Marcos

Is a threat detected after each update? That might theoretically cause a file with bookmarks to be continually deleted.

Unfortunately, you didn't mention what operating system you use. If Windows Vista, Windows 7 or Windows 8, Please check if this applies to your case: https://support.microsoft.com/en-us/help/2664888/computer-stops-responding-when-you-run-an-application-that-uses-the-wi.

I'd suggest contacting customer care as the cause of the issue is not obvious and the case will need to be properly tracked.

This is by design. We had to change the way egui starts in order to comply with Microsoft certification.

Does temporarily disabling protocol filtering in the advanced setup make a difference? If not, what about renaming "C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll" in safe mode?

Try uninstalling ESET, removing all possible remnants in safe mode using the ESET Uninstall tool and install the latest v10.1 from scratch. Let us know if that resolved the issue.

As stated in the blog by Avast: As only two smaller distribution products (the 32 bit and cloud versions, Windows only) were compromised, the actual number of users affected by this incident was 2.27M.

Please see my suggestion above and let us know if it resolves the issue.

Please contact your local customer care so that the issue is properly tracked. At the time when the program asks for a computer restart, the upgrade process should be already completed and the restart is required only for updated drivers to load.

What about this setting?

Should you encounter such issue again, please provide a Wireshark log from an attempt to update.

Do you have protocol filtering and web access protection enabled in the advanced setup?

I'm sorry but if the issue persists after completely uninstalling ESET it's highly unlikely that it's ESET related.

If you have no firewall rules applied via an ERA policy, continue as follows: Create a Procmon log at the time when the error occurs. For instructions, see the FAQ section at the right-hand side of this forum. When done, compress the dump, collect logs with ELC, upload both files to a safe location and pm me download links. If rules are applied by a policy, learning mode will not work.

Please continue with the discussion here: https://forum.eset.com/topic/13175-ccleaner-v5336162-and-ccleaner-cloud-v1073191-had-been-compromised/.

ESET has detected it since update 16099: Win32/CCleaner.A, Win32/CCleaner.B. At that time KAV didn't detect it at VirusTotal yet.

Do you have protocol filtering enabled? If so, please do the following: - enable advanced firewall logging in the advanced setup -> tools -> diagnostics - restart the computer - collect logs with ELC - disable logging Upload the generated archive to a safe location and pm me a download link.

Now advanced protocol filtering logging was enabled but there's still an epfw etl log missing in the Diagnostics folder. Make sure that you actually enable advanced firewall logging. You can leave logging enabled while collecting logs with ELC so that I can verify from configuration if you have actually enabled it.

Each language version has its own installer. The language cannot be changed after installation. Regarding local limitations of your license, please contact your local ESET distributor.

Please clarify what you mean by HNAS. Is it Hitachi NAS or what exactly do you mean? Since I assume that nobody here will be able to give you a satisfactory answer, I'd suggest contacting also your local customer care.

The Diagnostics folder is empty which means that advanced firewall logging was not enabled before the computer was restarted. Please follow my advice and enable advanced firewall logging, then restart the computer and eventually collect logs with ELC.

Since malware changes rapidly, I would personally never use deferred updates, maybe with the exception of highly critical systems. You can leave LiveGrid disabled if you use critical systems where you cannot afford having latest detections. Normally we strongly recommend keeping LiveGrid enabled in order to be protected against recent malware.

I have no clue. Please email the above mentioned stuff to samples[at]eset.com and they will answer you.

Please find it here:

Never saw this happen nor heard about being reported by users. Did you really encounter the issue? If you are able to reproduce it, we would like to troubleshoot it further to find out what caused your system to stop responding.