Marcos

Integration (plug-in) is required for the spam filter to work. Also it allows you to scan incoming and outgoing email regardless of the protocol used and also to re-scan received messages. One more thing you could try - disable scanning of read emails.

If the problem concerns clients with Endpoint installed, please export your Endpoint configuration to an xml file and pm it to me along with an example of an email that was evaluated as spam despite the sender's email address being whitelisted.

I have already provided a solution to your issue. Don't wait for a fix as this will take some time but remove the exclusions with the detection name and add them manually, ie. not from the yellow window shown when a potentially unwanted / unsafe application is detected.

I was unable to reproduce it with Outlook 2010 on Windows 7. Does any of the following resolve the problem? - disabling scanning of sent email - disabling ESET integration with MS Outlook - starting Outlook in safe mode (outlook.exe /safe)

I have inquired the appropriate product manager about the availability of EAV BE 4.0.81. As soon as I have some news, I'll let you know.

I assume that disabling scanning of sent email didn't help then. Please try disabling integration with MS Outook and IMAP scanning, one at a time, to narrow it down.

Does disabling scanning of sent email make a difference?

Right.

This detection is ok, the installer contains a potentially unwanted application.

The log shows that you attempted to download the file twice - at 11:10 with an outdated sig. database and then at 11:12 with ESS fully up to date. I assume that you're using an older version of ESS (v5/v4), right?

The installer was replaced with a Dorkbot worm a couple of days ago. Now the download link points to a correct installer so we've removed the block.

Did you receive an automatic response that a ticket with a specific ID was created? Please pm me your email address so that I can ask the UK distributor if they received your query and a ticket was created in their system.

Unfortunately, we still don't know which of the protection modules interferes with the software in question. What we'd need you to narrow it down to the particular module by disabling firewall, web protection and real-time protection, one at a time, and check if the problem occurs. Alternatively you can provide us with step-by-step instructions how to reproduce the issue and also provide us with information about the operating system and installed modules (available in the About window).

For me system variables work fine even with older versions of ERA and Endpoint. I've pushed a configuration with %windir%\* excluded and eicar wasn't detected in c:\windows afterwards. However, this doesn't work with v4 so we can conclude that using system variables for exclusions in configuration files was first supported in Endpoint products.

What does disabling ESET mean? ESET Smart Security consists of several modules that might interfere in certain configurations with uncommon applications: real-time protection, web & email protection (application filtering), HIPS, Firewall. We'll need to know which of these modules needs to be disabled so that the problem doesn't occur. Multicharts is not common software that companies would use in pre-release testing. To be honest, I've heard about it for the first time. We'll be happy to assist you with resolving the issue but first we'll need you to narrow it down to a particular protection module. As for problems with Google, we haven't heard of any and the only problems I can think of is when a user enables SSL scanning but the root certificate isn't imported to or honored by a web browser or email client.

You have the following error logged in the system event log: The Windows Management Instrumentation service terminated with the following error: The system cannot find the file specified." 13/02/2014 08:04:07 I'd suggest capturing operations using Process monitor while running the command "sc start winmgmt" as an admistrator. When done, compress the log, upload it to a safe location and pm me the download link.

If you suspect the firewall to block certain communication, try changing the integration type to "Personal firewall is completely" disabled and restart the system. If that doesn't make any difference, what about renaming C:\Windows\System32\drivers\eamonm.sys and ehdrv.sys in safe mode, one at a time?

This is a known glitch but the cause is not known yet.

If the application doesn't download updates that are detected as PUA by ESET, I wouldn't exclude them from protocol filtering. For instance, if malware injected into such process it might succeed to download components that would otherwise be blocked by web protection. The point is to use exclusions only when necessary to solve a particular issue. Every exclusion makes the computer vulnerable to attacks; in particular if malware copies to a folder excluded from scanning it won't be detected and blocked even if it was detected otherwise.

Why do you believe the isssue is related to ESET Smart Security? Does the problem go away after temporarily disabling the firewall?

Please make sure that you have SSL scanning enabled. Otherwise secured communication cannot be filtered.

PM sent.

Could you please install the latest ESS v7 (for home users) on such computer for a test and disable "Removable media access" in the real-time protection setup? Let me know if it solves the issue.

To troubleshoot the issue with connecting BF4 to game servers, please contact Customer care. The other issue seems to be unrelated to ESET as it persists even after uninstalling the ESET product.

Please post the information about installed modules from the About window. Run a manual update to make sure you have the most current version of the signature db and modules installed and restart the computer then. Should the problem still persist, does switching to pre-release updates in the advanced update setup, running update and restarting the computer make a difference?