All Activity

Thank you Marcos, i will let our client know about the above information. Thank you very much!

ESET NOD32 Antivirus, ESET Internet Security and ESET Smart Security Premium version 17.1.11 have been released and are available for download. Changelog: Version 17.1.11 Internal fixes Known issues: N/A Upgrade to Latest Version Upgrade my ESET Windows home product to the latest version If your ESET security product has not updated automatically yet, you can enforce product update by manually checking for update in the Update panel or wait until it updates automatically. Support Resources ESET provides support in the form of Online Help (user guides), fully localized application and Online Help, online Knowledgebase, and applicable to your region, chat, email or phone support. Online Help (user guides) Visit www.eset.com/contact to email ESET technical support

ESET NOD32 Antivirus, ESET Internet Security and ESET Smart Security Premium version 17.1.11 have been released and are available for download. Changelog: Version 17.1.11 Internal fixes Known issues: N/A Upgrade to Latest Version Upgrade my ESET Windows home product to the latest version If your ESET security product has not updated automatically yet, you can enforce product update by manually checking for update in the Update panel or wait until it updates automatically. Support Resources ESET provides support in the form of Online Help (user guides), fully localized application and Online Help, online Knowledgebase, and applicable to your region, chat, email or phone support. Online Help (user guides) Visit www.eset.com/contact to email ESET technical support

Currently there are no such plans as this was probably the first such request.

The string is not added by ESET to the subject of email. The best I could find is the following explanation although without a reference to particular software that adds it: The {disarmed} flag in the subject line of a filtered email indicates the system has located a "Web Bug" or tracking code and has disabled it. A "Web Bug" is a piece of code attached to an email that is invisible to the reader, but sends tracking information to a remote server that would then keep track of information such as when you opened the email, what kind of computer you are using, what your IP address is and so forth which the sender (or sending server) could use to identify you. This type of tracking code is most often found in HTML "newsletters" and spam messages to track when users open and read their e-mails. The filters prevent that information from getting back to the sender to protect privacy. This helps prevent the further propagation of spam, because once an email address is verified as real, and that a human viewed it, the now-confirmed email address will tend to make its way to other senders. https://www.virtbiz.com/client/index.php?rp=/knowledgebase/14/Email-arrives-that-says-it-has-been-disarmed.html

Unfortunately not, it used to work for some users who reported similar issues in the past.

I asked as this was the home user versions, so I guess this was just in the wrong forum section

So... yea i did that but its the same thing, i deleted the whole Eset folder just to be sure and its the same thing, do you have any other fix?

It is very disappointing that there are no instructions or links to helpful documentation for applying the pre-release.

Hi we are having weird issue. We have setup static groups to manage the pcs at multiple locations, each one has their own domain. So the name typically shows up as backroom-1.businessname.local However many machines will not show the full FQDN name, it just says backroom-1. After a new install every machine is supposed to go to lost & found, but it will end up in a static group (I believe it goes to the last created group). This happens to all pcs named 'backroom-1' and also randomly for other pc names. Why does it not show the FQDN name, and why is it automatically placing itself into a group other than Lost & Found. The Protect server is running on a machine called 'Backroom-1' that is not on a domain if that has any significance. thanks in advance.

I wasn't able to grab a dump from ekrn.exe as it's protected from tampering. Tried doing it after disabling self-defense stuff in the HIPS settings but it didn't work.

Hi ESET Team, I asked the client if they have existing Mail scanner, but he is not sure I am not sure how to answer the question about mail scanner. With respect to Eset, we are using Eset Protect Cloud for the office - the installation is standard and we did not set up anything special re mail scanning. Obviously once emails are downloaded to the relevant workstations, Eset Endpoint Security will scan. I attach a screenshot of how the "disarmed" subject line looks. I also attach a screenshot on how Web and Mail appears in my desktop. Most is greyed out, managed via cloud as standard. The change to have "disarmed" attached to the subject line started only yesterday and does not seem to affect all emails. I also attached the screenshot of the (disarmed subject line for your reference) SCREENSHOTS.zip

Hi ESET Team, See the below concern of our client: Since earlier today I notice emails coming through with the subject line {disarmed} before the subject - this so far affects at least two different accounts. These are very standard emails and I don't know why these emails suddenly have this additional flag. Has anything changed in how Eset Endpoint Security is handling Email processing? I would like to ask, is there steps that we need about this case?

Hi ESET Team, Thank you for your reply. Is there any plans in the future to have the option to disable notification for completed scan ? Cheers, Gil

when I flashed the bios with a new update.. Does it only overwrite the memory that is supposed to have space written to it and not the entire memory? cuz if that's the case the rootkit/uefi malware can still be in there after flashing bios.., FYI I'm using Asus Motherboard, if there's any idea you know, do they overwrite the entry memory when flashing it or not?

Try the current version 17.1.11.0 instead.

Why \Device\HarddiskVolume1\EFI\Microsoft\Boot\BCD.LOG1 - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\BCD.LOG2 - is OK are being opened why they are called log1 and log2 but the original ones cant be opened is that normal?

Log Scan Log Version of detection engine: 29113 (20240423) Date: 4/24/2024 Time: 12:01:40 AM Scanned disks, folders and files: Boot sectors/UEFI User: DESKTOP-BIC2Q7L\z MBR sector of the 0. physical disk - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\BCD - unable to open [4] \Device\HarddiskVolume1\EFI\Microsoft\Boot\BCD.LOG - unable to open [4] \Device\HarddiskVolume1\EFI\Microsoft\Boot\BCD.LOG1 - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\BCD.LOG2 - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\bg-BG\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\bg-BG\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\boot.stl - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\bootmgfw.efi - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\bootmgr.efi - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\CIPolicies\Active\{5DAC656C-21AD-4A02-AB49-649917162E70}.cip - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\CIPolicies\Active\{82443e1e-8a39-4b4a-96a8-f40ddc00b9f3}.cip - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\CIPolicies\Active\{CDD5CB55-DB68-4D71-AA38-3DF2B6473A52}.cip - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\cs-CZ\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\cs-CZ\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\cs-CZ\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\da-DK\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\da-DK\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\da-DK\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\de-DE\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\de-DE\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\de-DE\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\el-GR\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\el-GR\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\el-GR\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\en-GB\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\en-GB\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\en-US\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\en-US\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\en-US\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\es-ES\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\es-ES\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\es-ES\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\es-MX\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\es-MX\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\et-EE\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\et-EE\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\fi-FI\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\fi-FI\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\fi-FI\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\fr-CA\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\fr-CA\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\fr-FR\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\fr-FR\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\fr-FR\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\hr-HR\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\hr-HR\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\hu-HU\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\hu-HU\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\hu-HU\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\it-IT\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\it-IT\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\it-IT\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\ja-JP\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\ja-JP\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\ja-JP\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kdnet_uart16550.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kdstub.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kd_02_10df.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kd_02_10ec.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kd_02_1137.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kd_02_14e4.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kd_02_15b3.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kd_02_1969.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kd_02_19a2.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kd_02_1af4.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kd_02_8086.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kd_07_1415.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\kd_0C_8086.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\ko-KR\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\ko-KR\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\ko-KR\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\lt-LT\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\lt-LT\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\lv-LV\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\lv-LV\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\memtest.efi - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\nb-NO\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\nb-NO\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\nb-NO\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\nl-NL\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\nl-NL\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\nl-NL\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\pl-PL\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\pl-PL\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\pl-PL\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\pt-BR\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\pt-BR\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\pt-BR\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\pt-PT\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\pt-PT\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\pt-PT\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\qps-ploc\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\ro-RO\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\ro-RO\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\ru-RU\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\ru-RU\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\ru-RU\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\sk-SK\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\sk-SK\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\sl-SI\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\sl-SI\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\sr-Latn-RS\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\sr-Latn-RS\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\sv-SE\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\sv-SE\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\sv-SE\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\tr-TR\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\tr-TR\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\tr-TR\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\uk-UA\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\uk-UA\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\winsipolicy.p7b - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\zh-CN\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\zh-CN\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\zh-CN\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\zh-TW\bootmgfw.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\zh-TW\bootmgr.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\zh-TW\memtest.efi.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\BOOTSTAT.DAT - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\chs_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\cht_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\jpn_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\kor_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\malgunn_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\malgun_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\meiryon_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\meiryo_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\msjhn_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\msjh_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\msyhn_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\msyh_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\segmono_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\segoen_slboot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\segoe_slboot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Fonts\wgl4_boot.ttf - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Resources\bootres.dll - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\Resources\en-US\bootres.dll.mui - is OK \Device\HarddiskVolume1\EFI\Microsoft\Recovery\BCD - is OK \Device\HarddiskVolume1\EFI\Microsoft\Recovery\BCD.LOG - is OK \Device\HarddiskVolume1\EFI\Microsoft\Recovery\BCD.LOG1 - is OK \Device\HarddiskVolume1\EFI\Microsoft\Recovery\BCD.LOG2 - is OK \Device\HarddiskVolume1\EFI\Boot\bootx64.efi - is OK Number of scanned objects: 141 Number of detections: 0 Time of completion: 12:01:40 AM Total scanning time: 0 sec (00:00:00) Notes: [4] Object cannot be opened. It may be in use by another application or operating system. I ran a scan and there's 2 files can't be opened but there's also another 2 files that were the same but they were scanned but they are named as \Device\HarddiskVolume1\EFI\Microsoft\Boot\BCD.LOG1 - is OK \Device\HarddiskVolume1\EFI\Microsoft\Boot\BCD.LOG2 - is OK and they were opened fine why is that?

Strangely I can't reply if I make an account... what's the point? That aside, I wanted to address some of @Warren's / others comments: This is only true if you are silly enough to take the nuclear option of turning it all off. If you simply whitelist node in the SSL screen then you have the exact same protection you had before the update. (that is, no Node protection) What @Macros said in the previous page here is that they have extended the SSL protection to Node on a base level; which is a massive security enhancement considering that supply chain attacks are becoming one of the most common ways to distribute malware. Frankly I was surpised to learn this wasn't the case before, but I welcome the change. True, but in ESETs defense the Windows certificate store has been around since the beginning of time and is a fundamental core security feature of windows. The fact that OpenSSL took until late 2023 to even implement that is extremely questionable and if Node itself is going to claim windows compatibility then they should have done that themselves also a long time ago. There is no excuse for that. All three parties here are to blame, and I would point to Node itself as the biggest offender. It's the same problem with all Linux centric Open Source software. The Linux elitists laugh at implementing / fixing windows issues until there is enough pushback from the windows developer community to make it worth their while... and they usually do so grudgingly. This situation is no different. The Node certificate issue has always been a problem on Windows even outside this and if you look at what @itman posted, that Github issue is not even from the Node team.... that is only a suggestion from a user to implement it. And to my point above, notice how much traction it's getting? ZERO. If they had of fixed that back in Jan 2024 when it was posted we wouldn't be in this situation. I would also like to know the answer to this. ... and other veiled threats about changing virus scanners or never giving ESET money is entirely short sighted thinking. If you do, you better do your research... because if you switch to a scanner that doesn't provide node protection and your company gets infiltrated in a supply chain attack aren't you going to look silly. In addition, it's entirely possibly when / if said other company gets around to scanning Node they make the same mistake as ESET because Node didn't fix the problem on their side. Thus you are in the same position you are today... only you look more stupid because you made the same mistake twice. If you find a better product by all means switch but don't do it out of spite. So any Node Windows developer here worth their salt, take 5 mins out of your day, right now, and go to https://github.com/nodejs/node/issues/51537 and upvote / comment, whatever you have to do to get Node's attention to fix it once and for all. Now, to ESET, couple of things: I think you got the point by now but some well advanced communication on this issue would have been exremely helpful. I am not sure how this was tested but 2 seconds from anyone working with node in windows would have caught this in a second. Unable to install any package is huge giveaway something was seriously wrong. I don't think I need to say this, but I will anyways, you need to improve your testing OR: Us developers are generally decent people, if you don't have the resources to properly test such changes, reach out and we can help test in a safe branch before breaking tons of stuff. Baring the above, this probably should have been implemented first as an optional feature, with a separate button, which was called out in a popup when the update rolled out. Replying to someone who is not even a customer reporting a serious issue which included a very detailed technical breakdown with "well make a report then" is completely out of line. Were your fingers broken or something? The time it took you to write that you could have made the report and it only exacerbated the issue to your users making you look like you don't care.

Had the same issue here. Spent the past 6 hours trying to figure out what .exe's we needed to add to the SSL/TLS exemption list, but I don't feel comfortable with that. our github pulls were erroring. Have open ticket right now, but no response yet. I found that I had to add all the runner .exe's to the exemption list, in addition to the node.exe files to get it to work properly. runner.listener, createdump, runnerplugin, runner.plluginhost, and runnerservice were added, but I couldn't keep more of our developers time to test which of those could be removed. If anyone has insight on that, it would be appreciated.

I'm also experiencing this issue and it has disrupted some client work. When can we expect a fix? I updated ESET as of today and still this is a problem. Also, your captcha is hilariously bad.

V11.0.2044 is the latest version of ESET Endpoint products for Windows. Not really, it was a redundant setting controlling an obsolete way of hooking that was not supported on modern Windows systems anyways.

Thank you, I've forwarded the dumps to developers for perusal. Will keep you posted. P_ESSW-18149

OK, next time it does it, I'll also grab a dump of ekrn.exe. This link has an archive with two dumps of eguiproxy from two sessions with the icon spinning, if that's helpful on its own: https://drive.proton.me/urls/9R2X65Q1EG#sYgQHNEBmGd2 And yeah, I tried hovering the cursor over the icon and it doesn't show any active operations, just says the product name and version. It will spin until I reboot the system.