Bordonbert

That's all good now Itman, thanks for the link. I had basically done what they recommended and I think close to what you would suggest. I don't disagree with the principle of being warned about this potential threat, only when it is applied to files I know are absolutely secure as I generate and constantly work with almost all of them myself. I have simply added the IP addresses of my two NAS drives, and yes, they are static. I'm not going to disable this warning for other PCs on the network as one is my wife's! 🤫 Let's just say, I do recognise that others may not be as knowledgable as myself with external files. Other sporadically connected mobile devices I look on as almost less secure toys and I won't trust anything that goes out into the outside world with such weak security as they do. I'll monitor the situation and adjust where I now see fit given that I have a clearer view of what is going on but I think that sorting out and allowing the NAS drives alone will be the fix.

Thanks to both of you for your advice. I do understand the reason for this to happen, I'm fairly security conscious at all times. Files like an .exe I can completely understand. Even a .docx file for example from an unknown source location with macros I get too. I am not in a commercial network, I'm working in only a home environment with a few machines and mobile devices on the network where I depend on a couple of NAS drives. Marcos' advice has shown me how to add them as trusted sources which I have now done. Here's hoping. I'm afraid I can't find the area you pointed me to Itman. When I get to App & Browser Control there is no sign of Reputation-Based Protection anywhere to be seen or anything similar. I'm on Win10 1.0.19045 at present. I would have thought it should show up there. Could this be because I have Microsoft Defender Smartscreen and the two other options switched off? I made sure to switch all such settings off when I installed Eset SSP as I thought SSP took care of things. Should that be switched back on? Will that not conflict with Eset or fight with it for authority? I have seen similar things in the past with Windows. EDIT: Looking at the screen I do get I can now see it is very similar to the one you show in your screenshot. Mine is just titled App & Browser Control and is missing the Potentially unwanted app blocking option.

Can anyone please help me with this irritating feature? I have Eset Smart Security Premium 16.1.14.0. It is fully active with Windows Defender turned off yet I keep getting Windows Security messages warning me that "Opening these files might be harmful to your computer". Windows Security then informs me that "Your internet security settings suggest that one or more files may be harmful. Do you want to use it anyway" when I simply try to move or copy them. This applies to even basic .docx and .jpg files. It's irritating having to Ok a simple process like this every time I follow it. I have tried to follow online instructions to turn it off in Security -> Virus & threat protection -> Virus & threat protection settings, but of course Defender is switched off and Windows seems to think, "you dare to turn it off and use a third party setup? then!" There is an area in Eset SSP at Setup -> Computer Protection -> Advanced Setup -> Notifications where there are a plethora (today's word) of individual messages to switch on or off but I can't see anything which seems relevant to this issue. How do I stop this message from being posted?

Ok we have a fair bit to update here to round off. The ESET team have spent a lot of time talking to me, both support and development teams, with screenshots sent and acknowledged and I am very grateful for their help and advice. Their support has always been second to none in my experience. One thing is becoming clear, this is most likely not an ESET programming issue. I now have the problem Samsung mobile (on Android 9 and too old to update further), a second Samsung mobile and a Samsung tablet (both on Android 11 and also fixed there), all running ESET Mobile Security alongside ESET Password Manager and using Chrome. The second mobile and the tablet work flawlessly. The older Android 9 mobile refuses to co-operate. We can't expect ESET to spend valuable development time chasing a problem which is so vaporous and not of their own making and I am happy with that. Thanks to the support team for their attention. It is now clear that there are areas of overlap with Android/Google/Samsung/ESET settings which may impact on each other. For example: Autofill is enabled in both Android and Google Chrome. Does Google's setting only apply to their own Chrome Password Manager or does it impact on other third party managers too? Do they clash? Does one take precedence and override the other in either enabling or disabling? And the default Password Manager has to be defined in Android Settings -> General Management -> Autofill Service, which it is to ESET in all three machines. However in Apps -> ESET Password Manager -> Defaults, it still shows as 'Not Set' and any selectable options to set it there are greyed out! There are far too many external settings to get right in order to let Chrome use EPM as its default Autofill app and I seem to be missing something somewhere. Believe me I've crawled all over all three units to find clashes in their settings and can't find anything which is obvious. Does anyone have any experience of this problem, or can you suggest anything to try? Now to the workaround solution. I installed Firefox on the problem mobile just to check the breadth of the problem and, whaddya know, it worked out of the box! So the answer seems to be clear. If Chrome gives anyone else this sort of problem, (and I can't believe I or my mobile or its settings are in any way unique), then simply ditch Chrome! It only seems to be with Android 9 so I would guess it won't be a terribly common occurrence if it ever appears again.

Thanks Marcos. I have done this now and ESET have responded immediately. We are talking and swapping info at the moment. I will make sure to come and report on any advice they give and whether we find an answer which might help others.

Hi. I have Eset Smart Security Premium on 5 PCs and laptops. It works flawlessly on all and Password Manager is very easy to use and totally reliable. I also have the Password Manager app on my own mobile phone, a Samsung Galaxy A20e running Android 11. It syncs the password store with the other devices perfectly and when I login to a site it offers the autofill option for ESET Password Manager just as it should. I have the same EPM app setup on my wife's mobile, an older Samsung Galaxy J3 running Android 9. Password Manager syncs up correctly and shows the same list of sites and login details but it absolutely refuses to allow any autofill functionality. The option for Autofill in each account in the Manager does not even show the Autofill option to tick. (I know this is normal.) In the Android system I have checked and both phones are showing System Autofill is enabled with EPM as the chosen manager. On my wife's phone I can access the login details in Password Manager itself but I then have to Copy/Paste them across manually. In my own phone, when I login to a site, entering in the Username field brings up the option to "Auto fill with ESET Password manager" which when selected then enters the correct password. Why is autofill not offering me the Eset Password Manager details in my wife's mobile as it does on my own?

The only permission I can find which is relevant is the Android setting permission to autofill. The android password manager has no option to allow or disable autofill for the app itself. I'm on Android 11 and was totally unaware of the Adaptive Battery setting. I've now switched it off for a while to check out the idea that it might just affect this issue. In fact the problem has moved on a step. After a reboot of the whole phone the Username can at least be filled in. If I tap in the Username entry box the option ESET Password Manager is offered. Tapping on that enters the Username. Still no password though and that action has no effect in the Password entry box. It still steadfastly refuses to enter the password for me. My wife has a much older phone than mine which cannot move past Android 9. She has the same problems and can't even get that same Username entry to work at all.

We have it installed now Marcos. It works - kind of! We can login to the Password Store using its email address and the list populates correctly. However, it doesn't autofill under any circumstances. There is no autofill option in the Password Manager to tick. The ability to autofill is definitely allowed in Android but Password Manager still doesn't enter the credentials itself and doesn't even offer the possible logins for you to choose from. It requires Copy and Paste across into the site. Other people seem to be finding this too from what I have read online. I'm not sure where to go from here other than sending another report to Eset themselves. If you or anyone can suggest anything else to try I would be glad to give it a go.

I've just checked in the mobile licence on Eset's site and it does show as "ESET Mobile Security Google Play". Does that affect whether I can access the Password Store from the phone?

I assume this is on the mobile you are talking about Marcos? I have a feeling I did go through Play Store though I can't be certain of that now. This is on the back of upgrading my PC installation of Internet Security Suite to Smart Security Premium in response to Eset's offer of a free upgrade until the next licence period. I was looking to replace Lastpass anyway as they had a ridiculous hike in their price for just their Manager. I would have upgraded Eset next licence date without that so it made sense to take up their offer. I use Eset in Chrome and just searched for the Download online. I guess it would probably have taken me to the Play Store. I do remember reading somewhere else that that could lead to difficulties.

I'm sure this must be a done deal by now as it seems such a normal type of requirement. Hope you can advise me and give me a starting point for the issue. I'm a long time user of Eset software and I have Smart Security Premium set up on my family's Windows PCs with a multiple user licence. I am using the Password Manager feature successfully, (Lastpass with its price hike is long gone). I would like to be able to access my Password Manager Account entries on my phone when out and about. I can't seem to get a handle on figuring out the starting point of that one. I would imagine that I would need Eset SSP installed on the mobile too but I don't think they can be on the same licence. Is this much simpler than I am imagining or is there some special requirement I have to fulfil before I can do this?

Hi. I'm upgrading from LastPass to Eset Smart Security Premium Password Manager. I have exported all of the Lastpass data to .csv file and successfully imported into Eset from that. However, Lastpass exports each entry with a "Name" field and the Eset import totally ignores that and it remains empty for every entry. I have even tried exporting from Eset, it includes a "Title" field which is completely empty, then correcting the Title fields and reimporting to Eset. It says that the import was successful but it still ignores the edited Titles. Can someone suggest where I am going wrong?

Yes! The answer is simply that I have had each of the machines logging in to Anti-Theft under the wrong credentials so they have effectively been linking with some other account, perhaps their own which means there could be a number of rogue redundant accounts knocking about in the Eset database. The answer is just to go to Setup/Security Tools and turn off Anti-Theft. You will need the credentials of the account you originally entered here when you first turned it on to allow that. When it is disabled it simply vanishes from the Anti-Theft side of the account though it stays visible in licence manager. Turning Anti-Theft back on and entering the correct credentials for your main Eset account allows it to then be seen in Anti-Theft. Once I logged in correctly all of the machines showed up in the Anti-Theft Manager page. The two rogue machines were still listed as "Suspicious" but there was now a process to relabel them as "Recovered" and remove the yellow stigma. All sorted. This has occurred purely due to my own confusion regarding the relevance of that "dummy login" which I seem to recall I read that this functionality needed. I wonder if this is meant to be a dummy Windows login which I can see I actually have? My apologies to Eset for the silly mistake. I will message their support updating them and try to remove the rogue accounts which are now not needed.

I'm getting there. It seems I misunderstood something about the setup of this function. Somewhere I know there is advice that you need a dummy email account for something. I have it inserted as the login for Anti-Theft on my machines so it seems the devices are talking to another account which I never access. I have just tried changing the Anti-Theft login on my main PC to the usual Eset account credentials and voila, the machine has appeared. I'm goping to try this with the other devices and see what comes up.

Here is a couple of screenshots of what I am seeing. The first is what I currently see when navigating to the Anti-Theft section of my account. The machines have anti-theft enabled and are reporting being active and covered in their settings but they do not appear in the anti-theft listing. The second is the listed machines under my account showing the two marked as Suspicious.. I have just found out now that there seems to be some conflict in logins which I must have caused. My licence and account is registered under one email address and, as I understood it, the anti-theft had to be based on a different email address to work as it should. If I login to anti-theft under my original account address I see the screen in the top half of the picture with no devices listed. When I login to anti-theft under the alternative email address supplied especially for that purpose I get a partial list with a couple of the non-problematic devices showing and two old devices showing expired Trial licences which have now been added legally to the current multiple licence but still seem to be hanging around here. I have removed those two now. However, the two problem devices listed as Suspicious are nowhere to be seen. I wonder if I have these registered with the incorrect email address for anti-theft meaning that function is not activated on this account? Is that a possibility?

I have a current licence which is being used legally for a number of machines. I actually have one licence spare at the moment so there should be no problems with that. These show up on Licence Manager as "green ticked", activated and current just as they should. Two of them are flagged as "yellow pling" and "Suspicious" though this does not affect their protection in any way. They are all showing last connection as within a few days. They are both laptops. I believe this may have been due to a number of incorrect logins in the past which Eset sees as possible evidence of theft, understandably. This does not seem to be a time related thing which will reset itself, they have been like that for a long time now. Is there a way I can remove that Suspicious tag and get these machines listed as fully accepted again?

Hi guys. We have Internet Security 13.2.18.0 in on two separate machines, one Win10 and the other Win7, both using Chrome and both have this same problem. Very occasionally we may get a potentially vulnerable site opening in a secure browser via Eset. Most of the time we do not get that and the site opens in the current instance of Chrome. This is for obvious monetary sites like Paypal and Halifax Banking etc. Sites are accessed from Lastpass password manager. (Yes, it's going in favour of Eset's manager as soon as the current licences run out and I upgrade). I searched in the forum and found a reference to unticking "Setup -> Security Tools -> Advanced Setup -> Web & Email ->SSL TLS '+' -> Exclude Communication With Trusted Domains". I assume this will allow Eset to tell me when it was setting up the Secure Browser system? Others say this cured the issue for them but this has made no difference to me. When we access say Halifax's login site we simply get it opening in the current instance of Chrome with no signs of a secure browser setup. I have checked and the correct matching URL is listed in the Eset whitelist under "Setup -> Security Tools -> Banking & Payment Protection (Cogwheel)", and that item has its "Secured Browser" option selected in the list. I would be grateful if someone can point me at what I could be missing?

Well!!! I pushed the app download by repeatedly waiting for it to fail and then resuming it so it gradually picked its way across the entire download. It finished by locking up and reporting that it only had 2.8MB then after a couple of minutes it suddenly decided it had the whole 4.8MB file. What do I know? The app has collected its logfiles but I'm not sure they will contain anything useful yet as I am not sure what order to do all of this in. It will not upload to the site as the .zip is 250MB. I obviously left logging on too long even though it was only for the duration of the painfully long download process. In the meantime the update has actually completed successfully, don't ask me how. I therefore cannot run it again to collect a new set of logfiles until the problem shows up again. On downloading the LogCollector app it takes literally no perceptible time at all to download the whole 4.8MB again. I'll have to rest this here for the moment but if it is ok I will leave the thread open until I have updated again and can be sure things are clear. Apologies for the fragmented nature of this issue but it has been like knitting fog here at my desk.

Pinging the eset server by name I mentioned above, updf5.wip.eset.com gets a mixture of 31/32ms responses and response timed out so the connection to it looks shaky at best. Settinbg up a display filter for "ip.addr == wupdf5.wip.eset.com" crashes Wireshark consistently and that is something I have never known.

I'm still trying to get my hands on the Log Collector app at the moment. Of course it is a download and it took over 5mins to show as 0.1MB of 4.8MB. It trickled along for a long while so I persevered. Then it also failed! Judging by the activity on my router which was going crazy, there is something somewhere which is choking the life out of my connection. I now have every other device on the network switched off but my own PC and the traffic has calmed down a bit but is still pretty active. My current situation is that the download of Log Collector app has failed at just over 1MB. Eset IS started the update once again of its own volition. I have also cleared the update cache and tried again manually but with no difference. I am running Wireshark on the network and can see a stream of packets from and to updf5.wip.eset.com. Many of these are reporting [TCP Retransmission] followed by [TCP previous segment not captured]. There is a long stream of those blocks where you can see the multiple attempts listed one after the other. Once the upgrade fails you can also see this with communications with other sites too. I'm totally flummoxed.

I'm sorry Marcos, I've misled you by typing faster than I can think. The update was originally only somewhere around 340kB not MB! My apologies for misleading you like that. That's why it was such a surprise to take so long in picking up a few kB at a time every couple of minutes. I've just done another restart and tried it again with the same result. I get a yellow "Attention required" warning with "Modules update failed" under it then when I click on "Update modules" it tries but comes back with "File not found on server". I've just booted up an older Win7 machine I have with Eset IS on that too and it has done exactly the same thing but with totally different filesize reporting. Help And Support reports my current version is 13.2.15.0 licenced until 08/2022.

Hi. I have found references to this problem but they don't seem to have any solution to my own version. I have had no problems at all with internet connectivity until today. Eset IS 13.2.15.0 identified an update and I started it. It reported the total update would be about 340MB. The machine ground to a halt in terms of all internet activity. The update crawled along, and I mean crawled, at a few kB at a time with no HDD activity to speak of until after about 30mins at about 40% completed it failed. I tried again and the same thing happened, then again. However I did notice that each time I restarted it reported a smaller download and apparently started with a sizeable chunk already in place. These figures did not match up between each attempt. I have even tried the update with the Firewall switched off but no difference. It has now given up on the update reporting "File not found on server" if I search for any available updates. Is there something currently going on at Eset central which is causing this problem or is it in my own system?

Thanks Itman, I've asked that now and the guys over there at Mozilla are aware of it too and pondering. I've also checked whether there is a Black Friday folder on the server as you suggested Marcos, I'm afraid there isn't. While I was logged in via the web interface I took the original Banggood email which was still there and forwarded it on to myself again. It came through and opened the dialogue box with the warning about no folder being present and simply posted itself in the root Inbox. This is beginning to look like "user error" in some way though it mystifies me how I could set up that folder, set up the rule, then forget about them. And also not spot it in my day to day email management. I don't have a plethora of folders to confuse me and it was immediately visible within the Inbox folder. Thanks for the help guys, I think I can sleep sound at nights knowing that Banggood hasn't found a way of controlling my communications. Sorry it turned out to be a non-solvable non-issue.

The folder did not exist yesterday though Marcos and has been created by this process which is the worrying thing. I definitely had no Black Friday folder prior to these emails arriving and they were the only two new emails when I checked the PC. It also showed up as "unaccessed" by being there in Bold the same as the emails. My thought was that perhaps the Thunderbird rule was capable of recreating the missing folder when it was triggered. The Spam filter in Thunderbird shows no references either black or white to Banggood. There are no cookies stored which relate to Banggood. It isn't even in my address book which could be relevant as I have the "Do not automatically mark as junk if sender is in Personal Address Book" box ticked.

Hi. I run ESET Internet Security which is kept up to date and permanently running. I use Mozilla Thunderbird mail client managing accounts with Hotmail and Clara. I have just come on to my PC to check emails and found two new ones from Banggood. This is not unusual as I occasionally use them for oddities so don't blacklist them. What was odd and worrying is that these emails showed up in a brand new folder called "Black Friday". I did not create this nor did my wife who is the only other potential user. This folder and both of the emails were listed in bold showing they had not been accessed so no link or attachment had been activated. I also found a Rule in Thunderbird to move all emails with "Black Friday" in their subject into a "Black Friday" folder. I wondered if I had set this up in the past to deal with the plethora of BF emails I receive around this time and had deleted the folder which was being recreated when a new one arrived and the rule tried to fulfil its task. I honestly can't remember doing that but it could be a possibility so I tested that with a new rule and a deleted folder. No dice. When an email arrives to be routed into a folder which does not exist Thunderbird opens a warning dialogue to tell me and puts the email in the root folder for that account. No luck there! Can anyone envisage a way it is possible for an email to create a brand new folder in this way? If it is then it worries me somewhat as I had believed that it would be impossible without some sort of scripting being activated. Is there anything else I can do to find out what has been responsible for this?