Marcos

We use American English in all our products probably because the USA are one of the biggest markets where our products are sold and ESET LLC has its seat there for many years. If we decide to produce also a British English, Australian English and whatever language flavor in the future, that version will use the appropriate country flag.

It's probably an on-demand scanner log, they can be deleted safely. Also delete the other log bigger than 900 MB. Keep an eye on that folder and in case the large logs are generate again, let us know.

Are you able to log in to my.eset.com in a browser? Have you tried changing your password to one that contains only letters and numbers, ie. no special symbols like "!?*,.", etc?

Enter the license key as you received it, ie. including dashes.

Never seen such issue reported from users. Since you are not using the latest version (ESET Smart Security no longer exist and was replaced by ESET Internet Security), please try installing the latest version of EIS 11.1.42 over ESS.

Normally it depends on local settings. At least in Europe, semicolon is used as a delimiter in csv. We already track an improvement for ERA 7.1 to make this configurable and use local settings by default.

That's what we need to find out; whether the issue is occurring only on Windows 10 and under what circumstances (only after upgrade, with a specific 3rd party application or Windows update installed, etc.).

Please somebody confirm or deny whether uninstalling ESET and installing v11.1.42 make a difference. Also tell us what operating system you use. I have no problem with a webcam on Windows 7 and a fresh install of EIS v11.1.42.

Currently it is not supported. So far we support only 1Password, LastPass and Roboform.

I'll check with developers if we could prepare a logging version of the AV/AS module for you that would help us find out communication details.

After upgrade to v11.1.42 you were asked in the main gui to enable or disable the LiveGrid feedback system. Consent had to be given or rejected due to compliance with GDPR even if the LiveGrid feedback system was enabled or disabled before upgrade.

Please post a screen shot for clarification.

If you upgraded from an older version, you must have been presented with a question whether you want to enable ESET LiveGrid feedback system. Enabling it would have re-enabled submission of samples (except documents like in previous versions) and statistics.

That is the best we can recommend at this point. We don't know how much time elapsed between changing the settings and the time the files were submitted.

That's correct. This doesn't make sense in the era of cloud and rapidly emerging threats when files must be submitted and analyzed within seconds or minutes in order to provide quick response to new threats. This option was removed when ThreatSense.Net evolved to LiveGrid a coupld of years ago. In v11.1, we've added more granular settings for file submission. By enabling submission, the user gives consent to submitting suspicious files which is also covered by EULA and privacy policy.

LiveGrid consists of 2 systems: LiveGrid reputation system and LiveGrid feedback system for submitting files and statistics. You don't necessarily have to have both enabled if you don't want the system to submit suspicious files and you can still be protected by LiveGrid. Of course, without malicious files from systems we wouldn't be able to add proper detection / cleaning so if you happen to get infected with malware that nobody else has come across, we may not be able to clean it properly until we receive the appropriate suspicious files.

Are you still getting this warning? I'm unable to reproduce it. You should get a similar warning from your browser after disabling TLS filtering in ESET.

You can see files pending for submission in C:\ProgramData\ESET\ESET Security\Charon but they are in an encrypted form. However, it doesn't mean they will actually be submitted; the program will first query LiveGrid servers if they are really needed. If you want to submit only files that you want to, disable the LiveGrid feedback system and submit files manually. However, we don't recommend using the in-built form since many users submit tons of of non-malicious stuff and your submission could get lost among them. Please follow the instructions at https://support.eset.com/kb141/ to submit suspicious files.

Endpoint can be configured either locally or via ERA. There are no other options for security reasons. With ESMC (ERA v7), it will be possible to keep user-defined rules and append or prepend rules from ESMC: As for honoring Windows Firewall rules, there's an option "Also evaluate rules from Windows Firewall". If enabled, all permissive rules from Windows Firewall will be honored. Note that blocking rules from Windows Firewall are not applied. Important note: This doesn't work for firewall rules defined via GPO. The API we use returns only local rules. Rules defined by GPO are stored in the registry and their format may change over time.

I was unable to reproduce it. A malicious sample was submitted only after selecting to submit malicious samples. I assume those could be files that had been pending for submission before you disabled it. If you are able to reproduce it, we can investigate it further. Anyways, disabling submission of files is not recommended. Otherwise the more users disable it, the higher probability that we may not be able to clean possible malware that you may run into.

I've made a test and running the following works provided that the installer is run as an administrator: eea_nt64_enu.msi /qn REBOOT="ReallySuppress"

Could you try it with Banking and payment protection disabled?

It's most likely just a coincidence. If you enable logging of submitted files, do you see some files submitted at that time? I'd suggest the following: - enable diagnostic logging verbosity - enable advanced firewall logging - reproduce the above mentioned behavior - disable logging and also change the logging verbosity back to standard - collect logs with ELC. When done, provide me with the generated archive.

If running an on-demand scan of the disk doesn't remove it, please provide ELC logs from the machine.

If Windows starts slowly after upgrade to v11.1.42, please create a Procmon boot log as per the instructions at https://support.eset.com/kb6308 (steps 1-4, the proceed with Gather boot log files instructions). Also collect logs with ELC (https://support.eset.com/kb3466/). When done, upload both archives to a safe location (e.g. Dropbox, OneDrive, etc.) and drop me a message with download links.