Marcos

Please temporarily change logging verbosity to Diagnostics as instructed above and check the ESET Event log to find out how often LiveGrid issues occur.

If you are referring to CloudCar, it should be detected and blocked upon download. It's not meant to be executed.

Does the issue go away after disabling automatic start of real-time protection followed by a reboot? Does the issue occur with any USB flash or hard drive?

I'd suggest contacting customer care and providing them with a Process Monitor log generated as follows (for instructions, see https://support.eset.com/kb6308/): - Before connecting the external HDD, start logging with Procmon - Reproduce the problem, ie. click "Safely remove" - Stop logging. Save the log with the pml extension in an unfiltered form and compress it before providing it to customer care for perusal. Also provide them with logs collected by ELC and information whether the problem occurs with any USB hard drive or flash disk or only with the WD backup drive.

In that case you can turn off "ESET LiveGrid is not accessible" notifications in the advanced setup -> tools > user interface -> application statuses -> general. If one has a permanent Internet connection, these notifications should be kept enabled as LiveGrid is crucial especially for protection against Internet-borne threats. Please do not mix more issues in one topic but rather create a separate topic for each issue. In a new topic please explain what you mean by reading USB flash disks; do you mean copying files or simply opening a document from it takes a lot of time? Does it happen with USB flash drive?

If you are getting notifications about problems connecting to LiveGrid servers, please carry on as follows: - In the advanced setup -> tools -> log files, change logging verbosity to Diagnostics - Reboot the computer - Download CloudCar - Collect logs with ELC and provide me with the generated zip archive.

ESET v11 was officially released and announced earlier this week.

Is the CloudCar test file detected as "Suspicious object" when you are getting this notification?

What happens if you click "Check for updates" in the Update pane?

Hello, please provide the output from running the following: echo “SELECT * FROM kext_policy WHERE team_id = ‘P8DQRXPVLP’;” | sqlite3 /private/var/db/SystemPolicyConfiguration/KextPolicy

You can disable media scan in the advanced setup -> Antivirus -> Removable media to ensure that no scan will be running when you attempt to remove the USB drive.

It's not possible to prevent automatic upgrade. Please clarify why would want to stay with 10.1.235 and not upgrade to v11 or newer version in several months or years? We provide protection as a service and do not distinguish between program versions any more; v11 is just an internal version number but it doesn't appear anywhere in the product except in information about installed modules and product version.

Users cannot usually distinguish a clean site from a compromised site. Could you please provide some examples of websites that you think they are clean but ESET is blocking them? If you think it's a false positive, a proper way of reporting them to ESET is by following the instructions at https://support.eset.com/kb141/.

Consumer products are not distributed as msi installers but with a bootstrapper as an executable. Extracting msi and running it will not work properly, a bootstrapper is needed to accomplish all tasks required for a successful install.

I can confirm that we do not use any third-party software to scan UEFI. It's a feature fully developed by ESET.

Is the CloudCar test file detected upon download as "Suspicious object"?

It's hard to tell because there's no security solution that would detect 100% of threats. I'd suggest enabling detection of potentially unsafe applications and running a full disk scan.

1, Download ESET Live Installer. 2, Launch ESET Live Installer. 3, Activate your ESET product. 4, You're done By the way, there is already v11 available so we recommend using it.

Deactivation should be performed automatically if ESET's products are properly uninstalled from a device.

First of all,I'd suggest uninstalling v10 and installing v11 using default settings.

Yes, that's intentional. ESET has become more cloud-centric and contains smart features to protect you from malware on different layers so the version of the detection engine is not as important for maintaining protection as it used to be in the past.

EIS is the former ESS, it's just that the product was renamed. All ESS features are present in EIS v11. ESET Smart Security Premium is EIS with Disk Encryption and Password Manager added.

Please enable advanced update engine logging in the advanced setup -> tools -> diagnostics and run update. Then disable logging and provide me with the updater*.etl file created in the Diagnostics folder. Alternatively you can collect logs with ELC and provide me with the generated zip file.

Files were encrypted by Filecoder.Locky. Unfortunately, decryption is not possible but we recommend keeping encrypted files in case that it will be possible in the future. According to the screen shot, you have ESET Endpoint Antivirus v5 installed. Without further logs and export of the configuration, it's impossible to tell what happened. Generally we strongly recommend: - upgrading to the latest version (Endpoint v6.6) - enabling all protection features, including LiveGrid and Advanced heuristics on execution in the real-time protection setup - securing RDP - protecting settings with a password - enabling detection of potentially unsafe applications. Last but not least, back up important data on a regular basis and practice safe computing.

What version of 1Password do you use?