Marcos

It sounds like you switched firewall to interactive mode so it asks you to allow or deny the communication.

After running the Uninstall tool in safe mode, you cannot receive the error "Service 'ESET Service' (ekrn) could not be stopped." during installation because ekrn.exe is removed by the tool along with all other ESS files.

They are prehistoric viruses from the DOS era and I'd bet you were scanning one of the infamous old virus collections that are available for download from vx sites. Viruses containing only the virus body are not deleted automatically; the action can be selected at the end of a scan.

The volume is read from the license file so if you install it on the remote server managing 20 clients, it's ok that it reports 70 instead of 20 allowed clients.

I doubt that a signature update would cause this. You can try temporarily disabling automatic updates in Scheduler, restart the computer and see if the issue recurs.

I've seen this message on systems where ESET was working properly so I'd say you can ignore it.

Cracks with a suspicious behavior that are likely to trigger heuristic detection are detected as potentially unsafe applications. Detection of pot. unsafe applications is disabled by default as they mainly cover legit tools that can be misused for malicious purposes in the wrong hands. If you want to keep the PUA detection, you can exclude the dll from scanning. In the future, you can submit samples to ESET as per the instructions here (not necessary in this case as it's apparently a crack / hack tool).

I'd suggest downloading Windows Installer from this link and reinstalling it. Should you still be unable to uninstall v4, run the Uninstall tool in safe mode.

The file won't be submitted if it has already been submitted by somebody else. Basically there's no need to submit us any files detected as "a variant of..." unless you suspect them to be false positives.

If you have version 9040 installed, you have the latest one.

In order to block access to https websites, you'll need to enable SSL scanning.

That's probably because the option "Require full administrator rights for limited administrator accounts" enabled under User interface -> Access setup.

The mechanism is smart and it's been improved significantly a couple of months ago. Users with older signature db are now prioritized and are able to update even at times of a high load. The product actually connects to the server and receives information about the current version being served by the server, hence it evaluates the situation and correctly tells that the database is current. I'd like to note that base updates like this occurs about 1-2 times per year so it's not common that you couldn't update on the first attempt.

At the moment, it may take a few attempts to update to the latest version due to a high load on update servers caused by a large base update that has recently been released.

We are in touch with Bohemia Interactive and trying to pinpoint the issue. As soon as we have some news, we'll let you know.

Before reproducing the issue, please enable "Advanced pcap logging" in the IDS setup -> Troubleshooting. When you reproduce the issue, compress the log C:\ProgramData\ESET\ESET Smart Security\Diagnostics\EpfwLog.pcapng and send it to me for analysis.

This has been noted as a suggestion for future versions of EMS.

Isn't there any additional error code displayed?

Does restarting the ERA http server service as follows help? - with elevated admin rights, run "net stop ERA_HTTP_SERVER" - run "net start ERA_HTTP_SERVER"

If you run "sc query ERA_HTTP_SERVER", is the ERA http server actually running or not?

If the clients were configured to report to ERAS, you can simply edit the policy that will be subsequently fetched by clients. Otherwise you'll need to reinstall the ESET product on clients using a proper configuration.

What do you mean in particular? Any software contains certain bugs, including operating systems developed by thousands of engineers. ESET's goal is to provide as flawless products as possible even at the cost of postponing the release if a more serious issue is found. V7 had been thoroughly tested also by users around the world in various system environments for several months before it went gold. Basically the only known bug in v7 is that Antiphishing doesn't get automatically re-enabled from the disabled state as other protection modules do. Then there have been some performance issues with Advanced memory scanner reported which are caused by the behavior of particular applications. These are not bugs but rather something that requires optimization of AMS so that the applications don't cause any issues to AMS.

Hard to say if you had update 9034 installed which contained detections for the latest Reveton variants (Win32/Reveton.V) that was undetected by other AVs at that time. If possible, please send me the file detected by MBAM so that I can determine in which update the detection was added.

I was wrong, cloud blocking is evaluated real-time.

Generally loading files should be quick, especially if you let the first-time scan complete. As for PowerArchiver, I'm not aware that the vendor submits new versions for whitelisting. If they use heavily packed files which take a few seconds to scan, any subsequent scans should be quick provided that you didn't disable Smart optimization.