[HIPS Event in log files]

Do you have custom HIPS rules created? Do you have some processes excluded?

Please provide "C:\ProgramData\ESET\ESET Security\HipsRules.bin" as well as logs collected with ESET Log Collector.

[Mobile App for Android, WiFi Network exception]

ESET does not automatically disconnect from unsecured wi-fi. Security audit only notifies you and provides a link to open wi-fi settings where you can disconnect from the wi-fi and connect to another one, if needed.

[As soon as possible option of Scheduler]

The purpose of this forum is to share the knowledge among standard users, advanced users and ESET moderators. It is not meant to serve as a substitute of contacting customer care, especially if an issue is not obvious, easily reproducible, if diagnostic logs are required  and multiple iterations with support or developers are needed. Also this forum cannot track the progress of tricky issues and thus ensure timely response.

[NOD32 Antivirus and HDDs help]

Please temporarily lower the sleep time for disks to 5 minutes or even more so that logs are not too big. Then start logging with Procmon as per the FAQ on the right-hand side of this forum, reproduce the issue and then save the log. When done, compress it, upload it to a safe location and drop me a message with a download link.

[internat.exe is Keylogger Virus]

It can be anything from a benign system file, renamed calculator.exe to malware or whatever. The file name doesn't tell anything about the file. Please provide its hash or upload it to VirusTotal and provide a link to scan results.

[win32 agent tbv]

Most likely you have attempted to boot from an infected USB flash (assuming you don't use the old good floppy disks any more) if you had ESET installed and enabled.

In order to fix mbr, refer to existing 3rd party articles, e.g. https://pureinfotech.com/repair-master-boot-record-mbr-windows-10/.

[Import Offline License in NOD32 for Linux]

Since the current (legacy) version of Endpoint for Linux does not support the activation system, it does not connect to edf.eset.com whatsover.

If you use a proxy server for connecting to the Internet, configure it in the Endpoint's advanced setup (e.g. via a policy) and send a software activation task from ESMC. This will ensure that the legacy connector in agent will add your username and password in the Endpoint's setup and Endpoint will then be able to communicate through the proxy and authenticate against ESET's update servers with the username and password.

If you plan to update from a mirror, simply set the path to the mirror in a policy. If updating via http, no username/password for authentication will be needed. Otherwise if you update from a remote share, you will need to specify also a username and password for authentication against the machine that creates the mirror.

[NOD32 Antivirus and HDDs help]

Do you have ESET installed on the SSD? Do the disks start spinning up right after double clicking the ESET icon in the tray?

[NOD32 can't resolve IP address]

Quote

According to the below, only IP addresses are allowed for a proxy server:

I don't think this is true. The help says "address", not "IP address" and I didn't find it mentioned anywhere that entering a hostname instead of an IP address shouldn't work.

[ESET keeps stealing focus from Firefox]

1 hour ago, kittenofd00m said:

I am having the same issue.

I can only repeat what I have already stated: The issue has been already fixed in v12.2 beta.

[As soon as possible option of Scheduler]

Please create a support ticket since this is something that cannot be solved here in the forum.

[NOD32 can't resolve IP address]

Are you positive that nslookup can resolve the hostname but if entered correctly in the EAV advanced setup -> tools -> proxy server neither updates nor LiveGrid checks work ?

[EFS HIPS Question]

It's nothing unusual, I have several similar records as well:

Time;Application;Operation;Target;Action;Rule;Additional information
5/28/2019 4:38:13 PM;C:\Windows\System32\svchost.exe;Get access to another application;C:\Windows\System32\winlogon.exe;blocked;Self-Defense: Do not allow modification of system processes;Modify state of another application

So unless you are experiencing issues caused by SD, consider it normal.

[Import Offline License in NOD32 for Linux]

The product will work without activation because it doesn't support it. A brand new version of Endpoint for Linux with the activation system will be available probably next year.

If you plan to update the computer from a mirror, just set the path to the mirror through a policy. If the client will access it through a network share, also the username and password for authentication to the mirror folder will be needed which is not needed if the mirror is accessible via http.

If the machine has Internet connection and you plan to update it from ESET's update servers, just send a software install task to the client and the agent will add a username/password for authentication against ESET's update servers in the configuration.

[ESET Dynamic Threat Defense - change of servers' IP address]

For those who have a license for ESET Dynamic Threat Defense and connect through a firewall with the communication restricted to IP addresses, as of June 3 we are going to add a new server in the US which also brings a change of the IP addresses of EDTD servers as follows:

https://support.eset.com/kb332/#EDTD:

Hostname	IP address
r.edtd.eset.com	137.117.138.135     (Europe) 13.83.244.211     (USA)
d.edtd.eset.com	137.117.138.135    (Europe) 13.83.244.211     (USA)

The nearest server for communication will be picked based on your IP address. We recommend allowing communication with both IP addresses.

[ESET Endpoint Protection 7.1.2045.5 - No Activation]

Good to hear that you've nailed it down. Please do not hide a topic when an issue has been resolved since other users may come across it as well and search for an answer here.

[Import Offline License in NOD32 for Linux]

The current version of Endpoint for Linux does not support activation yet. If you want to update it from a mirror, you just enter the path to it in the update setup and that's it. In case the machine has visibility to the ESMC server, you can manage it and change settings via a policy.

[ESET Endpoint Protection 7.1.2045.5 - No Activation]

What happens if you enter the license key in the activation window under Help and support -> Change license?

[EFS HIPS Question]

It is. If it is causing an issue to your system, we'd like you to elaborate more on it so that we can further investigate it.

[EFS HIPS Question]

No, it shouldn't. We protect our services and no other process should be allowed to tamper with them in any way.

Please disable logging of all blocked operations since besides bigger logs debug logging has also adverse effect on performance.

[EFS HIPS Question]

If you are having an issue with Self-defense, please elaborate more on it. Otherwise disable logging of blocked operations in the advanced HIPS setup which should only be enabled while troubleshooting HIPS-related issues.

[geofencing zones don't alert me when child enters or leaves a zone]

Please create a support ticket via the internal form so that logs from Parental Control are submitted to ESET for perusal.

[Cannot install Parental Controls on Chromebook?]

There are currently no such plans.

[Cannot install Parental Controls on Chromebook?]

Chrome OS is not supported. Parental Control can only be installed on Android. It's also part of ESET Internet Security and ESET Smart Security Premium for Windows.

[Easy Protection !!!!]

It's enabled by default in HIPS setup: