Marcos

This is a known issue. My understanding is that Anti-phishing shouldn't get disabled with other protection modules.

Make sure that the IP address 172.30.1.1 is in the Trusted zone. Then check IDS settings in the advanced firewall setup and make sure that UPnP is allowed for system services in the Trusted zone (enabled by default). If turning off the firewall doesn't resolve the issue at all times, try disabling application protocol filtering in the advanced setup. Let us know about your findings.

Please enable logging of all scanned files so that you see the last one scanned. When you narrow it down to a particular file causing the scanner to hang, compress the file while using the password "infected" and send me the archive via a private message.

Does disabling firewall via gui actually make a difference?

According to your screen shot, you have ESET NOD32 Antivirus installed. The Network section is present only in ESET Smart Security which includes a firewall.

If you check the Antispam protecton log, what score did these emails receive? Could you send me some examples in the message/rfc822 format (e.g. email exported from Thunderbird, Windows Mail, etc. to an eml file). If you cannot use such an email client instead of MS Outlook, let me know.

Does flushing the update cache via the advanced update setup make a difference? You could also consider uninstalling v6 and installing v7.

We'd need to get the large *.nqf file and its *.ndf pair found somewhere in the c:\users folder. Please compress these 2 files, upload the archive to a safe location and pm me the download link.

Please create a dump of ekrn.exe via the Task manager ("Create dump file" option) when ESET seems to have hung. Also create a SysInspector log and compress both files to an archive. Then upload the archive to a safe location and pm me the download link. Are you able to run a scan using ecls.exe without any problem?

I cannot find an answer to my question whether changing the integration type to "Personal firewall is completely disabled" followed by a computer restart makes a difference. If so, try to reproduce the issue with integration set to "Only scan application protocols" and let us know about your findings.

Does the issue also occur if you scan only c:\programdata?

Navigate to Tools -> Protection statistics and check if the number of scanned files is rising.

Yes, the First-time scan is run automatically in about 20 minutes after installation if I recall correctly. When it's started, a bubble notification pops up, allowing you to cancel the scan.

You can enable Anti-Theft at any time here:

I don't think that Wowlik and Sirefef are related to each other. Make sure you have the most current signature database 8924 installed and run a full disk scan. Also I'd recommend upgrading to ESET Smart Security version 7 via "Check" or "Check for update" button in the Update panel.

Since we already have an announcement here, we'll draw this thread to a close.

Since we already have an announcement here, we'll draw this thread to a close.

ESET NOD32 Antivirus version 7.0.302 has been released and is available to download. New features: Advanced memory scanner provides protection against obfuscated threats Exploit blocker protects browsers and other popular applications from threats exploiting vulnerabilities in these applications Improved cleaning of rootkits ensures that even in case of infection with persistent malware, the system will be restored to a working malware-free state Device control allows for controlling access to removable devices Automatic first time scan cleans potential malware on the computer and improves performance of future scans To download and install ESET NOD32 Antivirus version 7.0.302, download and run Live Installer available on the download page. Installation over previous versions is fully supported. Beta users and users with version 5 and 6 can upgrade to version 7 by checking for a new program version and selecting Install in the Update pane. For more information and to download the product, visit the ESET website or contact your local reseller, distributor or ESET office.

ESET Smart Security version 7.0.302 has been released and is available to download. New features: Advanced memory scanner provides protection against obfuscated threats Vulnerability shield protects your computer from network threats exploiting vulnerabilities in communication protocols Exploit blocker protects browsers and other popular applications from threats exploiting vulnerabilities in these applications Improved cleaning of rootkits ensures that even in case of infection with persistent malware, the system will be restored to a working malware-free state Device control allows for controlling access to removable devices Automatic first time scan cleans potential malware on the computer and improves performance of future scans Exclusions from active protection have been improved to make defining of trusted addresses easy To download and install ESET Smart Security version 7.0.302, download and run Live Installer available on the download page. Installation over previous versions is fully supported. Beta users and users with version 5 and 6 can upgrade to version 7 by checking for a new program version and selecting Install in the Update pane. For more information and to download the product, visit the ESET website or contact your local reseller, distributor or ESET office.

I'd suggest checking the ERAS log to see if both clients attempt to connect or only the one which appears in ERAC. Do both clients use the very same ERAS settings?

ESET products require a x86 / x64 (CISC) compatible processor to run. ARM architecture (RISC) is not supported.

You can set a limit for scanned objects in the web access protection setup to 500 MB for instance. On the other hand, if you download large files (e.g. iso images), possible malware won't be detected in them upon download.

Protocol filtering is disabled in server products by default to prevent issues stemming from bugs in Windows Filtering Platform (BSOD, memory leaks, etc.) and to avoid excessive memory consumption if a higher number of connections is created at a time.

We'd prefer to assist you with troubleshooting the issue rather than fixing it by hitting the Clear cache button. If we are able to determine the cause, we can take measures to prevent it from happening again on your or other computers.

If you want to connect from everywhere, create a new allowing bi-directional rule with the local port set to 3389 (or whichever you'll use). You can restrict remote IPs or subnets on the Remote tab. Don't forget to switch the firewall to "Automatic mode with exceptions" so that custom rules are applied.