Marcos

No, this is not possible. Pop-up notifications can be set to disappear in 30 seconds at maximum. If user's intervention is required (e.g when cleaning is disabled, ie. set to No cleaning), the window with action selection shouldn't close automatically.

Please check your pm. I've sent you instructions for generating logs that will help us pinpoint the issue.

That should work provided that the correct IP address was added correctly to the list of addresses excluded from protocol filtering and disabling web protection or protocol filtering solved the issue. Perhaps you could post a screen shot of your list of addresses excluded from protocol filtering as well as a screen shot of the router's setup page with the address bar included.

The scanner will attempt to neutralize and remove the threat automatically without user's interaction.

Sometimes people report a blocked website but in fact it's a trojan which was detected on it and the website as such was not actually blacklisted.

I'd say that most of zero-day threats are detected and blocked by the web scanner utilizing advanced heuristics as well as by Advanced memory scanner. We regularly see almost all zero-day threats detected by ESET's detection mechanisms undetected by most of other famous security software. In case of ESET, recognition of zero-day threats is added swiftly which means such threats would be detected by all products regardless of whether they are run or just go through a server (e.g. mail server, file server, proxy server, gateway, etc.).

Quarantined files are stored in a safe, encrypted form on a disk and thus not pose any risk whatsoever. It's not necessary to flush the content of quarantine. Administrator privileges are required to permanently delete quarantined files.

It seems to be the same issues as discussed here. Please continue in that thread so that the discussion is kept at one place. I assume that the problem is with Asus routers not adhering to rfc standards for http communication which may cause issues in conjunction with ESET's http scanner. Providing us with special logs for troubleshooting should help us pinpoint the issue, As a workaround, you may want to exclude the IP address of your router from content filtering.

Unfortunately, this option was first removed in v6 if I remember correctly, however, I've already asked the product manager to bring it back in future versions as it was very useful for me, too.

No, it's a potentially unwanted application, not malware or another kind of threat. You can exclude it from scanning directly from within the yellow notification window.

It could be that you're using Deep Freeze which will not save the status of protected folders in thawed state.

It's related to antispam.

I'd suggest enabling logging of blocked operations in the advanced HIPS setup, reproducing the problem and then checking the HIPS log for detailed information about the rules that caused some blocking. This should show which rules need to be adjusted to allow the blocked operations. We'd appreciate if you could tell us what rule is causing the issue.

The number you're referring to probably means the number of files that have gotten through real-time protection but it doesn't necessarily mean they were scanned.

Without knowing what is detected and under what name, it's impossible to tell whether the detection is ok or not. Maybe it's a PUA which is detected and in such case it shouldn't be considered FP.

Currently it's not possible to delete / quarantine only archives with at least one executable file inside. However, this is a feature that we'd like to have added as soon as possible.

Try pressing Ctrl+G to switch to non-graphical mode.

V6 and v7 have better detection of phishing than other versions. The next generation of Endpoint will utilize the same anti-phishing system.

Have you tried installing ESET NOD32 Antivirus to see if it makes a difference? If it doesn't, try disabling web access protection and protocol filtering, one at a time. Also confirm or deny that you have AdMuncher installed.

The good news is that we've pinpointed the issue. It will be fixed in the Internet protection module 1092 which is going to be released to pre-release update servers some time soon.

Installation is accomplished by Windows Installer. If there's a serious problem with Windows Installer or the operating system as such, sometimes the only way to get things working is to reinstall the oper. system (although this should be basically very rare).

ESET is known for an extremely low number of false positives. If you suspect that ESET is erroneously detecting a legitimate file, please report it as per the instructions here. As for the option for excluding a file from scanning being grayed out, that's because only potentially unwanted and unsafe applications can be excluded directly from within the alert window.

I'd suggest using automatic mode until a newer version of ESS addressing the issue is available.

Kryptik detections are detections of the packer and doesn't tell anything about the malware itself. I'd suggest submitting a couple of encrypted files along with a file containing instructions how to get the decryption key to ESET to confirm they cannot be decoded.

I'm getting an error sec_error_inadequate_key_usage, is it the same error as you're getting? I've found the same issue reported by a Kaspersky user here: hxxp://support.mozilla.org/en-US/questions/950736. It seems that connection to google, youtube and maybe some other servers is not allowed by Firefox when a self-signed certificate is used. Tested with Opera and IE, no problem accessing the websites noticed.