itman

Continuing my suspicions, I did a bit of research on the Private Internet Access VPN web site. It uses a TAP adapter: https://www.techradar.com/vpn/what-is-a-tap-adapter . That is a virtual network adapter. Next and interesting is the way to reset this adapter is via this command; C:\Program Files\Private Internet Access\pia-service.exe" tap reinstall All this leads me believe that the issue in Eset ver. 16.2 lies with its network connection processing not properly identifying and setting up the virtual network adapter connection.

I am beginning to believe the issue with VPN usage in ver. 16.2 is not the firewall but network connection creation and processing. In ver. 16.2, firewall profile and the network connection created are synonymous. For example in ver. 16.2, you can't modify settings for any Eset generated network connection other than to specify if it is Public, Private, or Automatic determined. What I suspect is happening with VPN usage is every tine the VPN is started, Eset is creating a new network connection for it resulting in a new firewall rule being created. Open Eset Network Connections and see if many connections exist there.

Do you want to add an additional seat to an existing license instead so Eset can be installed on another device on your home network?

The problem here is watchseries.id/home is redirecting to coldvain.com which is a malicious domain: https://www.virustotal.com/gui/url/f2c6635077070164272e1bb87eda93042adf453ff6fb094e20c99a8281289202 . You need to contact the web site admin of watchseries.id and info them of this situation.

Your bookmark is most likely for hxxps://watchseries.id/home.

No. Only users enrolled in Eset Beta Tester program are allowed access to Beta versions. You will have to wait until it's released to the pre-release channel.

Version 17 is projected to be released in November;

Of note is if the "X" symbol is selected, the result is the disabling of the browser green frame indicating B&PP mode is active: https://help.eset.com/essp/16.2/en-US/idh_config_opp_badge.html . The browser remains in B&PP mode. If file uploads are allowed with the green frame disabled, that is the source of issue for some unknown reason.

Must have something to do with these 2 web sites. I can upload 25+MB file to a public file sharing site in B&PP mode w/o issue.

Is rbpf.bs your ISP and you receive e-mail from them?

Below are the results of tracert to rbpf.bs from my device. Connection is being made; However the above shows that rbpf.bs domain, also confirmed by Robex output below, has nothing to do with the Bahama government; Note that the results show rbpf.gov.bb domain. Perhaps that is the one you should be using?

Sound to me like a backbone DNS server issue to me. Can't help on that one.

No problem with access to that domain on my Eset installation;

I can't access this domain in a browser.

I can access the domain w/o issue in a browser. As such, I don't see any blacklist activity by Eset;

The website is using outdated software resulting in a high security risk use classification by Sucuri; https://sitecheck.sucuri.net/results/universalpackagesys.com .

I am posting a link to Eset's official notification article on this issue: https://support-eol.eset.com/en/trending_weol2023_10_2022.html . Specifically noted in this article is; It is fairly obvious that Eset will not be providing this notification disabling capability in NOD32, EIS, or ESSP. Furthermore, it is Eset long established policy not to allow for disabling of critical operational notifications in these products. -EDIT- Removed prior EULA reference based on this posting: https://forum.eset.com/topic/1169-future-changes-to-eset-nod32-antivirus/?do=findComment&comment=173136 . I really give up on Eset licensing practices; they are a total and complete mess.

Actually, you will hear silence since this has been asked and answered multiple times. The latest Eset response is here: https://forum.eset.com/topic/1169-future-changes-to-eset-nod32-antivirus/?do=findComment&comment=173013 . FYI - Aryeh Goretsky is head of Eset's N.A. subsidiary which handles all product sales and support in the U.S. and Canada. Since your Windows versions are LTSC, you are wasting time on this quest in futility. Instead you should be applying the applicable KB update to your Window installations

Eset detection here is not the only issue. Domain is first blocked via uBlock Origin TPL detection.

Per Sucuri web site analysis, below is the Newspaper plug-in being used. Is this the latest plug-in version? Also Sucuri noted that the password entry field on this web site is not encrypted; i.e. HTTPS, meaning it can be intercepted by a hacker.

Another important detail is no data exists on where to make the payment to. This leads me to believe the e-mail itself contained this info along with possibly a malicious link. I assume the .pdf was an attachment to the e-mail. Bottom line - there is nothing malicious about the .pdf per se other than to support the attempted scam attempt. -EDIT- Duh ..... Just realized the .pdf was a receipt. So the whole purpose was to get the e-mail recipient to open the .pdf. Was the attachment a .pdf or something else? I suspect the later. Let's say the attachment was an archive. When Eset scanned it, it removed any malware leaving the benign .pdf file.

Refer my prior posting here: https://forum.eset.com/topic/37283-interactive-firewall-useless-since-162/?do=findComment&comment=172757 . As long as the NvDisplayContainer.exe firewall rule specifies child processes, all outbound network traffic from it will be blocked. It is the NvDisplayContainer.exe child process that is performing the network connection.

Product enhancement requests are to be posted to this forum section, "Future changes to ESET NOD32 Antivirus."

@Marcos suggested you contact your in-country support source first. Since you are located in the U.S., go to the bottom of this web page: https://www.eset.com/us/existing-customers/ . Then initiate a Live Chat session, or submit a technical support request.

I notice this also. You have to manually close the B&PP home page to view the URL in B&PP mode you originally entered. In previous versions, the B&PP home page auto closed.