Marcos

Again, SSDP related:https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol If you are having no issues, leave it as is. In case of an issue, use the firewall troubleshooting wizard to allow the desired communication.

Again, SSDP related: https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol

https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol

Please provide a screen shot of the alert you're getting and one of the exclusion setup where the exclusion you've entered will be fully visible.

Did you contact ESET LA who provide support for Mexico? Did you get a confirmation email with your ticket ID? If so, please provide the ID so that we can ask staff from the branch office to find out the status of your ticket. They should have asked you for a dump from the crash for further analysis by engineers.

I've just downloaded and installed French Canadian ECSP from ESET's website and with French Canadian set as preferred language, it looks ok to me:

If you have Windows 8.1+ and ESS/EIS v10 installed, it's ok.

That's probably not a good example because Hijin25 mentioned a problem with egui crash, not anything related to performance issues. Also nobody else has reported the crash so far but we'll look into it regardless. Still waiting for an answer to my questions, ie. which of the steps listed in my earlier post helps and resolves the issue for you and what operations you are doing when the performance impact is noticeable.

Could you please post a screen shot of the Specialized cleaner window that pops up?

You can enable it via a policy as shown below. The ESET LiveGrid reputation system queries ESET's servers for reputation information about files to ensure quick response to new threats, possible false positives and to improve performance by omitting trusted (whitelisted) files from scanning. We also recommend to leave the submission of samples and statistics enabled which helps us create better detection and improve cleaning of newly emerging threats. Documents are excluded from submission by default. In environments with strict policies where no file is allowed to leave the network, submission of samples and statistics can be disabled without losing benefits provided by the LiveGrid reputation system.

Please check C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html and trace.log for more information about the issue.

Unfortunately, you didn't post screen shots of the rule details. Please do so as without knowing details, we can't tell if the rule is set up to block the application or not. As MichalJ noticed in the screen shot, the application is listed as the source application. That means, the rule would prevent SecureCRT.exe from running other applications. Please follow MichalJ's instructions.

What kind of notification do you mean? Could you post a screen shot?

Probably the best would be to connect via RDP or a remote admin tool to find out the location of the desired executable.

Allegedly disabling "Advanced scanning of browser scripts" could help as ESET would not inject its dll into browsers for advanced script scanning. Of course, we don't recommend doing so. I'd better drop EMET in favor of ESET's advanced protection.

Since I assume that no moderator will be able to answer this, I'd recommend asking in the Cisco Support forum at https://supportforums.cisco.com/community/6001/vpn.

Not sure if turning off Exploit blocker would suffice, perhaps @itman would be able to tell. If that doesn't help, I'd suggest not using EMET as disabling HIPS completely would also disable Advanced memory scanner as well as Ransomware protection.

I'd suggest distributing update files via an http server instead of local shares to avoid hassles with rights and the limit for the number of concurrent connections that operating systems have. Ideally you should use an http proxy instead of a local mirror which will also reduce the amount of data downloaded from ESET's update servers.

V10 works on Windows XP SP3 like v9 does. I've used it since v10 was first released and have not observed any issues.

In interactive mode, you don't create rules manually. You only confirm to create a rule if you are asked to and don't want to be asked about that communication again.

In your screen shot, there's a field called "Application". By clicking the "..." button, you'll browse for the desired application for which the rule will be applied to.

The detection is correct. The NSIS installer contains a FusionCore dll which is correctly detected as PUA. PUA detection is optional.

There are currently no plans to add support for skins. It would require too much effort and an AV is basically an install-and-forget software that users don't work with on a daily basis.

Why install v9 if v10 works on Windows XP? Use v10 unless you have some issues. If an issue is XP related, then most likely v9 wouldn't work better either.

Only one real-time protection can be enabled at a time.