Marcos

Try disabling each of the protection modules in the following order, one at a time, to see if it makes a difference: - disable web protection - disable protocol filtering in the advanced setup - change firewall integration to Personal firewall is completely disabled and restart the computer - disable Parental control - disable HIPS and restart the computer

We've found out that the recent Internet protection module 1073 might have caused ekrn crashes on systems powered by CPUs from 2001 and older (2004 and older for AMD CPUs). Updating to the latest version of Internet protection module 1076 should solve the issue.

I confirm that the detection is correct, it's not a false positive. If the above mentioned detection is triggered, the website was compromised and a malicious java script is injected into the web page.

A list of updates with signatures added is available at hxxp://www.virusradar.com.

Yes, because EMS v2 has been released just recently and this is actually just a newly discovered issue stemming from the design of Android 4.3. We plan to address it in future builds of EMS v2.

If possible, please answer the following questions: - What type of Internet connection do you use? (3G, wi-fi,...) - Are you able to open websites in a browser when experiencing the issue? - Does changing the type of connection make a difference? - Does uninstalling EMS v1 and installing EMS v2 make a difference?

Is there a message displayed on your screen when you tap "Update Threat Database" or simply nothing happens at all?

Has the client actually connected to ERAS to download the list of tasks? Try temporarily setting the interval for connecting to ERAS to 0 on a client and see if the task is downloaded and started.

Tested with Kaspersky, Antivir, Avast, it was possible to kill all 3 via the Task manager. As I wrote, it's a system problem of Android on Samsung mobile phones.

I wonder if you browse websites that you need to keep http checking enabled on the server. It's always been disabled by default on servers as it may cause issues, for instance, due to bugs in Windows Filtering Platform. Do you have SSL scanning disabled?

If the new server has the name preserved, I presume that copying the folder C:\Documents and Settings\All users\ESET\ESET Remote Administrator\Server from the old disk to C:\ProgramData\ESET\ESET Remote Administrator\Server on Win2008R2 would suffice.

You can report phishing sites via the built-in form after selecting "Suspicious site" from the drop-down menu.

Are you able to modify all other settings? If so, try to reproduce the issue while logging all operations and events using Process monitor. When done, save the log, compress it, upload it to a safe location and pm me the download link.

Not necessarily. Please create a SysInspector log as per the instructions here and submit it to ESET along with a link to this thread as described here.

This issue will be solved in a newer Anti-Stealth module.

If you are not able to locate the malware, create a SysInspector log and submit it instead along with a link to this topic.

I assume it was a potentially unwanted application that was detected. In that case, a user consent is required before an action is taken.

Does changing firewall integration to "Personal firewall is completely disabled" make a difference? If not, try uninstalling ESS completely. I assume it won't make any difference either.

Check the list of installed applications and try uninstalling those that might redirect https communication through them.

Please report it to ESET as per the instructions here and provide a complete url which is detected.

You can report a phishing website via the built-in submission form.

The url doesn't work anymore. If it was detected by the http scanner it must have been blocked. Just to make sure, post the appropriate record from your Treat log which should look like as follows: 10. 8. 2013 20:05:30 HTTP filter file hxxp://www.eicar.org/download/eicar.com Eicar test file connection terminated - quarantined pc\admin Threat was detected upon access to web by the application: C:\Program Files (x86)\Opera\opera.exe.

I wonder if BSOD also occurs if v7 is installed from scratch, after running the Uninstall tool in safe mode.

GUI is subject to change as the program develops over time. I presume even more people will prefer the new gui we're working to the current one in v6/v7

WIth Firefox 22 and newer, it's necessary to import the ESET root certificate manually. This is already fixed in Internet protection module 1073 currently available on pre-release servers.