnerable to attacks no matter what security software you'll install.

Update files were modified on the way between ESET's servers and your computer. It could be that your ISP is using a proxy which has modified the update files. Obviously modified update files cannot be used for update and the update fails then. Please provide a Wireshak log (without any filters).

Please provide me with the file "C:\ProgramData\ESET\ESET NOD32 Antivirus\lastPolicy.dat" from that computer. Also make sure that the policy enabling HIPS has the force flag set to ensure that the setting is not overridden by another policy.

There are still many users, even corporate ones, who are running old unsupported and vulnerable systems. Installing any security software on them does not substitute the need for upgrade to a modern and fully supported OS for which regular security updates are released. As for the issue, I'd try uninstalling EES and installing it from scratch so that it's re-registered to WSC.

If I understand it correctly, you had HIPS enabled in Endpoint v5 but it was disabled automatically after upgrading to Endpoint v6? Do you see a padlock next to this setting? If so, HIPS was disabled by a policy.

HIPS must be enabled as it's one of the 2 most important protection modules. What was the reason for disabling it? Disabling it has substantial adverse effect on protection and I'd say it's similar to disabling real-time protection. When we add ransomware protection to Endpoint, it won't work either with HIPS disabled. It's also important for proper reporting of suspicious events to ESET Enterprise Inspector (not yet available).

Does temporarily disabling only real-time protection help? Or it's web access protection that needs to be disabled for the issue to go away?

You have HIPS disabled. As a result, Self-defense, Advanced memory scanner and Exploit Blocker don't work either. Please re-enable it for maximum protection:

SSL certificates can be obtained by anybody. I'd say there are still many users who don't even check the padlock icon in the address bar for https connections and even less those who check which CA actually issued the certificate. A green padlock does not automatically indicate 100% trustworthiness as it's easy to obtain a certificate for anybody these days (let's mention just "Let's encrypt" CA issuing certificates used by many scam websites). On the other hand, EV certificates can be generally trusted; they are mainly issued for bank institutions and it's not that easy to obtain one.

Could you please post a screen shot of the address bar and certificate details?

By the way, does switching to pre-release updates in the advanced update setup make a difference?

All products contain all detections with the exception of products for mobile phones and tablets.

Because we likely do more than other AVs. We can also block https communication even with SSL/TLS filtering disabled which is the reason for that behavior. However, a notification bubble should pop up anyways. We could do it differently so that a message is shown in the browser even for https websites but this would deteriorate protection capabilities for users who don't have SSL/TLS filtering enabled.

I assume that removing the device at my.eset.com and renaming the device (removing the number) upon activating Anti-Theft should work.

I can't comprehend any real-world scenario except the case when you lend a mobile phone to a child only for 1-2 days a week. Could you please elaborate more on this?

Tap the padlock, enter PIN and select "Customer Care" in the menu.

What version of Chrome do you use? Please check the About information and make sure that you have the Update module 1062 and Protection control module 1131 installed. Does the problem occurs with these modules as well? Do you have Accessibility permissions enabled for Parental Control in the device setup?

According to http://support.eset.com/kb3592/, expected EOL for Endpoint v5 is Dec 2018.

Yes, the module is now available for all v10 users on regular update servers. However, I would keep pre-release updates enabled at least for the next 2-3 weeks, otherwise you'll need to boot to Safe mode and delete "c:\program Files\ESET\ESET Smart Security\Modules\em008k_64". Due to a possible bug in updater, this new module is not removed automatically while switching to regular updates and you would end up with mutually incompatible modules then. Within 2-3 weeks we plan to put a compatible em008k_64 module on regular update servers.

That is expected behavior as the connection with https websites is terminated during the handshake. Do you have SSL/TLS filtering enabled?

EEI does not currently require installation on a Windows server. It's enough to install MySQL on Windows 7 or newer and it should work alright. Maybe it would be an acceptable solution for you, at least for testing purposes.

If a website doesn't use an EV certificate (those are excluded by default), try the following: - disable SSL/TLS filtering - restart the computer - without launching any application, re-enable SSL/TLS filtering - launch Firefox and check if the issue is resolved.