Marcos

Appliance uses iptables firewall and its configuration is loaded from file /root/firewall.sh. Use text editor from root console to edit this file, i.e.: nano /root/firewall.sh and add this line: iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT just before firewall-port.sh is called. After changes are saved, either run script /root/firewall.sh or restart whole system.

Then it's most likely a different issue. Please provide a screen shot of the error that you're getting.

1, The "Run command" client task is executed by ERA Agent which runs in the local system account and therefore does not have rights to access network drives. 2, In order to get a list of all installed applications, create or edit Agent's policy and in advanced settings enable "Report non-ESET-installed applications". Once applied on clients, agent will get a list of installed applications and report them to ERAS the next time it connects to it.

Disabling Fast startup is not necessary if you restart the computer instead of shutting it down. Could you confirm the problem persists after a computer restart? If not, does temporarily disabling self-defense and restarting the computer makes a difference?

Uninstalling ESET should not affect bookmarks in the non-secure version of your browser. Didn't you create bookmarks in the secure browser?

Once agent is installed on clients, you can apply a policy that will disable password protection on clients.

Does the problem persist after a computer restart? Note that shutting down the computer and turning it on may not suffice on Windows 8.x and newer systems if Fast startup is enabled.

1, There are no special criteria for running a "Run command" task. 2, Yes, a computer must have agent installed and it must report to ERAS. 3, Install agent on the computer. 4, You can either deploy Live agent installer via group policy, directly from ERAS or by any other means or you can use the ERA Remote Deployment tool to install a package using a built-in deployment method or psexec:

Could you please post a screen shot of the notice? It doesn't seem to come from ESET.

There's no auto renew functionality in the program. When your license is due for renewal, you will get a notification but a renewal must be purchased manually, e.g. by clicking a link in the notification and following the instructions on the particular website.

Smart mode is a kind of interactive mode in which HIPS asks you only about actually suspicious operations instead of all. It has but it's only supported by Windows 8.1 and newer. Also it requires self-defense to be enabled. It has but AMSI is supported only by Windows 10.

In-depth scan also scans archives and does not use smart optimization to ensure that even whitelisted files are scanned. Therefore it's slower than Smart scan.

How do you know that those websites were not hacked and are not serving malware? Please post some links but obfuscate them so that they are non-clickable. Web access protection is crucial for protecting your system from Internet-borne threats and should never be disabled as long as a computer is connected to the Internet.

Have you tried restarting your computer? If it doesn't resolve the issue, try repairing ESET. For more information, see http://support.eset.com/alert6383/.

I'd start off with uninstalling EAV v8 and installing v10 from scratch. Let us know if it resolves the issue.

An activation task wouldn't attempt to download install packages. Didn't you create a software install task with a custom repository? At least com.eset.apps.business.eei.agent hasn't been released yet. Also I would strongly recommend upgrading Endpoint v5 to the latest v6.5 which provides better protection besides other improvements and fixes.

Please collect logs with ESET Log Collector as per the KB in my signature and send me the generated archive via a pm. If too big to attach, upload it to a safe location and pm me a download link. Also posting a screen shot of the Protection status window from the client could shed more light.

If you have upgraded from v9 to v10, try uninstalling v10 and install it from scratch.

That is correct. Those commands can only be used with the "Run command" client task from ERA for security reasons. Ecmd supports only pausing protection features, it cannot permanently disable them. HIPS cannot be paused but can only be permanently disabled (not recommended as you'd lose proactive protection against majority of new malware).

It's possible to use HIPS only to block execution of files specified by a full path. Blocking by hashes will be available through ESET Enterprise Inspector which is planned to be unveiled towards the end of this year at earliest.

What version of the signature database do you have installed? Do you use the latest v10? If so, did you upgrade from v9? Does uninstalling v10 and installing it from scratch make a difference?

If manually running update doesn't resolve the issue, continue as follows: - enable advanced updater engine logging in the advanced setup -> Tools -> Diagnostics - run manual update - disable logging - collect logs with ESET Log Collector (see the link in my signature for instructions) - drop me a pm with the logs attached or upload them to a safe location and pm me with a download link.

See http://support.eset.com/kb6374/: " This is only informative message. If you see this warning often, consider adding more resources to the MDM host device." Does the error occur continually or frequently?

What does C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html read? Is there any issue listed?

Please provide instructions how to reproduce the issue on our part. Does temporarily disabling Advanced memory scanner make a difference?