Marcos

I can't see any issue here. What "entry string" disappears in the Computer scan window but it shouldn't?

On my computer it took 7 minutes to scan 202,000 files so your scan time seems to be normal.

You should add * after the last slash so that everything on the mentioned website is blocked.

ESET Endpoint Antivirus doesn't include Web control (equivalent to Parental Control in home version), only ESET Endpoint Security does. Web access protection and Web control are different protection modules.

You can ignore this message, it's merely a notification that an application is transmitting non-standard data via the ICMP protocol. This kind of detection has recently been disabled by default.

No release date has been set yet. The current v7 beta has turned out to be perfectly stable and I'm not aware of any severe issues with it.

Could you please check if Web control is actually enabled on the client and that the policy was applied properly?

No wonder that Windows 8.1 RTM is not yet supported as it leaked and is not officially available to the public yet. The appropriate modules will be updated shortly to support it provided that you have v7 and pre-release updates enabled.

With personal firewall completely disabled, ESET cannot affect network communication in any way as it's not integrated in the system at all. You can also try installing the latest stable beta v7 downloadable from hxxp://www.eset.com/int/beta/v7.

I'd suggest installing the latest version of ESET Endpoint Security 5.0.2214 instead of an old version ESS BE 4.2 which also contains bugs fixed later in Endpoint v5. If installing the latest version of EES doesn't help, try excluding the file c:\Database\tempres.bin or the whole folder c:\Database\*.* from scanning and let us know about the result. If the clients you've mentioned don't have a business / Endpoint license purchased (typically for 5 and less computers), they could try installing the latest stable beta v7 downloadable from hxxp://www.eset.com/int/beta/v7 (at least just for a test) and see if it resolves the issue.

Does disabling firewall via gui or changing integration to "Personal firewall is completely disabled" in the advanced setup make a difference?

Does the problem persist after a computer restart?

It's weird that disabling real-time protection and HIPS didn't help. If possible, try installing the latest beta 7 (use default settings) and let us know if the bluray software stops crashing or not. If the problem persists, start Windows in safe mode and rename the files eamonm.sys and edevmon.sys in the C:\Windows\System32\drivers folder and see if that makes a difference.

Does disabling HIPS and Self-defense followed by a computer restart make a difference?

Please submit the file tutle.exe to ESET as per the instructions at hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN141.

The website is not blocked. Probably it was a malicious java script that was detected as JS/Kryptik. SCUMWARE.org URL description This URL is or was distributing a malware variant of JS/Kryptik.ALB trojan

I'd suggest creating a complete application memory dump of egui.exe when you observe the issue. You can achieve this by downloading Procdump and running "procdump -ma egui" which will create a dump. Then supply it to customer care for further analysis.

I'd emphasize that this doesn't mean there might be malicious files which would be skipped and left undetected due to smart optimization.

This has nothing to do with Windows updates. Perhaps you opened the setup immediately after installing the beta without updating it first.

You must be using outdated modules. Please post information about installed modules here.

Do you mean that after disabling ESET firewall emails are received instantly?

The issue is already closed, it's not FP. Having said that, we'll draw this topic to a close.

Please try to install ESET again. After installation, update it and write down the version of the installed modules (available in the About window). If the problem recurs after a restart, we'll need to get the list of installed modules as well as what OS and platform do you use.

A Process Monitor log from the moment you attempt to update ESET might shed more light. If you manage to create one, compress it, upload it to a safe location and pm me the download link. I'll check it out then.

I can tell that at least one of the vendors who block the malicious website at VirusTotal does not detect the malicious script and does not block other websites that serve the script to users. Just two examples: Normalized URL: hxxp://gxxxxx.com Detection ratio: 1 / 38 ESET Malware site Normalized URL: hxxp://wxxxxx.com/ Detection ratio: 1 / 38 ESET Malware site I'd also add that it's been detected and blocked by ESET about 20,000 times so far so it seems to be a quite prevalent web threat not yet recognized or blocked by other vendors.