Marcos

In safe mode, try deleting the value HKEY_LOCAL_MACHINE\SOFTWARE\ESET\ESET Security\CurrentVersion\Info\WscState

When an attack attempt is detected by v7, it should offer you an option to trust the source address and to exclude it from active protection. Watch this demonstration video: IDSv7.mp4

Not sure what exactly you've deleted. Are you getting an error when ESET is loading upon Windows start ? Have you tried running update manually and restarting the computer?

Does clearing update cache make a difference? If not, try uninstalling v7 and installing it from scratch.

It's normal to release products in 2 or more waves. The 2nd wave will follow in a few weeks. If you can't wait, feel free to install v7 beta as it's perfectly stable and the final version will be released with minor changes or fixes.

Win32/Systweak fulfills criteria of potentially unwanted applications, ie. t's not FP. If you make changes to the application so that it no longer meets criteria for PUA detection, contact ESET at the above mentioned email address and request re-evaluation of the application.

The list shows program component updates that are available on the server your EFS updates from. Do you have the update server set to "Choose automatically"? At any rate, there has been only one program component update for Endpoint so far which can be installed per the instructions here.

An error communicating with drivers occurs after a fresh installation on Windows 8.1 because the HIPS driver included in the current installation package is not Win 8.1 compliant. However, after restarting the computer the error should be gone and everything should work like a charm. Should the problem persist after the computer restart, please post information about installed modules from the About window. We'd also like to ask you to create a new topic to tackle a particular issue as this topic is meant for posting suggestions for future versions.

Couldn't it be that you have Spector surveillance software installed? It's detected under that name.

Firewall settings are stored in a data file on the disk. If the computer is not shut down properly, it could obviously cause a loss of firewall settings, especially if writing to the dat file was unexpectedly interrupted by power outage.

The issue was also reported on a Microsoft's forum by a user with only MSE installed: I only have Microsoft Security Essentials running, you would think that Microsoft's own product wouldn't break Outlook.

Try sending a test email to yourself with the eicar test file attached to see if it's moved to Infected items.

In the mean time, you can try installing the following fixes and see if it helps: hxxp://support.microsoft.com/kb/2664888 hxxp://support.microsoft.com/kb/2735855 hxxp://support.microsoft.com/kb/979278 hxxp://support.microsoft.com/kb/981889

The install log didn't look as if the installation was interrupted due to an error. Please PM me a SysInspector log from your computer.

If the zip file wasn't detected, it could be that the archive was empty or corrupt. Today I've seen some emails with ORDER---9601228-4285214.zip attached and Order_details.exe inside but these were already detected as Win32/TrojanDownloader.Wauchos. Also make sure that you have the most current signature database 8858 installed.

Please follow the instructions in this KB article.

I'd suggest running a disk scan with ESET Online scanner first. If no malware is found, install ESET NOD32 Antivirus or ESET Smart Security from scratch and create install logs as per the instructions here. When done, send me the logs attached to a personal message.

If email protection detects malware in an email message, it's removed automatically by default. You can run a full disk scan (including a memory scan) to make sure that the computer is most likely malware-free.

Try reinstalling Windows Installer please.

If your system is Windows XP or Windows 2000, any application communicating via http will generate a communication via ekrn.exe which works as a local proxy.

Maybe the solution would be to use Eshell to disable protection during a backup or use it to temporarily exclude the target backup folder.

Without knowing the detection name (and ideally getting the file itself along with the ESET Event log), it's impossible to comment on it. Maybe EMSX updated to the signature database containing a signature for the given malware after the email was received by the mail server.

We recommend using default (automatic) mode for users unless they experience issues with certain applications. In automatic mode, all outgoing communication is allowed and all non-initiated incoming communication attempts are denied.

It's blocked because of a Java exploit present on the domain.

Please start Windows in safe mode and rename the drivers C:\Windows\System32\drivers\ehdrv.sys and eamonm.sys, one at a time. Let us know if renaming either driver makes a difference.