Marcos

Just to make sure, you mean scheduled scans and not scans that you run manually via gui, right?

Since antivirus software is deeply integrated with the operating system, any upgrade to a newer version may potentially cause issues. For this reason, ESET has never rushed with program components updates and pushed them to users within a short time. ESET cares about safety of their customers and we will never take actions that might jeopardize the stability of users' systems.

Please create a Process monitor log from a boot as per the instructions here. When done, compress it, upload it to a safe location and pm me the download link.

Should the above fail, see my advice in https://forum.eset.com/topic/692-era-server-failure-cant-connect-to-host-0x2101/.

I'd suggest carrying on as follows: - enable debug logging in ERAS setup - stop the ERA server service - delete the ERA logs in C:\ProgramData\ESET\ESET Remote Administrator\Server\logs - temporarily set the time interval for connecting to ERAS on a troublesome Endpoint client to 0 - start ERA server service If the client doesn't appear in ERAC, submit the logs from the aforementioned folder to Customer care for analysis. You can also upload them to a safe location and PM me the download link so that I can check them out.

It's a communication attempt within your computer. Make sure that you have logging of blocked communications disabled in the IDS setup.

For Firefox 22 and newer, you'll need to export the root certificate from ESS and import it to Firefox manually in order for https websites to open properly.

I thinik the question was regarding the untrusted ISP root certificate which is unrelated to ESET.

You can find this information in the header of file em002_32.dat.

Please compress the memory dump, upload it to a safe location and PM me the download link. No BSOD issues have been reported so far so it's likely it's caused by another driver.

The expiration date is synchronized with servers once or twice a day as far as I remember which could explain why a correct expiration date was shown on other laptops with a delay.

It has not been confirmed as a bug by engineers yet. If it's confirmed to be a bug, it won't be fixed before a service release of v7.

Of course these marketing statements must be taken with a grain of salt. Isn't it suspicious that popular rootkits / bootkits that died out a few years ago would be undetected by popular vendor after so long time? ESET basically protects against all of them but unfortunately it's not possible to verify them as the tester does not provide any useful information to other av vendors.

ESET stores temporary files in the system and user temporary folders pointed to by TEMP and TMP variables. Changing the variable values should do the trick.

I was able to reproduce it only once in the past. Since then the website opens fine with both older and latest Internet protection modules so I assume something has changed on the server or the occurrence of the issue depends on timing somehow.

This is probably not possible, wildcards in this form are not supported. I was unable to accomplish it either. It works fine for me. Please post the warning you're getting and let us know what browser and its version you use. Try the following: - with web browsers and email clients closed, disable SSL scanning - enable SSL scanning - launch the browser

Probably the original installer from removed from the c:\windows\installer folder in the meantime. Please follow these instructions to remove EAV completely in safe mode and then download and install the latest version from scratch.

What do you mean by "computer freezes during scan"? Does the system become completely unresponsive for a very long time?

If certain communication is blocked, carry on as follows: - enable logging of blocked communications in the IDS setup - reproduce the issue - check the firewall log for more details about the blocked communication (copy the recent records and paste them here). - disable logging.

It seems you enabled SSL scanning but import of the root certificate into your browsers or email clients failed. Feel free to disable SSL scanning.

We kindly ask you to post in English or contact your local distributor who will assist you.

Ransoware encrypting files on a disk is not something new. The recent variant you've mentioned is currently being analyzed so at the moment we're not able to tell if it'd be technically feasible to decrypt them.

When tackling an issue, it's necessary to narrow it down to a particular protection module or setting that affects the issue. Disabling the modules was in no way meant as a permanent solution.

In a nutshell = to make a long story short.

Please submit prefs-1.js to ESET as per the instruction here and with a link to this topic enclosed. Although it's unlikely to be false positive, we'd like to check it out to make sure.