Marcos

Couldn't it be that you use Fortinet or another firewall? It is a known issue of especially Fortinet firewalls that they corrupt update files.

The name of the application should be listed in the prompt window that pops up when an untrusted certificate is detected.

1, Update at logon has always been disabled by default: 2, "That suggestion should be submitted to the requested "Future Changes" thread." That's not really needed. This information was removed intentionally since the version of the detection engine doesn't matter much nowadays in the era of LiveGrid and streamed updates.

Not only an idea but reality. We've been using automated detections for years and this system has developed over time.

@sypticle The file itself is not malicious but suspicious which is not enough for a detection to be added. Please search for Serv.dll and submit it in an archive protected with the password "infected" and with a link to this topic included to samples[at]eset.com. Let me know when done.

Unfortunately, it is not possible to set automatic mode with exceptions via ERA6/ESMC. Since Endpoint v6.6/v7 has lower memory consumption than EPv5, I'd recommend trying to install it on a machine with 512 MB of RAM and see how it works.

This forum is by no means a channel for disputing detections or blocks. For instructions how to report possible false positives to ESET, please read https://support.eset.com/kb141/ . Honestly, just a brief look at the website suggests that the content is not 100% alright. Personally I've found there instructions to use a rogue or PUA software to remove malware. I'd suggest removing dubious content first and only then apply for a review. Having said that, we'll draw this topic to a close.

The behavior is correct. The version of the secure protocol can be determined without actually filtering the SSL/TLS communication which is also why blocking https sites partially work even with SSL/TLS filtering disabled. When narrowing down an issue , one should try disabling protocol filtering.

Since it's v9 which didn't use dll modules yet, the memory usage is pretty low. Upgrade to the latest v12 to lower memory usage even more and to improve performance and protection capabilities as well.

You should hear a sound signal after a scan has completed. I reckon it's "Asterisk" which is played.

When reporting issues with bank websites not opening in a secure browser, we need to know: - the bank url - browser and its version - if the issue occurs with other browsers - ESET product and its version + the version of the Banking and payment protection module

If the certificate was trusted, the prompt window wouldn't pop up and users would not need to choose an action and enter a password. Please provide a screen shot of the certificate details.

I would also try logging in to your mailbox via the web interface and check if the folder is not already created on the mail server.

The question is what certificate is untrusted and why. If it was trusted, the warning would not pop up.

Please click the "untrusted certificate" link and post a screen shot of the certificate details.

Personally I don't use Thunderbird but theoretically it could be that Thunderbird itself or the integrated spam filter has been updated and now moves Black friday-related emails to the special folder.

There was a specific IP address blocked in May due to FakeAlert malware being there that is now causing the FP. We've unblocked it so please restart the machine in 5-10 minutes and check if the issue has been resolved. The FP will correct itself within ~30 minutes automatically.

You purchase one license for Parental Control regardless of how many children you control.

Please carry on as follows: - under Help and support -> Details for customer care, enable advanced logging - enter your license key in the activation screen - when an error is displayed, stop logging - gather logs with ESET Log Collector and post the generated archive here.

Please post a screen shot of the Client tasks pane with details about the on-demand scan tasks unfolded.

Your license key remains same after purchasing a renewal. Check in the product if the expiration date of your license has been updated.

The question is why you have 4 tasks in the list if you sent only one task to the client.

Since ESET NOD32 Antivirus does not contain a firewall, it cannot affect network communication except application protocols HTTP(S), POP3(S) and IMAP(S). Could you confirm that the issue occurs only with ESET Internet Security installed?

Are you positive that you have no on-demand scans scheduled in Scheduler and that no on-demand scans are set by policies assigned to dynamic groups? Did you send just one on-demand scan task from ESMC?

This forum is by no means a channel for disputing detections. We were informed that you had received an official response from samples[at]eset.com. For instructions for reporting false positives, please read https://support.eset.com/kb141/. Having said that, we'll draw this topic to a close.