Marcos

First of all, the test doesn't provide information about detection and protection capabilities of an AV, it tests if your AV works. As for password protected archives, this is a useless test since no software can crack passwords in order to scan the archive internally. Files in password protected archives are scanned by real-time protection upon extraction.

We kindly remind you that this forum is not a channel for reporting possible false positives or disputing detections or blocks. The urls has been unblocked. Next time please follow the instructions at https://support.eset.com/kb141/.

Does temporarily disabling protocol filtering or firewall make a difference? If not, what about temporarily uninstalling ESET?

It is not possible. Application control feature is not implemented yet. You could use HIPS rules only to block execution from specific folders or execution of any application, including system ones.

1, Make sure that the file is ok, ie. not modified. 2, Start logging with Procmon. 3, Make sure that the file is still unmodified. 4, Wait until the file has been modified and only then stop logging.

Not cleaned yet:

It was hacked The detection is correct. However, the actual malicious code probably doesn't load on systems not protected by ESET because it's only the preconnect relation type where 2 malicious domains with @Trojan.JS/Agent.NYX were found.

Does switching to pre-release updates in the advanced update setup make a difference? What version of MS Exchange server is used on the mail server? Please check if temporarily disabling antispam protection or scanning received email make a difference. Also please carry on as follows: - in the advanced setup -> tools -> diagnostics, enable advanced network protection and advanced protocol filtering logging - reproduce the issue - stop logging - gather logs with ESET Log Collector (ELC) and post the generated archive here. Since this forum is not meant to substitute customer care (e.g. it doesn't enable us to track cases), I would also recommend raising a ticket for your local customer care and providing them with the output from ELC.

The detection is correct. adacor.js is infected and contains JS/Spy.Banker.DF trojan.

This has been already discussed earlier, please refer to https://forum.eset.com/topic/17977-eset-mobile-security-not-support-sms-call-filter-anti-theft-sms-command-due-to-google-policy/. There is also a link to ESET's KB with instructions how to get and install a fully functional web version of ESET Mobile Security. To prevent duplicate topics, we'll draw this one to a close.

Looks like a weird behavior of the router. For information about TCP SYN flood attack, you can read more here. Since it a trusted device, you can create an exception for the detection by clicking Change handling of this threat.

Please try to retrieve your license key via https://www.eset.com/int/support/lost-license/ or contact the seller from whom you purchased your license.

1, I assume you meant *.doc just as an example since document files often contain malicious macros nowadays and thus they should never be excluded from scanning. 2, As for the cleaning mode, I was not referring to your post but to the other complaint from another user. 3, As I wrote, neither vhd files nor the other formats you mentioned are scanned by real-time protection so basically you shouldn't need to exclude them. If there's a really good reason for excluding them, we would like to hear more details about the issues that occur when those files are not excluded.

You should not use the Agent deployment task which is intended for deploying agent if not installed yet. To upgrade existing agent to the latest version, use the client task "Security Management Center component upgrade" which you can assign to a dynamic group with outdated agent version, using the Joined dynamic group trigger .

Please raise a support ticket for your local customer care. I assume it could be that a policy is applied every few seconds or something like that so the issue will need to be investigated with the help from developers as well.

This FP existed only for a short time and was already fixed at the time you reported it. It takes a few minutes for the product to get current lists from LiveGrid, hence it took little time until the issue was resolved on your machine.

Please follow the instructions for submitting samples at https://support.eset.com/kb141. However, since it's a crack, generally I would not recommend running it regardless of what it does.

Regarding the transfer of your license, simply uninstall ESET from the former machine and install it on the new one. During uninstall, deactivation will be performed and the license will be freed for activation on another machine.

Are you able to log in to the AT portal from a pc o notebook alright?

Hello, Please provide me with the case ID number so that I can check with ESET LLC what happened with the ticket. Regarding your questions: 1, It is very highly unlikely you would have malware that simulates keystrokes or mouse to change your ESET settings. Anyways, you can set a password to protect them, if you wish. I'd suggest exporting the config to xml files and comparing them to see if there are any differences. I assume it's just a gui glitch or whatever. 2, You can create a general block rule, put it on the top of the rules and then creating permissive rules for applications that you allow to communicate over the Internet.

Since this is an English forum, we kindly ask you to post in English so that moderators and other users can understand and help you. Please follow the instructions at https://support.eset.com/unlockems/. Should you be unable to resolve the issue, please contact your local customer care.

There was no issue according to the install log: MSI (c) (C0:D0) [09:13:37:668]: Product: ESET Endpoint Antivirus -- Installation completed successfully.

The mirror feature for updating offline computers is available only in business products. Products for home users require Internet connection to update.

Please provide especially install.log. It's mentioned in the KB, step 4: The install path will be inserted into the Run window. Type (space) /lvx* install.log at the end of the install path, and click OK.

Provide a Procmon log that will be generated at time when a modification of the mentioned txt file occurs.