Marcos

That either means that the files were improperly infected with a virus which rendered them non-functional or they got corrupted due to a disk error. This rather sounds like a hardware problem with your DVDROM or a disk failure. I'd try inserting a disk that you can reliably read in another DVDROM. Could you please post complete records from your ESET Detected threats log and on-demand scan logs so that we know what files were detected and what was detected?

I, for one, don't see any sense in pushing the mirror content to clients and then forcing them to update from it. If you have a mirror created, you can can use a policy or push a configuration to clients that will point them to update from it.

Please pm me the link to the website which redirects you to this fake Java update web page.

Could you please confirm or deny that the issue persists after enabling pre-release updates with Internet protection module 1094 installed?

Please check if the issue still persists now that the HIPS module has updated to v1106B.

This was already discussed in the past. Due to rapid development and major changes in each version of Thunderbird, plug-ins for Thunderbird are no longer developed. However, even without a plug-in for a particular email client, email received via POP3(S) and IMAP(S) will be scanned for malware.

If you configure ESET to ask about non-visited websites and then attempt to update Firefox, you will be asked whether you want ESS to scan the secured communication utilizing the given certificate with an option to exclude it from scanning. Then you can switch back to "Always scan SSL" while checking the box "Apply created exceptions based on certificates".

After enabling pre-release updates, v1092 should be downloaded and installed fine.

Mozilla doesn't accept self-signed certificates and refuses to update in such case. You must exclude Mozilla's certificate from scanning.

Try enabling pre-release updates in the advanced update setup and run manual update then.

Please use the module from pre-release servers (v1092 for Endpoint) as I instructed you.

Make sure that SSL scanning is enabled, then enable pre-release updates so that the latest version of the Internet protection module 1094 is downloaded. Let us know if that helps.

Ok, so compress the log, upload the archive to a safe location and pm me the download link then.

The issue is being investigated. When a fix is ready, it will be distributed via an automatic module update.

Please repeat the same, now also with "Enable advanced pcap logging" enabled in the IDS setup -> Troubleshooting. The log will be created in C:\ProgramData\ESET\ESET Smart Security\Diagnostics\EpfwLog.pcapng. Please send it to me attached to a personal message.

If possible, please share your findings with us as there can be also other users who might be interested in knowing what files or folders need to be excluded.

Could you enable pre-release updates in the advanced update setup and run update manually so that the last version of Internet protection module 1094 is downloaded and installed? Let us know if it resolves the issue.

Whenever firewall blocks certain communication and you need to determine the reason, enable logging of blocked communications in the IDS setup, reproduce the issue and then check the firewall log for detailed information about the rule that blocked the communication. Please copy & paste the appropriate firewall log entries here.

Probably the settings are not saved properly or the registry values get reset at times for some reason. I'd suggest contacting Customer care or creating a new topic for this issue.

Please continue as follows: clear the filrewall log enable logging of blocked connections in the IDS setup reproduce the issue post your firewall log records here You can also check the temporary IP address blacklist under Setup -> Network in the main ESS gui to see if the IP address is listed.

The symptoms you've mentioned are typical for svchost.exe spiking CPU after downloading Windows updates. Make sure that Internet Explorer 8 is installed and is fully patched. Especially the following hotfixes must be installed to fix the svchost issue: KB2744842 KB2879017 KB982381 KB2618444 KB2598845 KB2862772

ESET also uses local cache provided that Smart optimization is enabled.

Please open Task manager, right-click ekrn.exe and select "Create dump file" from the menu. When done, compress the memory dump, upload it to a safe location and pm me the download link. The dump should contain information we'll need to determine the cause of the cpu spike.

Please enable advanced pcap logging in the IDS setup, reproduce the problem and then send me the log file "C:\ProgramData\ESET\ESET Smart Security\Diagnostics\EpfwLog.pcapng" compressed in an archive.

Hi tlapse, I was specifically asking about disabling application protocol filtering and IMAP/IMAPS scanning in the advanced setup, not about disabling protection via the tray icon menu. Also I'd recommend upgrading your ESET NOD32 Ativirus to the latest version 7.0.302 which provides better protection against malware than older version.