Marcos

I've checked permissions and you should be able to edit your content as well as tags. Are you still having problems with it?

What features are you missing in ECS / ECSP for Mac?

Other firewall vendors may not disable Windows firewall completely or they would not pass Microsoft's tests. Also IPSec would not work either.

That's not possible, most likely because firewall rules don't support a severity property.

It's not detected as a virus. The domain was blocked due to exploits that were detected on it. Next time please report such possibly incorrect blocks to samples[at]eset.com.

I've checked the recent websites in the list and didn't find any reason to block any of them. If you come across undetected malware or domain/url that serves actual malware, report it to samples[at]eset.com. We cannot blindly block everything that appears on various lists published on the web without a good reason. ESET's web access protection is actually very strong. We pay attention to what is blocked to avoid false positives.

What does C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html read on those clients? Are there any errors reported? Also check last-error.html.

It's not a general problem and for almost all other users it works. What happens if you attempt to launch it by clicking the icon on your desktop? Also you wrote that v10 is full of bugs. Please list all issues that you are having with v10.

I'd suggest uninstalling ESET and using the ESET Uninstall tool to make sure there are no leftovers on the disk or in the registry. If the installation fails again, just collect logs with ESET Log Collector, upload the output zip file to a safe location and pm me a download link.

If you have paid for a license, you should have received an email with registration details, including your license key, to you registration email address. If you cannot find it in the spam folder, contact the seller from whom you purchased the license.

There should be a short grace period during which ESET will continue to update. In the event of update problems, the user could activate a trial version for the next few days.

This was an issue with the Configuration engine module. What version of the module do you have? See the About window with information about installed modules.

I saw this error when attempting to install EFSW on a non-genuine Windows Server system, ie. it was a different OS made to appear as a server OS.

In home v10 we have a mechanism for detection of Internet connectivity so that update does not start before ESET has connectivity to the update servers. Not sure if this will be implemented in Endpoint v6.5 or in v7 next year but I'll try to find out and let you know.

I scanned your sample with ESET NOD32 Antivirus 4.0 BE for Linux with the signature database 14611 and the file wasn't detected. My assumption is that you provided me with a newer variant with the same file name that was first covered with the signature db 14612 but on Linux you scanned the older variant detected by 14611. We can verify it after providing a hash of the files you've scanned.

It seems that you've scanned different variants of the malware (Win32/Filecoder.MaktubLocker) with the same file name and you uploaded a newer variant to VT while you scanned an older one detected as Win32/GenKryptik.ODA on the Linux system. In the mean time, a detection was added and it's now detected as well: https://www.virustotal.com/en/file/22138bc6dca174bc223b641ca4a79e8472c4a1a5db55c093fd9e2b1c9a1aa59b/analysis/1481834110/ Baidu Win32.Trojan.WisdomEyes.16070401.9500.9990 20161207 CrowdStrike Falcon (ML) malicious_confidence_69% (W) 20161024 ESET-NOD32 Win32/Filecoder.MaktubLocker.B 20161215 Invincea generic.a 20161202 Qihoo-360 HEUR/QVM10.1.0000.Malware.Gen 20161215 It'd be good to note a hash of the file you scan (ideally name it by the hash) to make sure a comparison with other scans or files is correct.

Please provide a link to VirusTotal with scan results and also email the file in an archive protected with the password "infected" to samples@eset.com. I don't have access to the German ticketing system so there's no way for me to check it out quickly.

You wrote that ESET detected the malware on your Linux system but not on VirusTotal. Well, we are not responsible for VirusTotal. VirusTotal, a subsiadiary of Google and formerly operated by HispaSec is in no way related to ESET except that they use our scanner and scan files with their own settings. Also it's not clear if you uploaded infected file as it might have been an Office document with the macro already cleaned. Although some scanners may detect it, we don't as it's innocuous in such form. Please provide a link with VT scan results so that we can investigate what happened.

"Server not found" is most likely reported because Internet connection is not established at the time ESET attempts to update. Hence I suggested to wait 2 hours (because of the default 60-min. interval) to confirm that ESET eventually updates. When using an HTTP proxy, it could happen that another machine has already downloaded particular update files and the proxy server will serve them from its cache.

In the advanced update setup there's a setting not to display notifications about successful updates. By default it's enabled, ie. no notifications about updates are shown.

Your license entitles you to download any version of the product that you have purchased. With an ESS license, you can download ESET NOD32 Antivirus, ESET Smart Security (even v10) and ESET Internet Security (EIS). Although ESS is not sold in most countries any more (it was replaced by EIS and ESS Premium), current users are entitled to download and use it if they don't want to move to EIS which does not have Anti-Theft.

If you update from ESET's servers (e.g. via an HTTP Proxy which is recommended to save the traffic), I'd leave the default update tasks untouched. The regular update task triggers update every 60 minutes. By failing a definition database (engine) update do you mean that an error is logged in the ESET event log? If you leave the computer running for at least 2 hours, doesn't the database update automatically during this period?

Have you tried running the Firewall troubleshooting wizard (Main gui -> Setup -> Network) to get a list of recently blocked communications with an option to permit the desired ones with a few clicks?

You could use a SysRescue CD or USB to scan all your hardrives and other media offline.

If you have v10 installed and the issue also occurs with pre-release updates selected, I'd recommend to carry on as follows: - enable generation of advanced protocol filtering logs in the Diagnostics setup - reproduce the issue - disable logging - collect logs with ESET Log Collector - contact Customer care + pm me a download link to the logs.