Marcos

V8 will reach its end of life next year. We strongly recommend upgrading to v11 as soon as possible. V11 not only brings new protection features but also fixes many issues from older versions.

Did you try to run update manually? Otherwise modules are updated once a day.

As far as I know, Edge for Android is still in the phase of beta testing.

If you run "sc query windefend", is it in the stopped or running state?

That's ok. UEFI is scanned in the background. The scanner is not configurable.

1, Always put "*" before the address if it doesn't start with "http(s)://". 2, Check the list of filtered website for those that were accessed during a Windows update and were blocked. You can then add them to the list of allowed addresses.

We'll need to get this confirmed by more users since in most Procmon logs we didn't see any SearchProtocolHost records. Moreover, in one ticket the user stated that disabling the Windows Search service didn't make any difference but we could not verify if the user really did what he had claimed. (Un)fortunately, the issue manifests very rarely and we have only very few reports of it in the last months to definitely confirm that Windows Search is involved.

What addresses do you have in the list of allowed addresses?

1, Uninstallation of an older version is not needed unless you experience issues during or after upgrade. Installation over an older version is fully supported. 2, The number of scanned files and the total scan time depends on many variables, such as the number of files on disks, the type and size of files (e.g. large archives could take long to get scanned), cpu utilization by other processes and system, permissions of the user, etc. Even if you run a scan as an elevated administrator, there are still plenty of files exclusively used by the operating system that other applications cannot access. 3, ESET does not support Thunderbird in terms of a plug-in that would integrate into it. However, any email received via POP3(S) or IMAP(S) is scanned regardless of the email client. 4, DBX - Email database used by Outlook Express. EML - a standard format for storing particular emails. I'd strongly recommend using default settings unless you need to resolve or work around a particular issue and you know what you are doing. 5, They are intended to be used by ERA or another SIEM to perform certain tasks with Endpoint. 6, Simply drag and drop a file or folder to the box to have it scanned. 7, Probably you are inquiring about HIPS. Use Smart mode if you are able to correctly respond to occasional prompts when a specific suspicious behavior is detected. I'd suggest using default settings which provide the best balance between protection, performance and user-experience.

It's not an issue but an expected behavior if you really disabled ESET's firewall.

You cannot know because only the latest v10.1 notifies the user if there is an communication issue with LiveGrid servers.

V11 was already released a quite long time ago.

First of all, this forum does not serve as a channel for reporting false positives or negatives nor for disputing detections. For instructions, refer to https://support.eset.com/kb141/. It appears to be a different website that was blocked due to malware that it has been serving.

Please provide the logs as instructed in my previous post to troubleshoot the issue further.

System Cleaner should be basically used when instructed by customer care after cleaning specific threats. There's a brief description about what clicking the Reset button will reset (e.g. "Settings that can change the behavior of your computer, such as file associations"). Currently we've integrated the very first version of the feature into v11 and it's subject to further changes and improvements.

Does temporarily disabling the firewall or protocol filtering in the advanced setup make a difference?

I'd suggest the following: - Enable advanced firewall logging under Tools -> Diagnostics and also temporarily change the logging verbosity to Diagnostics. - Reboot the computer. - After you've encountered a problem with the communication blocked by the firewall, disable logging. - Collect logs with ELC and upload the generated archive to a safe location. - Drop me a message with the download link and provide information about the IP addresses between which the communication was blocked and subsequently caused issues.

First of all, please post in English since this is an English forum and most moderators and users won't understand if you post in another language. As for using ESET on 2 computers, you should have a license for 2 computers in order to install and activate ESET on both. Please contact your local distributor. Unfortunately, I don't understand your question about syncing email by antivirus.

Log in to my.eset.com and mark the device as not missing. Reboot the computer to speed up syncing.

If you capture the network communication, where in the frame or packet do you see the hostname? It's not there. Hostname is gathered via DNS requests and it's not a part of frames or packets that the firewall checks.

You are talking about the Application control feature. The role of a firewall is to monitor network traffic and block the malicious or unwanted communication. It's not a role of the firewall to prevent applications from running as it's HIPS which does that. Blocking any application that is not popular and is new could be disastrous because if a popular application updates, we would block it for several hours until it becomes widespread and popular. Also by default users should not be prompted for an action and all decisions would need to be made automatically in a smart way. Although we currently don't support Application control (except blocking apps via HIPS rules), we use an advanced firewall with IDS support and Network protection integrated which enabled us to prevent the infamous Wannacry from exploiting SMB1 vulnerabilities on unpatched systems. ESET was the only one or one of 2 vendors to have protected against it proactively. The same also goes for HIPS. It's a module that interacts with real-time protection, Advanced Memory Scanner, Exploit Blocker and Anti-ransomware protection to ensure maximum protection against new borne threats. For more information about ESET technology, please refer to https://www.eset.com/int/about/technology/.

What version of EAV do you have installed? Have you tried uninstalling it and installing the latest v11 from scratch?

It's not possible since information about the hostname is not a part of a frame or packet. A frame contains information about the source and destination MAC addresses and an IP packet contains information about the source and destination IP address.

I'd suggest disabling the following and see if it makes a difference: - "Removable media access" in the real-time protection setup - "Action to take..." in the Removable media setup.

Sounds like a problem with longer start of the Security Center service. We register to the WSC basically only once during install. The service is dependent on several other services which may delay the start. Perhaps a Process Monitor log would be the best to start with.