Marcos

If you are able to reproduce the issue, carry on as advised in one of my previous posts: 1, Enable advanced firewall logging in the advanced setup -> Tools -> Diagnostics. 2, Restart the computer. 3, If the issue occurs, create a dump via the advanced setup -> Tools -> Diagnostics -> Create (dump). 4, Collect logs with ELC as per the instructions linked in my signature. 5, Upload the generated zip archive to a safe location and pm me a download link.

The detection is correct. The application meets criteria of potentially unwanted applications which is optional detection. Since this forum is not a place for reporting or disputing detections, please follow the instructions at http://support.eset.com/kb141. Having said that, we'll draw this topic to a close.

Firewall rules are evaluated differently by V8- and v9+. We do not recommend importing the configuration previously exported from an older version. If you want to preserve settings, simply install v10 over v8.

You can use C:\users\*\AppData\Local\......\filename. A better way to exclude a PUA is by excluding it by name regardless of the location as follows:

I don't think it's caused by activation of gamer mode. GM merely temporarily disables updates and scheduled scans so it should have only positive effect on performance.

Hello, the website is now unblocked.

The certificate used by e.nexac.com has expired today. The owner of the site should replace it with a valid certificate.

As for the icon missing in the system tray, please create a Procmon boot log as per the instructions linked in my signature. When done, compress the generated logs, upload the archive to a safe location along with ELC logs (zip archive) and pm me download links.

Linux version updates as frequently as Windows version and receives the same modules, including the detection engine, as Windows version.

To start off, please supply me with ELC logs as per the instructions linked in my signature. According to the screen shot, v9 was installed just recently and the issue occurred right after installation. Could you confirm that a computer restart didn't make any difference?

It's not detected as malware but as a potentially unwanted application which is optional detection. You can exclude it from detection in case you want to continue using it and don't want to disable PUA detection completely.

Please post a screen shot of such alert.

After installing ESET, you are presented with a window where you can either enter your license key to activate the product or activate a 30-day trial version. You can access the activation window at any time from the main gui -> Help and support -> Change license.

V10.0.390 is currently the last available via in-product update. We plan to release an update to 10.1 also for 10.0 users once a version with the pause protection option in the tray icon menu is available.

Try selecting the app in the advanced setup -> Web and email -> Protocol filtering -> Excluded applications.

EFSW 4.5 is very old and modern Windows Server systems are not fully supported. What's more, it's missing advanced protection technologies for protecting against advanced malware, such as LiveGrid, Advanced Memory Scanner, Exploit Blocker, etc. I'd strongly recommend uninstalling EFSW 4.5, installing v6.5 and protecting the settings with a password to prevent potential attackers from disabling or uninstalling the AV. The same goes for Endpoint and ERA; the latest version providing best protection is ESET Endpoint Security 6.5 which also includes Network attack protection module as opposed to ESET Endpoint Antivirus. This module was able to proactively protect unpatched computers from recent WannCry attacks when EternalBlue exploit was exploited to spread WannaCry through LAN. ESET Endpoint Security v6 was one of 3 security products to prevent exploitation of the infamous vulnerability in SMB. As for decryption possibilities, please email samples[at]eset.com a couple of encrypted Office documents, payment instructions as well as a zip archive generated by ESET Log Collector as per the instructions linked in my signature.

If you use Edge as the default browser, launching Secure browser will open Internet Explorer and therefore Edge is not affected by BPP. This is not the case with Chrome. Try disabling all extensions and see if the issue goes away. Are you able to reproduce it with Firefox set as the default browser?

Did you previously upgrade to v10 by running the Live installer and installing it over v8 or you performed in-product upgrade to v10?

Did you try to uninstall v10 and install it from scratch? The thing is v8 settings were preserved during upgrade and v10 attempts to update from v8 update servers but this fails.

This forum is not a means for reporting possible false positives on URLs. Please follow these instructions http://support.eset.com/kb141 once you've fixed the problem with the certificate. Problems with the website: - recently hosted malware - uses a self-signed untrusted certificate: https://www.ssllabs.com/ssltest/analyze.html?d=sorry.rip#whyNotTrusted

I've heard from a colleague of mine that it's only possible to quit gui via Activity monitor. We don't prevent users from closing gui on Windows either but killing it is not possible.

I mean that only privileged users should be able to modify settings not set by a policy or disable the AV:

Aren't those users members of the Privileged users list that you define in ESET's Mac products?

You can re-enable Defender via GP easily if you decide to uninstall ESET. However, to prevent clashes of 2 real-time protections running at a time, we strongly recommend disabling WD before installing ESET.

Is there any interesting information or error in status.html or trace.log on the client?