Marcos

Program updates are staggered. In the first step, we release it for users with pre-release updates. Next the program update is installed automatically, however, with a small probability which can be enforced by manual update. Over the time the probability gets higher and the program update is automatically installed to other users.

Search in emails from that date and remove the particular email from the mailbox.

From the screen shot it is not clear if it's reported by agent or by the security product. Also make sure that the client reports to the ESMC server fine.

Please post a screen shot of the pop-up message or rather the appropriate record pertaining to the block from logs so that we know what you mean.

Please provide a couple of examples of websites on which an untrusted certificate was reported. By default, if a certificate is invalid the communication should be blocked automatically: That's because SSL/TLS filtering had been disabled in Endpoint until v7. Without enabling it, https websites could not be scanned for malware for instance.

Since this is an English forum, we kindly ask you to post in English, otherwise moderator as well as many other users may not understand and will be unable to help. Assuming that you have Endpoint v7 installed, try switching to pre-release updates in the advanced update setup so that the latest modules are downloaded. Let us know if that helped or not. If not, remove all exclusions and in the advanced setup -> tools -> diagnostics, enable advanced network protection and protocol filtering logging, then reproduce the issue, disable logging and finally gather logs with ELC. Provide the ELC logs to customer care with a link to this topic so that the case is properly tracked. Besides that, upload the ELC logs here so that we can check them out. Last but not least, please provide step-by-step instructions how to reproduce the issue. For instance, it is not clear what you mean by "launching multiple applications that loads a cache to open the login page". Please clarify. Is the issue reproducible on all machines that you have?

Since you probably didn't have a copy of the CA and server certificate, you will need to re-deploy ERA agent while using current certificates. You may need to re-deploy it twice in case there's an older version of agent installed. First agent will be upgraded to the latest version and the 2nd time certificates will be updated. Since you are reinstating the ERA Server, I'd recommend choosing ESMC instead of the previous ERA v6.5.

We protect Chrome v70+ users from script malware like before.

Does the issue occur with EIS as well? The log looked pretty normal to me, didn't notice any error. When the error is reported in gui, please generate a complete application dump of ekrn via the adv. setup -> tools -> diagnostic -> create (dump). Prior to that, make sure that "complete dump" is selected in the drop-down menu or select it and click OK first.

Please pm me your public IP address so that we can check on the repository servers what happened.

Feel free to attach the ELC logs here. Only moderators and ESET staff has access to attachments.

To share a file for the others, it is necessary to upload it to a file sharing service for instance and post a download link. Direct access to attachments is available only to moderators for security reasons.

I'm sorry, made a typo in my post. I meant that we released a 64-bit versions of our products for macOS earlier this year.

You can provide the logs to galaxy but since he's not an ESET staff, we hold no responsibility for the advice he might give you. I'd suggest following moderators' and advanced members' advice and waiting for analysis of the stuff that we asked for and which you have uploaded.

I reckon that a 64-bit version of MacOS was released in H1/2018 and older 32-bit versions will not be supported by newer ESET products for MacOS.

Not really. We simply reverted the module to the previous version since it was most likely this one which caused the issues.

It is typical of ransomware attacks that attackers misuse RDP to connect to a machine, disable or uninstall AV and only then run ransomware to encrypt files. Make sure that: - important data is backed up on a regular basis - regularly install security updates for the OS and other programs - keep your AV updated (both modules and the program itself) - practice safe computing - lock down RDP only for access from your internal network, use VPN instead (alternatively you can use 2FA or restrict RDP to specific IP addresses on a firewall) - set a password to prevent the AV from being modified / uninstalled - enable detection of potentially unsafe applications

First of all, please give this topic a meaningful title. Then provide more details about the issue you are having. What version of Android you use, what ESET product / version you have installed on it, provide a screen shot or two with the pop-up windows you are getting, etc.

Please configure Windows to generate complete memory dumps and provide: - a complete memory dump from a crash compressed in an archive - ELC logs from the machine

Was the issue resolved after updating the horus module to v7779?

Set Append in the policy next to the Rules settings if you want user's rules to take precedence over the rules set by the policy or Prepend for the policy rules to be applied first : That should work with Endpoint v7 and newer.

Please read https://forum.eset.com/topic/16476-after-upgrade-agent-to-v7-old-agent-is-also-visible/ and use the script or "run command" task to remove the old agent record from the registry.

Could you confirm that the computer is not in a domain, ie. no group policies are applied? If you create a new administrator account and log into it, are you able to install Chrome then? Also you have One SystemCare PUA installed. Please uninstall it and try again.

I assume so. In our country we provide assistance with malware removal for no additional fee for paying users.