Nightowl

Be patient my friend it might take a little bit of time for Marcos to reply.

I will take a look , or just format the laptop so I won't have to deal with Microsoft problems.

When I right click on the desktop and then click Personalize or Display Settings , all I get is an empty system32 cmd window, that might explain why when I click Run Update in ESET , the same thing happens.

It seems that the bug is caused by Windows itself , even though I am trying to open Display Settings , I only get a CMD window, I just don't know what is the cause of this.

That's weird , the Refer to your friend button should be under 'Help and Support'

Is that Windows Server?

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* When you paste this into notepad and then you try to save it , also ESET doesn't detect it? , if yes then there is something wrong. ESET Linux do detect it and remove it.

For the next purchase just buy the license yourself not from any reseller , go straight to ESET website and they will redirect you to their website and then you get all the details about the license in e-mail. Else just go ahead with what itman told you , the store have the license they should give it to you as you already paid for this.

It is because ESET is constantly reporting about failing to connect to socket due to AppArmor. Check this topic : https://forum.eset.com/topic/16859-cannot-connect-to-tmpesetssockpermission-denied/

I have tried to configure AppArmor to work along ESET , so far I have configured /opt/eset/esets/lib/libesets_pac.so AppArmor stopped blocking libesets at the moment , still trying to figure it out with the other messages. If I succeed I will provide with the workaround. Okay what is left and what I think now is preventing ESET is that AppArmor is denying cups and dhclient., I think AppArmor is preventing ESET from touching cups and dhclient because they are prevented in AppArmor , I guess I leave them like this. What I have done : First of all I did use grep to find out what is being blocked in AppArmor, grep denied /var/log/kern.log To checkout what is being blocked sudo aa-autodep /opt/eset/esets/lib/libesets_pac.so To add libesets_pac.so to AppArmor in complain mode so it will prompt you with block or allow And then for prompting of blocking and allowing : sudo aa-logprof You will be prompted 2 times about libesets you need to allow it twice and then save the conf. You will experience blocks from dhclient/dhcp-helper and cups As far as I understand , dhclient and cups by default are denied in AppArmor by the default config , so that's why when ESET is trying to connect to them or scan or I don't know exactly it's being blocked If someone from ESET team could provide more assistance it would be appreciated. aa-logprof won't prompt you about dhclient,cups because they are in enforced mode not in complain, if it's possible an advice by ESET to know if it's ESET that is trying to access them or not , because in the log the DENIED time is the same as ESET's log ESET is being denied this : apparmor="DENIED" operation="connect" profile="/sbin/dhclient" pid=1231 comm="dhclient" family="unix" sock_type="stream" protocol=0 requested_mask="send receive connect" denied_mask="send connect" addr=none peer_addr=" apparmor="DENIED" operation="connect" profile="/usr/lib/NetworkManager/nm-dhcp-helper" pid=2747 comm="nm-dhcp-helper" family="unix" sock_type="stream" protocol=0 requested_mask="send receive connect" denied_mask="send connect"

I will try to see what is the cause of the CMD prompt , I will try to re-produce the bug.

And that probably why I get an empty CMD admin window when I click it , it seems that there is something that prevented it from triggering.

Yes I understand what apt-get remove/purge does , but I wanted to know how did you fix it , I understand now that you did install an earlier version of libssl

So what you have done is removing the libssl and you did replace it with something else?

I think that explains it , I mute all of the Windows sounds.

Is that what you are looking for ? :

Same here , never heard sounds from ESET.

I think if you request from your ISP they will provide you a router so you can make your cable modem as a bridge mode and then connect it to the router and your devices should be connected to the router while the router have the firewall on , so it's more safe and secure to stay behind a router more than to stay behind not-protected cable modem. Or you can go ahead and buy a router without requesting from the ISP Example : Cable Modem as Bridge Mode connected to a router let's say a OpenWRT router , And then your devices are connected to the router and behind a firewall with a configuration that looks like this that will keep your incoming ports closed or hidden(stealth/reject) And then there is the option in the router where you can block pinging and ICMP,but most important is to filter/block all of the incoming ports unless you need a port opened or forwarded to a device then you can do it.

Sadly , OpenWRT do really change the router in terms of everything in the firmware. I never heard of Hitron before also.

If your router firmware is old and there is no updates for it and you want to switch firmware check out this website : https://openwrt.org/ It's an open-source firmware that can turn your router into a good router.

Yeah kind of Norton app lock does do the same as the Android lock would do It will prevent you from looking at the screen in the recent area. You could send it as feedback to ESET team so they can consider it and maybe add it as a feature.

I will try and I hope for a good result, Thank you Marcos.

Why not , you just configure AppArmor to allow ESET to do it's job , it's similar to Windows Isolation system and yet v12 supports it Free alternatives like Sophos can work along with AppArmor , so the question why ESET cannot. Disabling AppArmor is not really recommended because it isolates the programs from touching the system where they are not meant to touch the system. Customer Care doesn't really respond to this , or will reply to me that it's not supported , but now most Linux distros use SELinux/AppArmor , so why disabling a security feature in Linux for the AV to work instead of working as extra layer of protection.

Check the PC that you received the Flood Attack from , ESET should give you the IP of the source. See what is causing the flood attacks.

You are welcome