Marcos

You must have an older v6.6 installed (6.6.0.0 – 6.6.2063 are affected) so upgrade to v7 will surely fix it and the notice will go away then.

If restoring ehdrv.sys in C:\Windows\System32\drivers after booting from another medium doesn't make any difference, then the cause of BSOD must be different. If you a memory dump was created during a crash (typically in c:\windows\memory.dmp), copy it, upload it to a safe location and drop me a message with a download link.

Please make sure that you have Translation support module v1746 installed and used by ESMC. It was released 2 days ago.

Check the reason why the emails are evaluated as spam. If it's because of an IP address or host being on a cloud blacklist, you can report it to ESET as a possible FP. Before releasing such email from quarantine, you'll need to add the address to the appropriate allowed address list.

Please provide a Procmon log from a failed update attempt as per https://support.eset.com/kb6308. In particular, start logging with Procmon, run update and after it has failed, stop logging. Then save the log, compress it and provide it to me for perusal.

It sounds like a scam website that opened. If it opens when you enter www.google.com in the address bar, then your computer is either infected (e.g. hosts file was modified) or your router was hacked. There's also a chance that your ISP became a victim of a DNS spoofing attack but that's rather unlikely. You can try using a different browser, setting Google DNS servers 8.8.8.8 and 8.8.4.4, resetting your router to factory settings, etc. If it's possible to copy the address, please copy and paste it here, however, make sure that the address is non-clickable. Or at least post a screen shot of it with the address included in the screen shot.

It sounds like ehdrv.sys was removed from the disk but was not unregistered properly from the registry. Since booting in safe mode is not possible, I'd recommend: - creating a bootable medium (e.g. ESET SysRescue) on another machine and booting the OS from it - copying C:\Windows\System32\drivers\ehdrv.sys from another machine to that folder on your machine If you want, I can upload the driver for you somewhere. Just let me know if you have a 32 or 64-bit OS and what version of ESET you have installed.

Since this is an English forum, we kindly ask you to post in English (use a machine translator if necessary). Regarding issues on mobile phones, the best course of action is to create a support ticket using the in-product form which will ensure that logs from the program and device necessary for troubleshooting will be submitted to customer care.

EEI shows the notification for 24 hours since the outage while security products don't continue to display it once the connection has been restored.

In the system settings -> Battery -> Launch, make sure that Parental Control has Auto-launch, Secondary launch and Run in background enabled:

We have also created a KB article about that: https://support.eset.com/kb7309/.

Unfortunately you didn't mention what brand and model of the phone you use. For instance, on Xiaomi it's necessary to set no restrictions in the battery saver section of the Parental Control app setup:

I don't think so. If there's application control added one day, I think you will be able to block execution of particular applications or prevent them from accessing the Internet regardless of the location of the application. However, it's too early to talk about application control at this point.

Please carry on as follows (run all commands as an administrator): - temporarily disable self-defense and reboot the machine - enable heap tracing for ekrn by running wpr -HeapTracingConfig ekrn.exe enable - reboot the machine - run wpr -HeapTracingConfig ekrn.exe and make sure Heap tracing is enabled for process ekrn.exe is displayed - start tracing by running wpr -start Heap -filemode - reproduce the issue (ekrn memory usage should be above 200-300 MB) - stop tracing by running wpr -stop heap_trace.etl - re-enable Self-defense and reboot the machine - compress heap_trace.etl, upload it to a safe location and drop me a personal message with a download link.

Please open a support ticket and provide step-by-step instructions how to reproduce it. This forum is primarily intended for sharing the knowledge between users, advanced users and moderators. If we're able to reproduce a particular issue reported, we'll do it, however, in this case it's not easily reproducible. Therefore the best course of action would be creating a support ticket which can be tracked and eventually looked at by developers if reproduced successfully.

One more thing, couldn't it be that you have communication with trusted domains excluded? The setting is enabled by default:

Since this is an English forum, we kindly ask you to post in English (use a machine translator if necessary). To resolve the issue, please run the wizard https://support.eset.com/unlockems/ and follow the on-screen instructions.

On offline computers you can keep LiveGrid enabled but disable the application status "ESET LiveGrid is not accessible". This can be accomplished via policies as well:

Not on machines that are completely offline. If a machine can access ESET's servers via HTTP Proxy, then LiveGrid will work.

Correct. Such machines can reach ESET's servers and thus are not considered offline. An offline license is intended for activating machines that are completely offline, e.g. computers on ships.

First of all, since you work for our distributor you should turn to ESET HQ tech support which is your 1st support line. You'll need to narrow it down to the particular protection feature or setting that makes the error go away if disabled. That said, you should start with pausing protection / real-time protection, disabling protocol filtering, HIPS (requires a reboot), etc.

It is not possible to migrate from MS SQL to MySQL used by the virtual appliance. However, if you don't mind losing data in the current db, you can deploy VA and then re-deploy agent on clients so that they start reporting to the new ESMC server. Note: if more than 5000 clients were to connect to the ESMC server, we don't recommend using VA and MySQL db.

Select the one that hasn't connected for a longer time:

It is not recommended. First, the scan is very quick and should be unnoticeable. Second, it scans areas, such as UEFI and WMI so disabling startup scan tasks would leave them not scanned.