Marcos

Because they communicate over https and the certificate they use is not an EV certificate (typically used by banks for instance). You can exclude particular applications or certificates from filtering.

With SSL/TLS filtering disabled you can block the hostname, e.g. https://domain.com but not https://domain.com/malware and urls with a path on the blacklist won't be applied either. Also if an application (malware) communicates with a server over https, this communication cannot be scanned unless you enable SSL/TLS filtering.

Any application that communicates via http / https is supposed to appear in the list.

Without SSL/TLS filtering, it's not possible to scan the communication and therefore possible malware on https sites may be downloaded undetected or malicious https urls may not be blocked. Also with future versions of Chrome marking all http sites as not secure, even more malicious websites will change to https.

It is not clear what is the test2 file. If it's a batch file, we don't know how it launched ecls.exe. If you go to the ESET install folder and run "ecls c:\", does it start a scan?

Prior to performing a fresh install from scratch, please run the Uninstall tool in safe mode to make sure that ESET has been removed completely.

Recently there has been a glitch with the repository. If installation is failing, try installing Endpoint manually and generate install logs for perusal: https://support.eset.com/kb406/

Please gather logs with ESET Log Collector from that machine and drop me a private message with the generated zip archive attached.

That is correct. You can also make an exception directly via the link in the warning window.

No problems here, v11.2.49:

To export the whole configuration, navigate to Tools -> Import/Export settings. It is not possible to export just specific settings.

I've upgraded from v11.1.54 to v11.2.49 without issues. After upgrade, I clicked the link to restart the computer and a restart was actually carried out. As for the message "waiting to register with the WSC", it's reported when the Security Center service is not running. On certain systems it can take several minutes for the process to start.

Currently in-product update to v11.2.49 is available only for users with pre-release updates.

It was already reported here: https://forum.eset.com/topic/16050-e-mail-after-signature-update/ Please contact your local customer care so that the support ticket is properly tracked.

It's in the advanced update setup:

Windows Server 2003 SP2 is required:

In order In order to achieve that, Microsoft would have to stop updating the core of the OS or provide vendors with newer builds in advance and give them time to report bugs, before they make them available to Insider Preview users. I'm sorry, we are not the developer of the OS and fixing bugs in the OS is beyond anyone's capabilities but Microsoft.

Detection is independent not only from the version of the product but also from products per se since the engine and modules are shared across all products with the exception of products for Android. Please gather logs with ELC when v10 is installed and another set of logs after upgrade to v11. If exclusions worked in v10, they must also work in v11. Although disabling product update is possible, we don't recommend doing so or the product won't upgrade to a newer version that may provide improved protection and performance besides other improvements and fixes. To me it appears to be an issue that we should be able to pinpoint easily.

Url management in WAP can be used to block urls per se; wildcards are supported. Web Control is primarily aimed at blocking websites by categories; the url blocking functionality doesn't support wildcards. Also note that SSL/TLS scanning must be enabled in order for ESET to be able to block hostname with a path.

I'm sorry but I don't get this. You have opted for Windows 10 Insider Preview which is a sort of beta version of the Windows 10 operating system and may contain more or less serious bugs. In this case the bug was confirmed by Microsoft and it's not ESET's fault that some components don't work with the IP version you have. As for making a OS independent product that would run on any version of Windows, Mac, Linux, Android, etc. is really impossible.

You can only export the whole configuration. It's possible to remove the redundant settings manually then, however, the xml structure containing the desired settings must be preserved.

Please gather logs with ESET Log Collector directly from the machine with Endpoint and I'll check the configuration. Drop me a personal message with an archive generated by ELC attached.

Please follow the instructions at https://support.eset.com/kb141/. If it's detected as a potentially unsafe or unwanted application and it's not a packer which is detected, it's unlikely to be a false positive. Use subject along the line "Possible FP - Win32/XY". You can also add the name of the software so that it's obvious from subject what the ticket is about. You can upload big files to OneDrive, DropBox, etc. and include just a download link.

I see also MBAM v3 installed. In particular, mbamchameleon.sys is loaded. As I have already mentioned, there are also drivers zam64.sys and zamguard64.sys. Then there is Adguard's driver adgnetworkwfpdrv.sys too. Another AV's driver is SophosED.sys. So I suggest: 1, Uninstalling MBAM 2, Uninstalling Adguard 3, Uninstalling Sophos 4, Keeping Zemana but temporarily renaming c:\windows\system32\drivers\zam64.sys and zamguard64.sys.

I asked for a set of logs gathered by ESET Log Collector, however, you have uploaded only a couple of logs while the others are missing. By the way, do you have ESET NOD32 Antivirus installed? I assumed that you have ESET Internet Security since you've posted in the EIS/ESSP forum. If possible, please install EIS. Enable advanced logging and try to activate a trial version. Then collect logs with ELC. In this case, also a log with network communication will be included.