Marcos

You must have too many files, probably many archives or iso images that were scanned internally. You can try temporarily disabling scanning of archives to confirm my assumption. Anyways, the second scan should be much faster when it comes to stand-alone PE files as whitelisted files will be omitted from scanning.

For how long did you wait after sending an ERA component upgrade task? Depending on the database size and server load, it may take several hours for upgrade to complete.

Never seen a definition of a next-gen firewall. What do you mean? ESET uses an advanced firewall with intrusion detection system and network attack prevention that protects users from exploits exploiting vulnerabilities at the network layer.

Removable media can be scanned after being inserted / connected. A scan is not started after removing / unplugging a medium; it would make no sense either as there would be nothing to scan. If you are positive that a scan is started after removing a removable medium, please contact your local customer care for further troubleshooting.

Does disabling notifications about Gamer mode activation in the Application statuses setup make a difference? Do you notice alny effect on Gamer mode on performance? On modern systems even running update while playing games should not be noticeable.

You can disable notifications abot gamer mode activation in the Application statuses setup. Since we release only 4 updates during the day, I don't think that using the Gamer mode would have a noticeable effect. If you use a multicore CPU, even updates while playing games should not be noticeable.

HIPS does not verify the signature of these drivers. It's a list of fundamental system drivers that will be allowed to load even if no allow rule exists for them in the policy-based mode.

Please provide a screen shot of the alert or better a complete record from the Detected threats log.

Users may want to create different rules for an application. E.g. one may want to allow rundll32.exe to load legitimate applications and create allow rules for them and ask about everything else the executable would attempt to load.

I'm pretty sure the rules are not identical. If you edit these two, you should spot a difference.

You should just enter your license key when installing ESET from scratch to activate it. The license key is enclosed in the email that you received after purchase.

In the advanced update setup there's an option Disable notifications about successful update which is enabled by default.

Could you please elaborate more on the connection issues to secure websites? Please provide some examples of such websites and clarify how the issue manifests. Do you get any error in the browser?

Please provide a screen shot of the "ESET Security update" popup window.

The problem allocating memory may occur if you run on-demand scans with logging of all scanned objects enabled. In such case, it generates large logs which also fragments memory to such an extent that the largest free memory block may not suffice for compiling updates. Could you confirm or deny that you have scanning of all scanned files enabled? If so, disable it and restart the computer. You can also collect logs with ELC and drop me a pm with the generated archive attached so that I can review your configuration and check logs.

Please elaborate more on what update errors you've been getting. If possible, post a screen shot as well. Do you use firewall in automatic mode without any custom rules?

The problem could be that the system temp and tmp variables point to d:\temp. Currently upgrades fail if the temp folder is located on other than the system volume. Try uninstalling v10.1 and installing it from scratch.

Please collect ELC logs as per the instructions in my signature and provide me with the generated zip file.

Device Guard will be supported as of Endpoint 6.6 which is going to be released soon.

SysInspector basically does not have false alarms as its purposes is only to evaluate the suspiciousness of files or registry values based on various criteria and does not take any action on these objects. It's up to the analyst or user to interpret whether or not the object is suitable.

Boot sectors can be scanned only if a scan is run with administrator rights. Hiberfil.sys is exclusively used by the system so other applications can't access it. As for the other files, it could be that the current user doesn't have permissions to read them or they are exclusively being used by the system.

Please enable update engine advanced logging in the advanced setup -> diagnostics -> tools and run update. When done, provide me with the updater*.etl log created in the diagnostics folder. If it's the known issue that seldom occurs after upgrading from v9 to v10, then uninstalling ESET, deleting the registry key "HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security" and installing v10 from scratch should do the trick.

You must run it from the ESET install folder, otherwise you'll have to specify the path to the ESET install dir via the --base-dir= parameter.

Could you please try again? We were experiencing a glitch with activation servers at the time you made the post.

We're currently experiencing difficulties with activation servers. We apologize for the inconvenience. EDIT: The issue has been resolved.