Marcos

I, too, wonder what is missing in the ESS firewall that competition has

Hello Tweak Arena, We are really sorry to see you go. We fully understood your concerns, but we feel responsible to respond to your suggestions. ESET works closely with its partner network to meet any local market requirements as well as launch dates. We are open to agreement with our local partners on individual launch dates when the situation requires so and technical readiness allows. The current release version of ESET home products 6.0.316 is fully compatible with Windows 8.1. After installation and activation, your ESET product will update the modules to the most current version to ensure smooth operation on Windows 8.1 (a computer restart will be needed). ESET Version 7 BETA will update to the final version automatically without uninstalling (same registry keys and files on the disk will be used), so you don’t have to worry about it messing up the registry on your freshly installed OS. regards, Marcos

All ESET products have been fully compatible with Windows 8.1 for some time already. We are preparing an official statement on this and will publish it as soon as it is ready.

Please try disabling Self-defense, restart the computer and try to reproduce the issue. Are you positive that with HIPS and Self-defense disabled the issue doesn't occur?

ESET merely notifies you about the components that are available for update. If you change the severity of updates you want to be notified about to let's say Critical updates in the advanced ESET setup, it shouldn't notify you about less critical updates.

Please provide information about the exact version of EAV and modules installed (found in the About window) so that we can reproduce it on our end. Is it Windows 7 x86 or x64? Does the problem persist after disabling Self-defense and restarting the computer?

We haven't edited them yet, the KB team should fix it soon.

It could be that the scanner is scanning a large folder or archive when the progress reaches 17%. Navigate to Tools -> Statistics to check if the number of scanned files is rising.

There are several variants of the police ransomware Ukash / LockScreen released in relatively short intervals. ESET utilizes effective mechanisms to ensure that users are protected against new variants either proactively or in as short time as possible after the authors unleash new variants to the world.

Does switching firewall to learning mode until all necessary rules are created make a difference? If so, switch it to "Automatic mode with exceptions" after the rules have been created.

Did you update v7 after installation and restarted the computer? What build of Windows 8 are you using? (run "winver" to find out)

Yes, it should be fixed.

There have been no program component updates (PCU) for EFSW which is the reason why there's no information about them in update.ver and thus it cannot be displayed in the mirror setup either. I don't think there will ever be PCUs for server products that are usually intended for installation on production servers. Updates of security products that are tightly integrated with the operating system should never be automatic and should always be installed with care.

Yes, contact the distributor who should issue you a license key with a proper company name that would match the other keys. It shouldn't be a problem as long as all keys were purchased by the same company.

There's a setting called "Interval to accept previous password for Clients (ESET Security Products) (days)" in the advaced ERAS setup -> Security which is set to 14 by default. However, the previous password will be accepted only until the next server restart or the next ERAS service restart.

Installation over an older version has always been supported. However, in the case of beta versions it's better to install it from scratch as it may use dedicated beta update servers which wouldn't be set if you installed it over a previous version.

Since disabling memory scans is not safe, I'd suggest disabling detection of potentially unsafe applications so that the remote admin tool is not detected.

I don't understand why are you complaining about a security flaw in Samsung's Android implementation - every AV can be killed on certain Samsung mobile phones via the Task manager, it's not only ESET. Will try to create a demonstration video and post it here.

You must switch to Automatic mode with exceptions for the created rules to be applied.

Keen observation, I've informed the KB team about the issue.

I wonder why LOL attempts to terminate/suspend ekrn.exe which the most crucial process responsible for protecting your computer. You can try disabling self-defense and restarting your computer for a test to see if it makes a difference. However, don't leave SD disabled and logging of blocked operations enabled.

Have you tried switching the firewall to learning mode for a while until the necessary rule is created?

If you view the license keys in a text editor, does the CUSTOMER_NAME field match in all 3 license keys? It's possible, although I admit it's hidden well - navigate to Personal firewall -> Settings -> Rule setup -> Advanced setup and click "Add default". If you'd like to troubleshoot the alleged false positive, please enable advanced PCAP logging in the Troubleshooting section of the IDS setup, reproduce the detection and then send me the log C:\ProgramData\ESET\ESET Smart Security\EpfwLog.pcap.

You've enabled the option "Notify when changes occur in startup spplications" in the advanced HIPS setup.

Exactly. Threats detected by the Advanced memory scanner could be discovered even before by the on-demand or startup scanner, however, since they were run only intermittently there was a good chance new threats could run for a certain time until they were detected.