Marcos

Please post the etl log here and I will check it out. It can be read only be ESET staff since symbols are required in order to open it in a readable form.

Until 2 or more players connect. You can then review the rules and make them more general. You can also enable advanced firewall logging and reproduce the issue. Then disable logging, collect logs with ELC and provide me with the generated archive.

What about switching the firewall to learning mode for a while until all necessary rules are created? Then you can review the rules and adjust them, if necessary.

Please provide me with your public license ID. Also make sure that those machines were not activated with an offline license file which is intended only for computers that never connect to the Internet.

Only server products can be installed on server operating systems. EIS is a desktop product for consumers. Please contact your local distributor.

Please temporarily uninstall ESET NOD32 Antivirus and install ESET Internet Security. Activate a 30-day trial version since it's a different product than what you have purchased. In the advanced setup -> Tools -> Diagnostics, enable advanced firewall logging and restart the computer. Then disable logging and collect logs with ESET Log Collector. Upload the generated archive to a safe location (e.g. OneDrive, DropBox, etc.) and drop me a message with a download link.

I've taken liberty to rename this topic and gave it a meaningful title. It appears that you have ESET Smart Security Premium installed. Did you really purchase ESET Smart Security Premium and not ESET Internet Security or ESET NOD32 Antivirus?

Files were encrypted by Filecoder.Crysis. Unfortunately, decryption is not possible. We recommend keeping encrypted files in case that decryption will be possible in the future. We recommend: - using the latest version of an ESET product and keeping all protection features active - protecting ESET's settings with a password - enabling detection of potentially unsafe and unwanted applications - disabling RDP or hardening it (e.g. by restricting it to specific IP addresses or ranges, allowing RDP only for users who really need it and use a strong password, etc.) - installing critical patches that are available for the OS, keeping applications updated.

If it was HIPS that prevented you from modifying the registry value, you would have got an error immediately. You can try temporarily disabling self-defense or HIPS completely and reboot the machine to rule out HIPS as a culprit.

Please refer to my post above.

The other ERA server must have the public CA certificate imported in order to trust the agent certificate. Without that, you'd need to reinstall agent and provide the correct CA certificate used by the other ERA server.

Are you able reproduce BSOD with the HIPS module 1309 installed? If you have v1308, most likely you haven't switched to pre-release updates. As for the issue with the firewall, try booting in safe mode and renaming the files epfwdata.bin and epfwuser.dat in the "C:\ProgramData\ESET\ESET Security" folder. Let us know if that helps.

Since everything has been already said and explained, we'll draw this topic to a close.

The file libc-2.23.so is scanned very quickly (a few ms) so it shouldn't have any effect on this. I've passed it on to the developers anyways as I don't think it's scanned in an optimal way. Please provide me with a complete dump of ekrn by selecting full dump in the advanced setup -> tools -> diagnostics and clicking Create (dump) at the time when you are experiencing a high cpu load by ekrn.exe. Then collect logs with ELC which should also include the generated dump by default. Upload the archive to a safe location and pm me a download link.

Updating modules does not cause disconnection of other existing connections. Are you saying that if you download a large file via a browser for instance and ESET updates its modules while the file is being downloaded, the download is interrupted every time? Was this happening with the latest v11.0.159? What version of Windows do you use and what platform is it (32/64-bit)?

Does unticking "ESET Firewall" in your Network connection properties make the issue go away? Or disabling the firewall in the advanced setup is enough? As of v10, we started to use Windows Filtering Platform instead of using a lightweight firewall driver to avoid certain issues, however, it's only used on Windows 8.1 and higher where the functionality is fully supported.

That's not a good idea. If it was time limited, the log might not contain the valuable data that we need if logging was not stopped after an issue has manifested. On the other hand, also extremely large logs would be difficult, if not impossible to process, e.g. if opening very large pcapng logs in Wireshark would take hours or if opening them would end up with memory exhaustion.

As Itman said, personal experience is invaluable. If users were not satisfied with ESET's protection capabilities or performance, ESET's products wouldn't be that popular in many countries, including Japan which you will likely agree is very sensitive to quality and efficiency of any goods. Also if ESET was not good enough, it wouldn't have ranked among two best AV desktop solutions and in top 4 in the mobile segment in probably all annual AV-Comparatives surveys where it's users who cast their votes based on their personal experience with various security products. To sum it up: 1, There's nothing like 100% detection of malware. Tests are always performed on a very limited test set. 2, Without knowing the methodology and its relevance to real-wide use it's necessary to take the results with a pinch or better with a lump of salt. 3, AV solutions may behave differently in different conditions, scenarios and systems. What works for one just fine may not work well for another users. 4, Should you encounter a technical issue, a problem with performance, etc. on a particular system, ESET's customer care and we, moderators of the forum, are here to assist you with pinpointing and resolving it. 5, We are open to constructive criticism. We listen to our customers and improve our products also based on your feedback.

Currently that's not possible since enabling this option will generate huge firewall logs in the diagnostics folder and therefore advanced logging shouldn't be turned on for a long time. I'll ask developers if it'd be possible to create and provide you with a special version of the firewall that would have advanced logging limited to the detection of identical IP addresses.

Please enable advanced firewall logging and reproduce the detection of identical IP addresses. Then disable logging, collect logs with ELC, upload the generated archive to a safe location and pm me a download link.

I'd recommend you try each AV with 100% detection in tests and let us know after a few months about your experience. As itman said, personal experience is invaluable. Also I fully support the idea that everyone should use what fits him or her best. So we kindly ask you to stop complaining about tiny differences in detection rate and use whatever security solution you like most and fits you best.

I have no such problem with EIS 11.0.159 on Windows 10. I see communication stats after selecting the "Ethernet" pane.

I can't think of how ESET could affect the Task manager. You can try temporarily uninstalling it and see if the issue goes away.

Please provide me with the file C:\Users\Ted\AppData\Local\lxss\rootfs\lib\x86_64-linux-gnu\libc-2.23.so. Does excluding "C:\Users\Ted\AppData\Local\lxss\*.*" from scanning make a difference? Do you have WSL installed on Windows 10? Do you have ESET v11.0.159 installed?

I'm sure you meant Emsisoft If we add a behavior blocker, it will have to be unobtrusive and work automatically, utilizing smart heuristics and information from other protection modules to avoid asking the user for action selection (at least in default automatic mode).