Marcos

Today v12.1.31 has been released but since it's a staggered release, not all users will receive it immediately. It may take some time until the product updates to the latest version automatically. A release announcement will be posted later today after an official release.

You can disable the appropriate application status in the advanced setup -> user interface. You understand that you will take all responsibility for the security of your system since ESET won't be able to 100% protect you from Internet-borne threats, phishing, etc. By disabling Web access protection you won't gain any benefit but lose one of the most important protection layers. Even if one was very cautious and restrictive in what he or does on a machine (e.g. visits websites only with javascript disabled, checks every https certificate on visited websites, uses policies to prevent script interpreters from running, disables USB ports to prevent devices carrying data from attaching, etc.), I wouldn't recommend disabling a single protection layer.

It is actually a very bad idea to disable Web access protection. I would understand that if a computer was not connected to the Internet at all, however, even in such case you wouldn't gain any benefits from disabling the protection. You wrote that you have firewall rules created but how a firewall could protect you from malware injected in a legitimate site for instance? Firewall is just one protection layer but then there are many others that are there to protect you if an attacker or malware gets through other protection layers. Moreover, you have ESET NOD32 Antivirus installed which doesn't include firewall and network protection (includes also Botnet protection) that can protect the machine from exploits in network protocols. If you had an unpatched machine, you would be protected only with ESET Internet Security and ESET Smart Security Premium against the infamous WannaCry for instance. A firewall might not help if there was a compromised machine in the trusted zone.

You could try enabling pre-release updates since some optimizations have been made recently, however, we don't expect any big difference in this particular case. Please provide a new etl log generated as follows during issue replication: 1, Start logging to an etl log by running "wpr -start GeneralProfile -start Minifilter -filemode". 2,. Reproduce the issue. 3. Stop logging and compress the generated log. Upload it to a safe location and provide me with a download link.

Please post a screen shot for clarification since I'm not 100% sure what you mean.

Agent is protected by SD so I assume there's a good chance that temporarily disabling it will help.

Most likely detection of potentially unsafe applications is not enabled on the machines where it's not detected. For more information about UEFI detections, please read https://support.eset.com/kb6567/.

As a last resort you could temporlarily disable Self-defense and reboot the system in case it was SD blocking the upgrade process for whatever reason

If you didn't back up certificates and restore them after reinstalling ESMC, you'll need to re-deploy agent on clients with the current CA and peer certificates.

It's actually even less clear now because the firewall doesn't have any such option as whitelisting executables.

ESET Internet Security replaced ESET Smart Security some time ago. It's actually the same product, just the name was changed. With this change we introduced ESET Smart Security Premium which is actually ESET Internet Security with Password Manager and Disk Encryption features.

Please clarify what exactly you mean by "browser automation tests".

I've asked a guy from ESET DE about your ticket. Allegedly it was about detecting malware at jaloucity.de. The website has been hacked recently and serving JS/Spy.Banker trojan. Since the website appears to have been cleaned in the mean time, we've removed it from the PUA blacklist.

A nice screen shot from the prehistoric era Please uninstall ESS v4 and install ESET Internet Security v12 from scratch.

Please provide the dump for analysis so that we can determine the cause of the crash. Although it seems to have been caused by the firewall, there's a chance it was caused by stack exhaustion because of another driver.

Perhaps this behavior occurs because: - The client's OS starts - Everything is ok when ekrn starts so no problem with EDTD is reported to the ESMC server - It takes 2 minutes until EDTD connection is checked. A problem is reported to ESMC the next time agent connects to the ESMC server.

Please reproduce it.Beforehand, enable advanced operating system logging in the advanced setup -> tools -> diagnostics and start logging with Procmon as well. After the cpu utilization drops down after cleaning, stop logging. Then gather logs with ESET Log Collector and together with a compressed Procmon log provide it to us for perusal.

Dana web stranka nie je na blackliste a ani po jej otvoreni v prehliadaci sa nedetegoval malware. Poslite, prosim, snimku obrazovky s varovanim od ESETu, ked sa Vam stranka blokuje. PS: Nakolko ste na nasom slovenskom fore, mozete komunikovat po slovensky.

Dobry den, O aku webovu stranku sa jedna? Je pristup na stranku zablokovany, alebo na nej ESET deteguje malware? Aky je nazov detekcie? Ste vlastnikom daneho webu?

I'd suggest raising a support ticket for your local customer care that should provide you with a logging version of the Outlook plug-in. Based on the logs we should be able to confirm that the issue should be solved by the new plug-in and possibly suggest a workaround too.

I'd better check ELC logs since the warning from the ESMC console doesn't ring a bell. For instructions how to gather ELC logs, please refer to http://support.eset.com/kb3466/.

I was unable to briefly find a related bug or other reports of issues with duplicate emails. Does disabling checking upon inbox content change or scanning of read email make a difference? It is possible that it's a design issue and a new Outlook plug-in that is due to be ready in H2/2019 will ultimately solve the issue.

Currently there's no easy way to accomplish that. Parental control can also block specific urls so you don't need to know the exact category in order to block it. In order to determine the category a website falls into, I recall it's logged if you temporarily enable diagnostic logging verbosity in the advanced setup and access the website. Remember to change the logging verbosity back to informative to prevent huge logs from being generated.

If there are any publicly available changes, they are enclosed in the announcement post.

Let's start off by gathering logs with ESET Log Collector. It could be that ekrn.exe and egui.exe processes are running but the gui is not showing up for some reason. You can also check if the eicar test file is detected / blocked.