Marcos

It's most likely just a coincidence. If you enable logging of submitted files, do you see some files submitted at that time? I'd suggest the following: - enable diagnostic logging verbosity - enable advanced firewall logging - reproduce the above mentioned behavior - disable logging and also change the logging verbosity back to standard - collect logs with ELC. When done, provide me with the generated archive.

If running an on-demand scan of the disk doesn't remove it, please provide ELC logs from the machine.

If Windows starts slowly after upgrade to v11.1.42, please create a Procmon boot log as per the instructions at https://support.eset.com/kb6308 (steps 1-4, the proceed with Gather boot log files instructions). Also collect logs with ELC (https://support.eset.com/kb3466/). When done, upload both archives to a safe location (e.g. Dropbox, OneDrive, etc.) and drop me a message with download links.

What is the difference between the screen shot with 3 issues reported next to "Setup" and the screen shot where no issues are reported? Do those issues disappear after some time after Windows starts?

Update to v11.1.42 is not currently available. We will resume upgrade to the new version next week.

That's because most of modules were removed from the installer and now they are downloaded after activation.

The problem with this is that there's no unified location for storing information about license expiration dates of installed software.

Since computers are not permanently connected to ERAS, it's not possible to display online status of clients. However, in the ERA console you see the date and time of the last connection to ERAS.

Please carry on as follows: - in the advanced update setup -> tools -> diagnostics, enable both advanced firewall and protocol filtering logging - reproduce the issue - disable logging - collect logs with ELC - delete the content of C:\ProgramData\ESET\ESET Security\Diagnostics - temporarily disable protocol filtering - in the advanced update setup -> tools -> diagnostics, enable advanced firewall logging - try to reproduce the issue (this time it shouldn't manifest as you said) - stop logging - collect another set of logs with ELC. Finally upload both archives generated by ELC to a safe location and drop me a message with download links.

In order to automatically clean any PUA that is found, set cleaning mode to Strict cleaning in the on-demand scanner profile that is used for a scan, in this case "in-depth scan" profile. If you don't want to take any action, run a scan in scan-only mode, ie. without cleaning.

Please do not post unrelated stuff here. You originally asked about a port scan attack. Regarding configuration of your router, ask your ISP if you are having whatever issues please.

1, What operating system is it? If Window 10, then not all updates are part of Windows updates. If you don't want to be notified about missing OS updates or only about critical updates, you can disable / configure this feature both in an Endpoint and ERA agent policy. 2, You can have non-ESET applications reported if you enable that option in an ERA agent policy:

The communication is not blocked by ESET unless you have created custom rules to block this communication. The addresses listed in the KB must be allowed on a 3rd party firewall that you may be using or which is between your computer and ISP.

This was fixed about 30 minutes ago. If you have LiveGrid enabled and working, it shouldn't be detected any more. Otherwise it will be fixed after an update which is being prepared.

Please make sure that ESET can access servers listed in https://support.eset.com/kb332/, especially those that Antispam communicates with.

Since this is an English forum, please post in English so that moderators and other users can understand you and answer your question. Unfortunately, it is not clear to me what you mean by synchronizing with Last Pass.

Please collect logs with ELC but also select "Quarantined files" in ELC before you click Collect. When done, drop me a private message with the generated archive attached.

Does actually pausing the firewall or disabling it completely in the advanced setup make a difference?

You can try temporarily uninstalling ESET to see if the issue goes away. If it doesn't make any difference, you will reinstall it and continue with further troubleshooting. If the issue doesn't manifest without ESET , try the following, one at a time, to narrow it down: - temporarily disable automatic start of real-time protection and reboot the computer - temporarily disable protocol filtering - temporarily disable HIPS and reboot the computer.

This forum is not the right place to report urls. Please follow the instructions at https://support.eset.com/kb141/.

There seems to be an issue with real-time protection since downloaded eicar.com must be detected. Please collect logs as per the instructions at https://support.eset.com/kb3404/. After clicking "Replication start", download eicar.com and then click "Replication stop" if eicar was not detected.

Upgrading to ERA v6.5 is not mandatory but highly recommended. For a list of changes, please refer to https://forum.eset.com/topic/11316-eset-remote-administrator-6531-has-been-released-and-is-available-to-download/ and https://forum.eset.com/topic/13632-eset-remote-administrator-6534-has-been-released/.

In your screen shot, the first two records don't have the "Scanned folders" column completely visible but I assume that all drives C: - I: are listed there. Please confirm. Also I'd like to ask you to generate a complete application dump during a scan via the advanced setup -> tools - > diagnostics - create. Make sure that the dump type is set to full. When done, collect logs with ELC, upload the generated archive to a safe location and drop me a pm with a download link.

If you compare the number of scanned files, please always disable Smart optimization to rule out the possibility that files were skipped thanks to various optimization techniques applied on trusted or already scanned files that we use. What you could try: 1, Enabling logging of all scanned files and comparing the logs after 2 subsequent scans. 2, Between the scans switch to pre-release updates and back to invalidate cached records. Anyways, with Smart optimization disabled step 2 should have no effect on the number of scanned files.

Although it's possible to set it in gui, update won't be attempted in 30 minutes interval but every 60 minutes which is the default value. Of course, LiveGrid connects to servers and downloads blacklists in shorter intervals and when needed plus v11.1 introduced a new types of definition updates to make response to new threats even faster. As for the other settings you reported not to have retained after upgrade, we are checking it with testers. Although upgrade and settings retention is part of QA tests, we'll rather double-check it now.