zamar27

Adapters use can change: today its Ethernet wired, later its WiFi, then VPN virtual adapter. Eset install may happen long ago, internet provider and their DNS IPs may change by then too. Can you refer to an article that says inherited from Windows DNS IPs must be visible in Firewall Zones? I sent a request to tech support using the form since Marcos never replied, but Eset server replies "store.esetme.com’s server IP address could not be found."

I tried all possible profiles already as reported above. The error persists. Did you manually enter DNS server IPs into the adapter IPv4 Properties in Windows? Or Windows obtains them from your gateway modem?

Glad to hear this. Alternatively, you can also play with Cyberghost traffic blocking features.

There are many fields in Eset Settings inherited from Windows and not visibly populated. The OP runs Eset in a VM, but I don't, and still have the same error. I don't know whom you address your replies, but this is a public forum, many folks often report same bugs. 😋 Eset doesn't pass all traffic freely, I can see it in Interactive mode, it popups windows at each request. I can create new rules, just not with Trusted Zone. I noticed interesting practice though. Eset staff often fixes bugs based on forum reports, and at times pushes fixes through daily updates. Folks still debate the bug, but it may gone already. I think Eset staff should notify about fixes in such threads.

If Eset traffic is blocked by VPN servers, use Cyberghost Split Tunneling feature.

If you believe they need to be populated because they are on your PC, they are not on mine, and Eset Firewall functions somehow, I can see it in Interactive mode. They might be inherited from Windows settings as well, and hidden for that reason. I now switched off VPN, changed WiFi to Private, noticed changes in Eset Network Adapters (it now shows local WIFI as Trusted Zone), switched from Interactive to Automatic Mode: and still no smoking cigar, the same error persists when adding Trusted Zone: "nonexistent zone". One might assume some portions of Eset code require relogin or reboot while others don't. I also agree that a VM may represent challenge to Eset when calculating Trusted Zone, unless defaults are populated by staff, since VM network connection types vary, and generally differ from physical PC connections. But I just run Eset on a physical hardware, no VM, therefore its safe to assume this is a bug. 😊 The question then is, why your settings are populated, and mine aren't? What's so special about your network or may be other relevant settings? Can you try the same in Interactive mode? Does relogin or reboot play into it? For starters, my DNS server IPs come from provider through hardware chain and therefore not visible to Eset, while yours may be manually entered into adapter IPv4 Properties?

You may think twice about it while connected to a public WIFI hotspot, which in some cases may be your home WIFI router network, even seemingly password protected. 😉 It depends to what degree you trust your neighbors in and out of the network.

I'm using Eset Firewall now in Interactive mode. I changed a network connection to Private in Windows, got the adapter in Trusted zone in Eset Setup-Network Protection-Connected Networks-Network Adapters, and still got the same error in Eset adding a Trusted Zone to any Firewall rule. There're some terms variations here: in Windows the term Zone is used in Internet Options-Security, and aims at setting Security Levels at Internet browsing, initially by IE, but it applies to any browser now. Same term is not used in Windows Network Settings, being replaced with Private and Public networks with other set of rules. This might be a consequence of earlier IE integration by MS into Windows, where Internet Options become part of OS settings. Windows Firewall and Defender seems to have a default set of rules (security levels) for each Zone defined in Internet Options, but a user can change the level for any zone. I wonder where Eset Firewall zones fit into this? It defines Trusted Zone somewhat similar to Network Types in Windows, i.e. Trusted Zone seems to correspond to Private or Office network type, while inheriting Windows Network Adapter (connection) settings, which may include hidden Windows Firewall rules related to Security Level (zone) in Windows Internet Options. It looks, an Eset staff Firewall expert should give a more accurate reply how Eset Trusted Zone is calculated. Anyway, the trusted zone was not added to Advanced Firewall rules in my tests, showing "Error: nonexistent zone" despite Private network present, which seems to be Eset Firewall bug.

Its allowed, but not required for a user to add anything in Eset Firewall Zones. Active network connections if exist are auto imported from Windows to Eset with their profiles, as well as all network adapters. Trusted zone should be computed by default for Private network connections if exist, such as Home or Office network, but not for Public networks.

Did you mark any of your LAN or WiFi adapter profiles (network connections) as Private in Windows Settings - Network & Internet - Adapter Type - Adapter Name - Profile, or Eset Setup - Network protection - Connected Networks - Properties?

Excluded were in Eset? 😋 Eset becomes so multifacet by following protection market trends that "exclusion" option is offered directly or indirectly in multiple Advanced Settings sections. Of course Autodesk can't specify that in the article referring to any A/Vs. Its quite challenging for a typical user to differentiate actions of all options in various Eset Advanced Settings sections. On the other side, a user can contact Support with specific issues.

I don't see Windows GUI degraded by Eset at idle, only when installing Eset updates, and may be a little when verifying some launching EXE or downloads. But its unclear from above Help description, who creates rules for Automatic mode: are they created beforehand by Eset staff and added at program install, or they are generated by running Eset software? In this case, why they are called "predefined" and have priority over Learning mode rules also generated by Eset? 😊

Eset also claims to protect against Ransomware. So why run several programs?

In previous Eset for Home releases one could disable egui.exe launch at PC startup in MSCONF. Now ecmds.exe at PC startup launches EGUI proxy, which seems to launch EGUI to show Splash at EIS launch, and then closes it. I don't think EGUI once closed represents a serious drawback for your system graphics performance. Just look at Process Explorer - its not running. 😉 One can switch off showing the Splash in Eset settings. Run resmon, eventvwr and other performance analysis tools to see what's hogging your PC.

Eset's deep behavior inspection is set by default to Automatic mode. I also noticed some CPU and laptop fan usage raise after recent Eset update. I wonder if Eset Deep Behavior Inspection Automatic mode means Auto Leaning mode, i.e. Eset checks a driver or launching EXE only once, and if allowed it no longer inspects its behavior at the future launches or activities?

Eset frequently checks for and receives updates. While installing them, CPU is busy, which on weaker PCs results in slowing other activities. It also communicates with LiveGrid cloud, and might be blocking some unusual activities while waiting for LiveGrid reply?

I suggest to upgrade to Win 10 as well, its less huggy than any earlier releases, except some deep Win XP hacks for old laptops with minuscule RAM. On top, use Chrome with a tab suspender extension, and you'll be OK using an old PC for daily tasks.

On my system EIS 12 is asking for 50MB, and occupies 100+MB. Its pretty light at work, though not sure to what extent it actually detects or prevents intrusion and how fast. You can review HIPS logs in v12, enable Advanced Logging, change Logs verbosity level

I think these findings should be complemented by posting details of your PC hardware, so other Windows Eset users may get some idea to what degree they might be affected compare to you. In your case, I wonder if its possible to disable GUI in Eset Home products via Commandline, Registry, or Windows or Eset settings files similar to disabling it via Advanced setup in Eset commercial products? Can you test would it be sufficient to just disable Eset GUI without disabling its drivers to improve Windows graphics performance?

As an example, ExpressVPN too has a KIll Switch and also Split Tunneling feature that allows to choose which programs traffic is passed through VPN tunnel (virtual adapter), and which goes straight through the physical network adapter. Some VPN clients like Windscribe offer Firewall control instead of Kill Switch, which includes Allow LAN Traffic option. These are advanced features, seldom offered in most VPM clients, yet any of those can seemingly be implemented by proper Eset Firewall setup by a user, if not available or switched off in a VPN client. These features in VPN clients manipulate settings of Windows Firewall. There's an interesting Reddit thread, where VPN devs explain what's the difference between VPN Kill Switch and VPN Firewall control, since many reviewers don't know that. There were reports on this forum in the past that Eset Firewall crashes when traffic is passed through two or more network connections simultaneously. I didn't test that, and if that's still the case, its an Eset firewall bug that may prevent implementing the above advanced settings. They should still work if used in VPN clients, since these modify Windows Firewall rules Eset Firewall complies with in default settings.

That should also ideally be GPU accelerated by 3ds Max proper setup.

Any VPN Client supplied Kill Switch or Firewall Control seems to kill all internet traffic when enabled, including all Win 10 chattiness regardless of Win 10 Firewall default settings, unless it offers some advanced options like allowing LAN or specific Windows internet traffic. All traffic is restored once VPN connection is active. You can watch that with Windows Resource Monitor, Netlimiter or similar 3rd party tool, and also with Eset Tools - More Tools - Network Connections.

Eset Gamer Mode, which seems to suspend realtime protection when a game or another app is in Full Screen mode, doesn't seem to kick in when browser addons like Chrome Native Client apps are playing videos in Full Screen, while an open Chrome window on the background isn't maximized. This results in Eset excessive writing video stream to disk to presumably check for viruses. Is there a keyboard shortcut allowing to Disable Realtime Protection quickly without clicking a sequence of multiple buttons each time before launching a video playback from the web? Can a user add a Custom Keyboard Shortcut like this? Or is it possible to activate Eset Gamer Mode with a shortcut?

Did you follow this? 😮

It depends on Firewall settings set by a user. I wonder why Eset doesn't explain much in Firewall Help articles giving typical examples of popular firewall settings and scenarios. Eset Firewall will block all non-VPN traffic on a physical network adapter, if a user added Deny Any Traffic rule in Firewall Advanced Rules for the Firewall Profile assigned to that adapter (connection), regardless whether alternative VPN connection (mini-port or virtual adapter) is enabled and active or not. Once you enable VPN connection, the traffic will flow through it. When you disable it, any traffic will stop. This is an equivalent of Kill Switch of a 3rd party VPN Client activated when VPN connection is interrupted, since not every client offers its own Firewall control or Kill Switch.