Marcos

Probably no issues with v8.1.2031 were known at that time. In that case that version would have been released as uPCU. However, since certain issues were discovered (e.g. a problem with activation with offline license files remotely), it was not suitable to be released as uPCU and we had to prepare a service release 8.1.2037. For us the quality matters and thefore we will not update all users to a version that has some known quirks.

You can upload it to OneDrive, Dropbox, etc. and drop me a personal message with a download link. However, please enable this setting, then reproduce high memory use by ekrn again and generate a new dump:

You can drop me a personal message with the text of the email enclosed.

HTML/Fraud.EK is a detection of fraud emails like Please provide me the email that you attempt to send and which is detected as HTML/Fraud.EK trojan.

First of all please make sure that all IP addresses listed here are allowed and TCP and UDP port 53535 is open: https://support.eset.com/en/kb332#esetlivegrid

Let me sum it up: 1, ESET has the right to decide which websites to block. 2, We appreciate reporting suspicious websites to us (ideally via samples[at]eset.com) 3, Not every crack is necessarily malicious. That said, not every website with cracks is subject to block. Only websites leading to actual threats should be blocked. 4, In this case the alleged 'cracks' were actually malicious and contained several pieces of malware that was already detected by ESET. However, these cracks were downloaded through a redirect which was blocked, ie. for users to get infected they would need to disable web access protection, real-time protection and maybe even post-execution protection layers. I mean that not blocking the sites with 'crack' didn't pose a risk to users, yet that are subject to block (and they are blocked now).

Please carry on as follows: - sing up for this ESET forum since the Quick questions is intended only for quick questions, not for reporting issues - sign in with your account and re-post in the Malware finding and cleaning subforum - provide logs collected with ESET Log Collector as well as a screenshot of the alert that you're getting (if any)

I'm afraid that the only way how to accomplish it currently is by taking screenshots. It is possible that this feature will be included in one of the future versions of ESET PROTECT since it's been requested by some other users for auditing as well and it's already tracked as a request.

First you must create a dump manually when ekrn takes a lot of RAM via advanced setup -> tools -> diagnostics -> create (dump), only then an ekrn*.dmp file will be created.

Not really. In ideal case you'd get a brand new malware detected through LiveGrid in 5-10 minutes, in worst case in about 25 minutes after submission if it was evaluated by automated mechanisms used also by LiveGuard/EDTD. If the sample was malicious and manual analysis was needed (no matter if the file was submitted manually by email, via LiveGrid or LiveGuard), the time to add detection / blocking by LiveGrid can be longer, typically from 10 min. to 40-60 min.

Please provide logs collected with ESET Log Collector for a start.

You can compress ekrn*.dmp files in C:\ProgramData\ESET\ESET Security\Diagnostics and supply the archive to me. However, ELC logs may be requested by developers later. It's impossible for users to check all logs and especially binary data files and dumps that ELC collects; ESET is a security vendor who takes also security of your data seriously. Without logs we often cannot move on and help you resolve issues.

Does temporarily disabling Bank and payment protection make a difference? If so, could you post a screenshot or two for clarification?

It is not possible to restart ekrn for security reasons. The best would be if you could generate an ekrn dump via the advanced setup -> diagnostics -> create (dump). When done, collect logs with ESET Log Collector, upload the generated archive to a safe location and drop me a personal message with a download link. As peteyt asked, what product and version are you using? You have mentioned a server, however, you have posted in the forum for home user products.

Your license with public ID 3AP-48F-G87 and the license key USxx-xxxx-xxxx-xxxx-xxVB appears to be valid and working. Where did you find out it was cancelled? It doesn't seem so.