Marcos

Please gather logs with ELC and provide me with the generated archive. I'd better check and make sure that you have the latest drivers properly installed. Should the issue occur again in the future, a Procmon log from upgrade will be needed.

I'd recommend migrating from ELA to EBA (eba.eset.com), adding licenses to EBA, removing them from ESMC and adding the EBA account to ESMC instead: In EBA you should see a list of devices on which a license has been used for activation: Should there be any inconsistency between EBA and ESMC, click Synchronize licenses. If that doesn't make any difference, please post screen shots from EBA and ESMC so that we can see what discrepancy you mean.

Unfortunately without any further information, especially about the process and IP address that the process was communicating with and logs it's impossible to tell what happened. It might not have been necessarily malware. Should you observe a suspicious behavior, gather logs with ESET Log Collector for perusal.

No, it was the old heuristics for DOS files that triggered the detection. Disabling it should not negatively affect detection of current threats.

You'd need to create a policy with only exclusions defined and then export it. However, since exclusions generally create a security hole giving malware a chance to run from excluded folders, we would like to hear more about your use case and reasons why you need to use exclusions at all.

Do you use a 3rd party plug-in for the ESMC server, e.g. ConnectWise?

It is ok to report possible false positives or give constructive feedback even from trial users. This is not a problem at all. Currently we don't know yet if we will whitelist the detected file. In the first place, a non-executable file with the exe extension should not exist on a disk. In my opinion. renaming the file's extension should not cause any issues and would solve the problem with detection.

I don't understand. First one needs a PIN or draw a pattern to get into your phone. Then another PIN or fingerprint is required to get into the Parental Control setup. It is not clear what another security key you would like to use. Last but not least, do not post in this FAQ forum but in the appropriate forum pertaining to the product.

Please clarify what you mean by save: " When I enter the above address into the Protected website section of BPP and Save it, ESET changes all the capital letters to small letters and deletes the #signon off the end leaving". If I copy & paste the url into a secure browser, it's pasted the same way it appears in a standard browser: I see that you have v11.2.49 installed. Try installing the latest one 11.2.63 just in case.

The website was unblocked several hours ago. You should be able to access it alright now.

The website was unblocked several hours ago. You should be able to access it alright now.

The website was unblocked several hours ago. You should be able to access it alright now.

The json file can be downloaded without ESET blocking the download.

For now we don't need any logs. If you update modules and open the website in question, is it still blocked? I assume it was an IP address blocked that was removed from blacklist a couple of hours ago. Hence I asked if the problem still persisted.

Was the screen shot taken right now? I asked if the problem still persisted, ie. if the url was blocked a few minutes ago or if it still is being blocked.

Are you sure it's still blocked?

Please provide a screen shot of the alert that you are getting, ideally a complete record (whole row) from the appropriate ESET log.

Please check the last connection time in the Overview pane and make sure the agent has been reporting to the ESMC server alright. If Endpoint is installed, you should see "Actual" in the status column.

It was discussed here: https://forum.eset.com/topic/16714-all-in-one-deployment-in-windows-10-not-working/. It appears that SmartScreen needs to be disabled first, e.g. via a domain policy.

The domain was not blocked but the IP address was. It will be removed from blacklist momentarily.

Please contact ESET UK: https://www.eset.com/uk/about/contact/

While we appreciate any constructive suggestions and ideas, adding support for themes should not be something that security vendors focus on and invest a lot of resources into it. I assume that gui themes are already tracked as a wish for future versions but don't hold your breath.

ESET Endpoint and server products can be managed via ERA/ESMC or RMM (support for RMM must be explicitly enabled and configured in the security product).

You can appeal for adding support for Apparmor through your customer care. If there's a demand from users for it, I'm sure that it will be considered provided that there are no technical obstacles.

Apparmor is not supported. It is not necessary to contact customer care because you would get the same response from developers.