Marcos

If the agent still connects to your ERA/ESMC server, remove or change the password via an agent policy prior to uninstall the agent:

When there is news on integration with a specific router, we'll announce it via standard channels.

By default, logs with lower severity are removed after 1 month. This can be configured in the advanced ESMC Server setup: If you create a Web Control rule with higher severity (warnings / critical), the records are retained for 6 months. We do not recommend creating a Web Control rule that would log every accessed url or it will generate huge logs on clients and performance issues not only on clients but also on the ESMC server which may result in inability to log in due to server overload caused by processing a huge number of records.

First of all, you should take measures to prevent attackers from getting administrator access to the machine, typically via RDP. I will drop you a personal message shortly.

The error means a problem connecting to a proxy server. Is it disabled as shown below? Is it disabled on other machines where you successfully activated Endpoint as well?

It is only possible to block whole devices (e.g. hard disks), not only particular partitions. Check the system Device manager and post a screen shot of where the troublesome disk appear in the device tree.

I mean, what error do you get if you enter the license key here? A registration email sent after purchase contains the license key (not a file). You can try to retrieve it through https://www.eset.com/int/support/lost-license/ or by contacting the partner from whom you purchased the license.

You should be able to find the detection records in the Detected threats log.

Probably you have an adware-like browser extension installed. Try running Chrome without extensions, ie. with the "--disable-extensions" parameter or disable/remove extensions one by one until you narrow it down to the offending one.

I'll wait for ELC logs since only an xml file with exported configuration can tell if the rules are actually duplicate.

Please gather logs with ESET Log Collector and provide me with the generated archive. Couldn't it be that the path to an application changes? Isn't it applications installed in c:\Program files\WindowsApps folder that you are asked for an action repeatedly?

If you check client details, do you see a recent connection to the ESMC server there?

The reason why you cannot pause protection is that protection module are enabled via a policy, ie. the lockpad icon may not appear next to particular protection modules in your screen shot. I assume that activating Override mode should do the trick:

If you mean the master password, it cannot be retrieved: https://forum.eset.com/topic/17870-password-manager/

Please read https://help.eset.com/ees/7/en-US/whats_new_7.html?installation.html.

You wrote that you tried activating manually but you forgot to mention what error you got which is what I asked.

Do you mean that you check the box to always use the selected option, click "Do not scan" but the pop-up window appears again later though?

I opened https://ibanking.stgeorge.com.au/ibank/loginPage.action in Firefox and was asked if I want to open it in a secure browser.

What error do you get if you enter the license key in the product activation form?

It seems that the option was removed due to a new algorithm for selecting sender's address implemented in EMSX v7. The option can still be configured via a configuration xml file if really needed or to keep it enabled after upgrade.

It appears it was implemented today so the change will be included in the next version of EMSX: "Automatically reject messages if SPF check fails" will reject email only if it hard-fails. In the future we plan to introduce a new condition in rules, enabling to differentiate hard-failed and soft-failed messages.

You'd better ask the maker of the tool as to what the error message exactly means.

It's pingable: Pinging epns.eset.com [91.228.167.23] with 32 bytes of data: Reply from 91.228.167.23: bytes=32 time=2ms TTL=55 Reply from 91.228.167.23: bytes=32 time=2ms TTL=55 Reply from 91.228.167.23: bytes=32 time=2ms TTL=55 Reply from 91.228.167.23: bytes=32 time=2ms TTL=55

Installers are cached. So if agent downloads an Endpoint installer on one machine, other machines should subsequently get it from the http proxy cache. We'd need to know your public IP address in order to check server logs for details about the communication. Feel free to drop me a personal message. Also do you restrict access to ESET's infrastructure per https://support.eset.com/kb332/ on a firewall?