Marcos

I'd add that you should check the IP address of the mail server from which the email was originally sent.

The website still contains phishing pages. After you've cleaned it completely, please follow the instructions at https://support.eset.com/kb141 and ask for a review.

Inappropriate posts were hidden. To prevent bashing and ranting, we'll draw this topic to a close.

I completely agree. If ESET has been continually letting one down and allow his or her computer to get infected or have a noticeable impact on performance, I'd expect the person would have already changed the AV. If one stays with an AV it means that it fully (or mostly) fulfills his or her expectations.

It is a known issue that will be fixed via a module update. Nevertheless, protocol filtering should be kept enabled as long as a computer has connection to the Internet. Disabling it will expose the machine to Internet-borne threats that may slip through other protection modules.

If only domain users log in on the machines, you could create a dynamic group for computers with no domain user logged in: Then you could assign a specific policy for that dynamic group that would block all network communication by the firewall (I'd suggest creating some exceptions, e.g. for ekrn.exe so that updates can continue to be downloaded). The only issue with this solution that I can think of is the fact that membership in dynamic groups is evaluated in 20 or 30 minute intervals. As a result, if a user logs in it might take several minutes until the network connection is restored.

Personally I recommend installing newer versions from scratch, especially if one has encountered issues lately. This is to rule out the possibility that issues were caused by ESET misconfiguration (e.g. if the user created customer HIPS or firewall rules that blocked certain operations). If you have plenty of time, uninstall Endpoint v5 and install Endpoint v7 from scratch. Basically you shouldn't need to configure anything else after installation. If you were short on time, you could install EPv7 on top of EPv5 or EPv6.

A fix for this bug has been targeted for v12.0.

It appears that you have correctly reported it to samples[at]eset.com a few moments ago and you have already received a response. This forum is not a channel for reporting blocked sites. A correct procedure for submitting samples and reporting url blocks is available at https://support.eset.com/kb141/.

If you have activated a trial version of ESET or purchased a license and entered the license key but it still doesn't work, please gather logs with ELC and provide me with the generated archive.

I'd suggest uninstalling the agent via GPO and deploying it again using new certificates.

You can create a SysRescue USB on a machine with Internet connection and use it to scan an offline computer.

Please capture the network communication while creating an all-in-one installer with Wireshark and provide the generated pcap log compressed in an archive. Beforehand close any network-aware application to reduce the amount of data logged in the pcap log.

Does the license actually appear in EBA?

What brand / type of phone do you have? This is typical of Huawei, Xiaomi and some Samsung phones. Make sure that you have no battery optimizers installed and an aggressive power save mode activated.

It depends on how many computers you have with Endpoint v5. If too many, manually uninstalling it via the Start menu or Add and remove programs would be impractical.

If you are continually getting the error, please contact your local customer care so that the case is properly diagnosed and tracked. To my best knowledge, registration to WSC should occur only once during installation or after program upgrade.

Dobry den, ESET File Security pre operacne systemy Windows Server obsahuje od verzie 7 Ransomware stit, ktory vyzname vylepsuje ochranu proti novych druhom ransomwaru. Okrem instalacie EFSW v7 je ale nutne zabezpecit RDP v pripade, ze je povolene (napr. povolit ho iba lokalne a do siete sa pripajat cez VNP, pouzivat 2FA - napr. ESET Secure Authentication, pouzivat silne hesla, na fw obmedzit pripojenie iba z konkretnych IP adries / bezpecnych rozsahov, atd.). Taktiez je dolezite pouzivat plne podporovany OS a pravidelne instalovat bezpecnostne aktualizacie. V ESFW odporucame zapnut ochranu nastaveni heslom ako aj detekciu potencialne zneuzitelnych aplikacii, aby v pripade, ze utocnik sa uz nejakym sposobom dostane do siete, resp. na server, nemohol vypnut av ochranu, resp. odinstalovat ESET. Taktiez odporucame nezdielat adresare obsahujuce dolezite subory pre everyone s plnymi pravami, aby sa predislo zasifrovaniu takych adresarov zo vzdialeneho pocitaca.

I'd also like to emphasize that installing the latest available version of a security product on an operating system not supported by its maker doesn't make up for missing security updates and patches. We strongly recommend to consider upgrading to a modern and more secure operating system.

Unfortunately, it is not clear what issue with policies you are having. Please clarify. Also try upgrading EP to the latest v7 and possibly also ERA v6.5 to ESMC (for instructions, read https://support.eset.com/kb6925/).

Unfortunately, we still have no clue what "don't know what you mean by "Mozilla firefox app notworking well". Please elaborate. Also there is already Endpoint v7 available. We strongly recommend updating Endpoint 6.6. to it.

Please provide a complete record (whole row) from the Detected threats log that pertains to the detection. I'd prefer if you could gather complete logs with ESET Log Collector, however. If you have Mikrotik router, make sure to install the latest firmware. Routers with older firmware have been a target of attacks recently and a malicious html code was already provided by the router itself. It was subsequently detected in html pages on computers connected to the Internet through the router. One should never make a conclusion before investigating what happened or what's going on. If the router turns out to be the culprit, no security software running on a computer could have prevented router infection.

ERROR: (DbInsertCertAuthContent) CStatementSerializerBase: Failed to open file C:\Documents and Settings\All Users\Dane aplikacji\ESET\RemoteAdministrator\Agent\SetupData\Database\SQLite\SetupScripts\Install\2_do_install.sql Please copy the following commands to a batch file and run it:

What operating system do you use? If Windows 7 and newer, please install Endpoint v7. Otherwise install the latest v6.5. Should the problem persist, elaborate more on what you mean by "not working well".

It should be available later this year. We'll announce it when it's ready.