Marcos

This issue affected only Windows 7 users with HIPS configured to work in learning mode (not set by default). Please review the HIPS rules and remove the redundant ones.

Please carry on as follows: - download ProcDump from this link and run it so that the executable procdump.exe is extracted - reproduce the crash - with the Windows Error Reporting message on the screen, run "procdump -ma egui" - compress egui.dmp and supply it to Customer care for analysis.

Unfortunately, the SysInspector log didn't contain information about installed modules so we assume it was created by an old version of SysInspector. Please do the following: 1, copy & paste the information about installed modules (tray icon -> About) 2, with HIPS 1078 installed, disable Self-defense while leaving HIPS enabled. Does the problem persist after a computer restart?

Does uninstalling ESS and installing it from scratch make a difference? Please provide more information about the oper. system used and the total amount of RAM / free RAM.

Please follow these instructions for creating an install log. When done, post the log here or submit it to Customer care for analysis.

I second that. According to my personal observation of the data we work with, ESET is very often the only AV solution from among the well known AVs to protect against newly emerging threats and threat variants.

The software in question is not detected as malware (ie. virus, trojan, etc.) but as a potentially unwanted application (PUA). The software was analyzed in ESET's malware research lab and was found to meet criteria for PUA detection. Detection of PUA is fully optional and it's up to the user if they want to opt for detection or not. Even with PUA detection enabled, the user can exclude the application from scanning so that it's not detected. Having said that, we'll draw this thread to a close.

This error usually occurs if a backup of the original msi installer was deleted from c:\windows\installer folder. Please run this Uninstall tool in safe mode, then retry installation.

Could you confirm or deny that the issue affects only CDs/DVDs burnt using the Disk-At-Once method and multisession media are blocked fine?

Please enable logging of blocked operations in the advanced HIPS setup, reproduce the problem and then supply us with your HIPS log. Also post information about the operating system, platform (x86/x64) and modules that are installed when the issue occurs and when it doesn't as there a chance some other modules were rolled back as well. According to the engineers, HIPS 1078 has some features disabled which might slightly affect the performance.

If you rename C:\ProgramData\ESET\ESET Smart Security\epfwdata.bin and C:\ProgramData\ESET\ESET Smart Security\EpfwUser.dat in safe mode, does it fix the issue ?

Please post more information from the on-demand scanner log with the full path to the files as well as the detection names.

Hello, make sure that you have SSL scanning enabled.

I'd suggest leaving HIPS mode in automatic mode. If you are computer savvy, you can define your own rules, e.g. make HIPS prompt you for an action when an application attempts to write to a run key. For instance, I use a rule to ask me before running an application for which no rule has been created yet.

I assume you have ESET NOD32 Antivirus Business Edition for Linux Desktop 4.0.79 installed on clients, do you? What Linux distribution do you use? Also post the output of running "uname -a".

Protocol filtering works at the application layer so it doesn't inspect packets. Did disabling protocol filtering actually make the issue go away?

Win32/Protector.A virus is a detection from 2009 and ESET's products should be able to clean it. Please submit a couple of uncleanable files to ESET's malware research lab as per the instructions here.

Script malware is often injected only if certain conditions are met, e.g. if a specific browser is used.

Look at the first line of the html code, it most likely contains a malicious script with an iframe.

If you encounter an issue with the system locking up with ESET installed, please create a complete memory dump as per the instructions here which should help the engineers find out the cause. When you have a dump from the point of a system lockup ready, contact Customer care (or me or another ESET moderator) who will provide you with further instructions how to convey it to ESET. It's often 3rd party drivers or applications that clash with ESET's products. I, for one, am not aware of any stability issues that the latest public builds of ESET's products would suffer from.

Basically it should be enough to restart / turn on the computer, wait approximately 5-10 minutes until EAV/ESS updates and a startup scan is run in the background. Then restart or turn off/on the computer and the malware should be gone. Sometimes it may be necessary to wait until the next update with a detection for the malware is issued. In such case, contact Customer care who will assist you without the need to wait for the update.

If you run an on-demand scan, the results will be stored in on-demand scanner logs. If a threat is detected by other modules, it will be logged in the Detected threats log.

We are aware of the issue and investigating it. As soon as we have some news, we'll let you know.

This kind of error normally occurs if the backup msi file is deleted from the \Windows\Installer folder. I'd suggest removing ESET completely using the Uninstall tool as per the instructions here and installing EAV v6 from scratch.

We weren't able to reproduce the issue on Windows 7. Please provide more information about the cdr/dvd recorder you use (brand, model), whether it's external or internal and whether connected via (e)SATA/PATA/USB(1,2,3), firewire,etc.