Marcos

You shouldn't be getting this alert unless you are using an outdated engine version. The latest one is 14931.

Should you encounter any actual performance issues, I encourage you to let us know and we will be happy to assist you and provide a solution.

ESET CyberSecurity Pro 6.4.128 is now available for download. The new version addresses various issues. Let us know if installing it resolves your issue as well.

In order to completely disable real-time protection, you'd need to disable the automatic real-time protection start option in the advanced setup and restart the computer. I'd like to emphasize that worse results in this benchmark do not mean that ESET affects your system performance badly; the issue is expected to manifest basically only with this benchmark application. We were even unable to reproduce the issue with the latest version of the application.

This is an English forum so many of us don't understand what you mean without using a translator. To prevent misinterpretation, I would strongly recommend contacting your local customer care. Licensing may be specific for particular countries but generally I don't think there should be a problem buying 2x 5-multidevice packs as a natural person as opposed to a legal person who is not entitled to purchase these packs intended for home users.

Yes, it does.

It seems that ehddrv.sys and eamonm.sys drivers were not updated as they are from v9. Please uninstall v10, run the Uninstall tool in safe mode to make sure there are no leftovers and then install v10 from scratch.

Please show me ransomware that encrypted files despite having v10 with ransomware protection enabled, ideally with HIPS 1260+ installed. I'm not saying that with v10 you will receive 100% malware protection or that you'll be 100% protected from encryption. However, if you used the same malware sample to test other products at the same time, most of them would likely fail to protect you from encryption even if ESET protected the system and prevented the encryption. If you want to discuss this, please create a new topic as this one is about the splash screen and not about ransomware protection.

It depends on rules that you have created. E.g. if you have created a more specific rule for wscript.exe with a specific path to files and then you create a general rule with no path specified, the former rule must be placed above the latter as the rule with the first matched condition is applied. The order of HIPS rules cannot be changed; more specific rules take precedence over generic rules; if there are very same allowing and blocking rules, the blocking rule will take precedence. I'd suggest upgrading to v10 to gain true ransomware protection and using Smart HIPS mode. With Smart HIPS mode you can enable the option to be notified about changes that occur in autostart locations in the advanced HIPS setup. If an application with bad reputation attempted to make changes to the run key for instance, you would be notified about that then.

Upgrades to newer versions are free so your assumption is not correct. ESET does not earn any extra money by releasing newer versions. Also the very basic product ESET NOD32 Antivirus does not have any new extra features added, ie. it does not contain Anti-Theft, Webcam protection, Password manager, etc. so the other argument about getting more bloated is not correct either. And protection features like Ransomware protection, Advanced Memory Scanner, Exploit Blocker, Script scanner, etc. are in no way redundant as they significantly improve protection and are of real benefit for every user.

To start off, please drop me a pm with the output from ESET Log Collector attached. For instructions, see the link my signature.

Please provide more details about what did you actually do. Did you set password protection for all accounts before enabled Anti-Theft? Did you mark the computer as missing in the AT portal? Please pm me your registration email address for my.eset.com so that I can check the status of your device.

I don't think that it is a legit wpad proxy configuration file. Also Locky has been detected on that IP address and the reason for blocking it was Sundown exploit. Check the automatic proxy server configuration in the IE setup and make sure the path to the config. file is not set to the above mentioned url.

ESET can detect fileless malware in the registry or memory, e.g. Kovter, Poweliks, etc.

Please provide me with eav_logs.zip that you've scanned according to the screen shot above. The link pointed to actual malware detected by ESET.

We at ESET value our users and strive for providing you with as effective protection against emerging threats as possible. This requires implementing new protection mechanisms and techniques in newer versions. In the version 10 of our products new features like Ransomware protection module, AMSI scanner, script-based attack protection, network protection and many other improvements under the hood were added to protect you better from newly emerging threats and especially from Filecoder ransomware. In order for users to get maximum protection, they should keep the most current version installed. In the case of version 8, it protects better than v5 did but less effectively than v9 and even worse than v10 does. That's also the reason for keeping users' ESET products up to date; if there was no update offered users would live with a false sense of security and would get infected easier, subsequently asking us why we didn't protect them better. That has been happening and most infection cases have been reported from users with older versions who don't take advantage of advanced protection techniques implemented in new versions. The End of life cycle of ESET home products is available at http://support.eset.sk/kb3678/. Products that reach the end of life phase will ultimately stop receiving updates after some time. Last but not least I would like to assure everybody that ESET is listening to you and if there is anything in terms of functionality or issues with newer versions that prevents you from upgrading to the latest version, we will be glad to look into it and do our best to get the things improved or fixed. We strongly encourage you to let us know about your concerns and we will do our best to make new versions tailored for you, if possible.

Please create a Wireshark log during an attempt to download CloudCar. Couldn't it be that a firewall is blocking communication with LiveGrid servers? For a list of addresses that ESET communicates with, see http://support.eset.com/kb332.

Disabling SSL filtering is not a solution. I would never recommend doing that as IMAPS, POP3S and HTTPS communication will not be filtered. As a result, potential malware on an https website might not be detected and blocked. If the problem persists, supply me with logs gathered by ESET Log Collector as per the instructions in my signature.

It takes some time for unblocking to take effect, approx. 20-30 minutes at maximum as long as you have LiveGrid enabled.

Reported in https://forum.eset.com/topic/10989-htmlscrinjectbgen-virus-false-positive-for-visualstudiocom/. The FP will be fixed momentarily.

Seems to be a false positive, the url has been unblocked. Next time please report possible false positives to samples[at]eset.com as per the instructions at http://support.eset.com/kb141.

ESET File Security v6 is fully compatible with Windows Server 2012 R2 and people use it on DC too. It supports automatic exclusions as per recommendations from Microsoft.

You've said that you get pop-ups from F-Secure. Does that mean that you don't have ESET installed? It's important to have only one AV running at a time. If the threat is not detected by ESET, please provide me with logs from ESET Log Collector as per the instructions in my signature.

You can export the root certificate by navigating to the SSL/TLS setup in the advanced ESET setup and clicking View certificate. On the Details tab you can export it by clicking "Copy to file" and then by following the Certificate export wizard. In case of issues with importing the root certificate to supported trusted CA certificate stores, we'd need a Process monitor log from the time of enabling SSL/TLS scanning for perusal.

On Windows 10, also real-time protection will be disabled due to a protection mechanism in Windows which will activate Windows Defender when ESET stops updating.