Marcos

Also check your system date and make sure it's correct.

By the way, my understanding is that Adguard works only as a browser extension. Is that correct? In such case, it won't check the http(s) communication of other processes and therefore it cannot protect you completely from Internet-borne threats.

I have v11.1.54 and it's not possible to disable this notification either.

Not sure if it was ever possible to disable notifications about disabled protocol filtering in Application statuses. Nevertheless, I strongly recommend keeping the protocol filtering and http(s) scanning enabled no matter what other software you use. I don't think that any 3rd party software could protect you from 100% Internet-borne threats so that you could afford disabling this protection. Also since ESET products consist of modules that communicate with each other and may use information from other modules, it's another reason for not disabling it.

HIPS, Anti-Stealth and firewall do not currently work with Windows 10 Insider Preview build 17704. We are currently working on making products compatible with this build and changes that Microsoft has made to the system.

Now both \SystemRoot\system32\DRIVERS\epfwwfpr.sys and \SystemRoot\system32\DRIVERS\epfwwfp.sys are loaded for some reason which is not good. Please try the following: - uninstall EIS - run the Uninstall tool in safe mode - install EIS from scratch

Since everything has been said, we'll draw this topic to a close. To sum it up: HIPS is a fundamental protection module whose outcome of processing is leveraged by Self-defense, Exploit Blocker, Advanced Memory Scanner and Ransomware Shield. Those who want to set up additional HIPS rules and accept certain level of false positives that custom rules may produce can create their own rules.

If the security password you enter is not accepted, please carry on as per the instructions at https://help.eset.com/ems/4/en-US/antitheft_password.html.

I don't understand. For scheduled on-demand scans you can allow/disallow users to pause and even cancel scans. We give admins an option to choose if users should be allowed to pause or cancel running scans. Of course, if you choose that the action cannot be canceled by the user then users won't be able to cancel it.

What product did you pick?

Does installing v4.0.88 make a difference? At any rate, version 4.0.90 is going to be released by the beginning of next week. Do you mean that ESET detected false positives? If you are not sure about a particular detection, submit the file(s) to ESET for a re-check as per the instructions at https://support.eset.com/kb141.

I've just installed EES on a computer with ERA agent installed. During the initial scan, a PUA was detected and cleaned automatically.

No problem here with the HIPS module 1322:

What errors are reported in C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\status.html and trace.log?

I assume that records about whitelisted files are kept. Just for the record, cached data have to be invalidated also after each update of modules. Currently ESLC has minimal impact on performance since caching and whitelisting is basically done in ESET products.

1, This will be fixed. 2, This cannot be fixed / changed. Exclusions like "...\*" are equal to "...\*.*".

This is a known issue with Insider preview build 17704. We should have a solution soon. I'd like to emphasize that standard builds of Windows 10 are not affected, only new insider preview build(s).

Will be fixed in the Configuration Engine module 1685.8 so entering e.g. c:\folder\* will be possible. Currently you can use c:\folder\*.* instead which has the same effect.

ESET's approach is not to bother users with prompts and pop-ups; instead all actions are performed automatically. The fact that you haven't ever seen any notification from HIPS/Advanced Memory Scanner/Exploit Blocker and Ransomware shield is good; otherwise it'd mean you were hit by malware which ESET detected and blocked.

Make sure to disable QUIC in Chrome, clear browser's cache and restart the browser. Also make sure that you have SSL/TLS filtering enabled and the ESET root certificate has been properly imported in the system Trusted root certification authorities certificate store.

HIPS is a fundamental component that provides information about system operations to other HIPS-based protection modules, such as Self-defense, Advanced Memory Scanner, Exploit Blocker and Ransomware shield. Therefore disabling HIPS would subsequently reduce detection and protection capabilities of the product. Simple HIPS rules cannot work without producing false positives.

There is no http communication which is weird. I've found that you have Transocks installed which probably intervenes in network communication. 1, Enable advanced update engine logging in the advanced setup -> tools -> diagnostics, then run manual update. Next disable logging and gather fresh ELC logs. 2, Provide a Wireshark log from time when you open http://update.eset.com/eset_upd/v10/update.ver in a browser. I'd also suggest contacting your local customer care so that the ticket is properly tracked.

What url did you block that doesn't work in Chrome? Isn't it youtube.com by chance?

Don't use any filter. Just select your network interface and start logging.

Please contact your local customer care so that the case is tracked properly. A complete memory dump will be needed as well as a registry dump and other logs gathered by ESET Log Collector. A customer care representative should be able to assist you with this and prepare the stuff for analysis by developers.