peteyt

Lightshot will give you some kind of offer to a toolbar or something like this but not RAV , I know the installer and yes ESET detects it as PUA but not the application itself , just the installer.
I believe it came from uTorrent if that's the two things you recently installed along with Qbittorrent , since Qbittorrent is open source they won't offer any kind of bloatware or toolbars
in the same time uTorrent does

I don't know what kind of antivirus they offer , but it's better to stay away from it , since qBittorent is much safer option than what uTorrent will throw at you.
BiTorrent and uTorrent are owned by same company , and it's not like what it used to be before the program itself , Deluge or qBittorent is a better option since they are open-source.
Update:
Yes I am correct it is uTorrent , Bittorrent is removed by ESET as PUA upon download , Utorrent isn't , I didn't run it but

Hi there,
 
I think it would be very appreciated if there was a shortcut for Gamer Mode in the running applications tray on Windows; where there are options like "Pause Protection", "Pause Firewall" etc. It is somewhat annoying to open the app, navigate the menus, find Gamer Mode and turn it on/off.
 
Kind regards,
Fırat.
 

Most emails that claim to have pictures of you, tend to be false. They use scare tactics to make people think they have compromising stuff, which they don't. In some cases, they will put a password in the email to try and make you think that this is genuine. Sometimes the password is just a guess, but in some cases, they will gain them from published website breaches, to make the email seem genuine

Most emails that claim to have pictures of you, tend to be false. They use scare tactics to make people think they have compromising stuff, which they don't. In some cases, they will put a password in the email to try and make you think that this is genuine. Sometimes the password is just a guess, but in some cases, they will gain them from published website breaches, to make the email seem genuine

I think what's gone wrong here is that ESET stopped supporting Linux for home users. They migrated people with Linux licenses to Endpoint without charging anymore. So i suspect that is why it shows as you having an Endpoint license and not a Linux license. 
Since Linux for home use is no longer supported. Your efforts to consolidate won't work as Linux is no longer part of the multi device pack. As you can see in your screenshot only Windows Mac and Android are supported. 
You may be better of requesting a refund and getting the correct licences for what you need. 

I performed another test today and I know what the issue is with LiveGuard and I don't like it one bit.
This time I went to the developer's web site and downloaded one of his publicly available apps. Due to my previous modification of Firefox download behavior which now results in a full file download being performed, only one submission to LiveGuard was made:
Time;Hash;File;Size;Category;Reason;Sent to;User
4/2/2022 12:11:46 PM;DC329F9AE0F78F20E475B5536D37C74DDE438C79;https://downloads.winupdatestop.com/latest/winupdatestop-standard/setup;46104056;Executable;Automatic;ESET LiveGuard;xxxxxx
Like the previous downloads mentioned in this thread when accessing this file in my Downloads folder, the behavior was the same. Eset, via Win Explorer Context Menu display, showed the file blocked by LiveGuard. However as with the previous downloads, I could execute the downloaded file.
This downloaded file, as with all the other downloads described in this thread, were code signed. Not Microsoft signed, but signed with a third party CA issued code signed cert..
The bottom line here is LiveGuard is not blocking execution of code signed .exe's. Rather its processing in this instance is identical to existing LiveGrid processing. All a malware developer has to do is code sign his 0-day malware .exe and you're nailed.
LiveGuard needs to add an option setting to process all not previously seen code signed .exe's excluding Microsoft code signed ones.

I have found out why LiveGuard didn't block access to the downloads from the developer provided URLs and it's pretty ugly. Let's get into the nitty gritty details.
Again and important, the browser used in all these activities is Firefox.
I performed another LiveGrid test yesterday by downloading a test malware from a Palo Alto web site:
Time;Hash;File;Size;Category;Reason;Sent to;User
3/31/2022 4:55:56 PM;8F8B9EF492042A968A0148FDEE7859C9A65DC458;C:\Users\xxxxx\AppData\Local\Temp\4ykilt5h.exe.part;55296;Executable;Automatic;ESET LiveGuard;xxxxxx
The file in my user Downloads folder was actually blocked and not accessible. Also, I did shortly later receive a confirmation from LiveGuard that the file was safe and LiveGuard then unblocked the file.  This parallels previous downloads in review of my Eset Sent files log. That is when Firefox downloaded the .part file to my User Temp folder, LiveGuard performed as expected.
Now about those downloads from the from the developer provided URL. Here's the Eset Sent log entries for those:
Time;Hash;File;Size;Category;Reason;Sent to;User
3/25/2022 4:49:29 PM;E59A11B7A7FA3D06D40BCB9225393462AF34CD41;https://downloads.novirusthanks.org/license-manager/update/v1/setup;28416576;Executable;Automatic;ESET LiveGuard;xxxxxx
Time;Hash;File;Size;Category;Reason;Sent to;User
3/28/2022 2:30:37 PM;499FB0A1734C95E33C220204B79A36A53BAB8B24;https://downloads.osarmor.com/nvtlicensemanager_setup_v1.5.2_test2.exe;28721072;Executable;Automatic;ESET LiveGuard;xxxxxxx
The important point to note is the downloads capture source by LiveGuard was a URL. Also upon access to this URL via Firefox, the file download processing initiated immediately.
Firefox made some important changes in ver. 98 in regards to file downloads as noted below:
https://www.ghacks.net/2022/03/08/mozilla-firefox-98-0-here-is-what-is-new/
The change most significant is bold highlighted. 
When the download from the developer's URL initiated, it was directly created in my Downloads folder without any immediate User Temp file download as was the previous Firefox download behavior. It appears Eset's LiveGuard processing in regards to Firefox is dependent upon file creation in the User Temp for both Downloads folder file locking and safe verdict rendering activities.
I have now changed Firefox settings to its previous file download behavior to always ask where the download should be saved to as a temporary workaround. This reverts to always creating a .part download in the User Temp folder.
@Marcos Eset developers needs to address this issue immediately.

I wouldn't be surprised if this is against esets terms and conditions as you are basically attempting to use a paid product for free by creating multiple accounts 

This is the issue i have. I'm a fan of Eset but it seems other AVs are looking at extra features.
For example some AVs have a protected folder feature that could protect user files if infected by ransomware e.g. certain documents that the user rated important and/or critical. Notice my use of the word "could" as nothing is every bulletproof but ESET's answer to this seems to be it could theoretically be bypassed so why bother. I mean to me an AV could theoretically be bypassed so why bother?
To me even if something is not 100 percent guaranteed as @itmanmentioned in regards to the ransomware rollback features of Kaspersky (and what ever can be truly 100 percent), surely if they are generally reliable as in they work in most cases, then it worth it. I feel it's better to have that extra layer and extra options and customers will also favour the options.
At the end of the day marketing also plays a crucial role in AV sales and if an AV is offering more features that users want and at a cheaper or even free price then they will go for that AV. As I mentioned in the feedback post I have to plan to leave Eset and hope this doesn't appear to be a threat as it isn't. As someone who tests Beta versions of Eset and helps where I can (although my knowledge is basic) I just want Eset to be the best it can and to grow. I sadly however do feel Eset is holding itself back, possibly scared how to implant some features to avoid complicating users who don't have any knowledge and would be afraid of an alert asking the user to make a decision.

Someone else might be able to help you with the learning mode as it's not something I currently use, but your Son might be fine with just Automatic, which is the recommended setting for general users/non technical users.

I'd like to add that that while I enjoy Eset and enjoy being part of the insider testing group, and have no plans myself in leaving, I've seen that some features missing are being offered by the competition and other users may decide to jump ship.
For example a lot are offering more features to help with ransomware e.g. protected folders, rollback etc. While these can go wrong e.g. ransomware may break into the protected folders, surely it is better to have it as extra protection.
Same goes with things like the ability to block things with no or low results. If disabled by default I can't see it causing too many issues if users are given a warning.

"What have the citizens of russia done to eset or anyone?"
As for me, I believe, the government is there to do things on behalf of me, and if so, every citizen of every country is responsible, not only their presidents.
I suggest to not continue this thread, it could lead to political debates, and ESET security forum is not the right place for that.

I've used many AVs in the past but prefer Eset.
I should however warn you that this might be classed as against rule 15 of the forums
15. Do not post "A vs. B" or "Which product is best?" type messages in the forum.
 
 

I wouldn't be surprised if this is against esets terms and conditions as you are basically attempting to use a paid product for free by creating multiple accounts 

Problem with sites like these is they cannot validate the license so someone may sell a license to more than one user when it was only purchased for one. The license will then automatically get blocked as it detects more people using it than should be. For this reason it's always recommended to purchase from Eset itself

Problem with sites like these is they cannot validate the license so someone may sell a license to more than one user when it was only purchased for one. The license will then automatically get blocked as it detects more people using it than should be. For this reason it's always recommended to purchase from Eset itself

I presume there is something possibly big or corrupt on the flash drive. Have you tried scanning some stuff individually to see if you can pin point the file

As mentioned in this topic bellow 
 
I'd like to suggest having a page that shows a list of all modules and their version numbers, dates etc. for both Stable and Pre-Release updates.
The idea is simple - if someone thinks their product might not be updating, they can check the list, and see if their modules match. I've seen some people question that some modules haven't updated in a while, and have worried they have a problem. This would reduce posts about this, and mean people can possibly identify update issues.
 

I will add to what marcos has put above  by adding over the years, new features have been introduced e.g. ransomware protection, network device monitoring and just with the new version 15, ransomware shield.
I have seen other AVs in the past change their UI each year and sometimes it felt like a way to hide there wasn't much new. While I always like to try new versions and see changes, changing the UI just because makes no sense. If it is for making things easier then fine but just to change the look could cause more issues. I'd much rather see Eset add more features over changing the interface 

As mentioned in this topic bellow 
 
I'd like to suggest having a page that shows a list of all modules and their version numbers, dates etc. for both Stable and Pre-Release updates.
The idea is simple - if someone thinks their product might not be updating, they can check the list, and see if their modules match. I've seen some people question that some modules haven't updated in a while, and have worried they have a problem. This would reduce posts about this, and mean people can possibly identify update issues.
 

As mentioned in this topic bellow 
 
I'd like to suggest having a page that shows a list of all modules and their version numbers, dates etc. for both Stable and Pre-Release updates.
The idea is simple - if someone thinks their product might not be updating, they can check the list, and see if their modules match. I've seen some people question that some modules haven't updated in a while, and have worried they have a problem. This would reduce posts about this, and mean people can possibly identify update issues.
 

Problem is if Eset GUI and drivers loaded at the same time they would have to wait for windows GUI first.
By loading eset services and stuff before the Windows GUI has loaded, eset is protecting you from the start. If it waited for the Eset GUI it would potentially put the user at risk.
I presume some stuff will have more priority. Not sure if it could be quickened though or if that would cause delays

This is why I think having somewhere with the module version numbers could be handy - as sometimes people think theirs are out of date and not updating properly because someone's is higher as they are using pre-release updates

To avoid things like this coming up again and again would it be possible to have a webpage which would show all the current modules for normal and pre release @Marcos
This would also allow people to know if they had an issue

This is why I think having somewhere with the module version numbers could be handy - as sometimes people think theirs are out of date and not updating properly because someone's is higher as they are using pre-release updates