Marcos

Unfortunately, we have no clue what the message reads. Please contact your local Customer care or try installing v6 from scratch. You can also try installing v7 beta which has been very stable and the current version has no serious issues.

Hello, only ecls.exe can be run from the command line. What you are asking for should be viable via eshell.exe present in server products.

The actual file name is ess_nt64_enu.msi. I'll check out the links on the download page. Edit: I was able to download the msi installer from the official download page hxxp://www.eset.com/int/download/beta-versions/detail/family/212/ fine.

Just to make it clear, with a guest account you don't use any password to log in to this forum so using the password recovery feature makes no sense until you create an account. Authentication with a username and password is required only for registered users. If you created an account and now report this as a guest because you couldn't log in, please supply me with your registered username so that I can check the status of your account. Yes, there's a line in the source that loads a java script from another url. Also the script is bounded with typical malware markers. As for reporting blocked URLs to ESET, there's a section in the above mentioned KB article called "Email – Report a blocked website or false positive" towards the end of the article with simple instructions how to proceed.

It's the HIPS and self-defense driver which may block certain operations. I'd expect some issues might occur during logon if you have LogMeIn installed for instance. You can rename the driver to ehdrv.sy_ or whatever you want.

As soon as Windows 8.1 is officially supported, it will be announced. Nonetheless, the current beta seems to work flawlessly on Windows 8.1 so far.

The block seems to be ok. The website is full of adware and several other vendors are blocking it, too.

Does renaming C:\Windows\System32\drivers\ehdrv.sys in safe mode make a difference?

We recommend that clients in a network update from a local mirror to avoid licensing issues and to reduce the amount of data downloaded from ESET's servers.

Does disabling any of the protection modules make a difference? Did the support tell you if the error is related to network communication or something else?

The detection is correct. The only communication channel for disputing detections is email; for more information how to report a file to ESET, see this KB article.

Don't know what P4m1936duw1983 is as it's definitely not the password belonging to the username you've mentioned. Software is activated automatically after entering the username and password in the product. I've checked your license and there doesn't seem to be anything wrong with it; it's valid until June 2014. Are you having problems receiving updates?

It was confirmed that is an Android system flaw which affects all software vendors and only Google can fix it.

Please post the information about installed modules.

PCU method described here should work for clients running any older version of ESET's products. As for the Upgrade feature available in ERA, it was first supported in one of the last v4.2 installers so it won't work for older versions.

Could you install ESET NOD32 Antivirus 7.0.104 beta just to see if it makes any difference? Athough it's intended for home users and is still in the beta phase, it contains the latest fixes for MS Outlook client so it'd be good to know if the issue goes away then or not. After you test v7 in the aforementioned scenario, you'll revert back to EEA 5.0.2214.

If the computers are in a domain, is ERA Service running in a domain administrator account or a local admin. account?

I've tested the password recovery feature by entering my nick in the form and subsequently received an email from the system. The website in question is not blocked; it's a malicious external script that is detected. In the future, feel free to report potential false positives to ESET as per the instructions here.

Are you having some issues with MS Outlook 2013 and v7.0.104 beta installed ?

Unfortunately, in the video you didn't click on the rule so we don't know if you actually had logging enabled or not. If logging when the rule is applied is disabled, HIPS behaves as expected and it won't log a thing unless you enable it for the particular rule.

The rules are sorted by action (Allow / Deny / Ask) and then alphabetically by the source application. I think this ordering makes it easier to look up a desired rule rather than if rules were sorted just by the time of creation.

As of v7, removable media control was replaced with Device control known from Endpoint which provides protection against many more devices than the previously used feature.

Please carry on as follows: - download Process Monitor and run it (it will start logging system operations) - run a scan with cleaning against a file infected with Win64/Expiro.A where the cleaning previously failed - stop logging Export your Threat log to a file and add it along with the Process monitor log to an archive. When done, upload the archive to a safe location (e.g. Dropbox) and pm me the download link.

Basically websites are blacklisted when they are found to host malware. Please report the url to ESET as per the instructions here.

HKCU actually points to HKEY_USERS\S-1-5-21-* (followed by group of numbers) where S-1-5-21-* is the current user's SID you'll find in the registry.