Marcos

HKCU actually points to HKEY_USERS\S-1-5-21-* (followed by group of numbers) where S-1-5-21-* is the current user's SID you'll find in the registry.

I actually provided you with a testing module on June 3 but you refused to install it. Anyways, today I've been trying to reproduce the issue with different ESET's products to no avail, I was always able to access the login page. The link to the video doesn't work, I'm getting "404 - File or directory not found".

It'd be dangerous to create general rules for any source application, hence it's not supported. You could try exporting your configuration, duplicating the HIPS rules and changing the application names to cover all the tools you use to accomplish this quicker.

I've run into the same adware today when visiting a site allegedly offering videos (blocked by ESET for quite a long time already) but the adware was downloaded instead. It should be enough to clean it by ESET.

This is due to an issue with the webhosting company, our IT guys have been working on it with them. The original and updated content should be back soon.

Does the problem persist after removing v6 as per the instructions here and installing it from scratch?

Check if the ERA Server service running in an administrator account.

Do you have the latest version of the ERA Server 5.0.511 installed? A quote from changelog: Fix: When updating the virus signature database, the process will hang at about 40% and possibly freeze ERAS

It's correct to detect the mentioned toolbar as PUA. Most likely other vendors simply don't focus on PUA as detection of these applications requires a lot of work in terms of research or communication with vendors.

When creating a HIPS rule, select the desired application on the "Source applications" tab, then check the "Use for all operations" box on the "Target registry" tab and click OK. By default, the rule will be applied to all registry keys.

Keen observation I've edited my initial post and included download links for both products.

Please enable creation of complete application memory dumps in the ESS setup -> Tools -> Diagnostics and try to reproduce the crash again. When done, continue as follows: - create a SysInspector log - compress the 2 files and put your nick in the archive's name - upload the archive to a safe location and pm me the download link

Run "sc query eamonm" with elevated admin rights. You should get a response that it's running.

There are currently no plans to support Thundebird due to its rapid release cycle. However, email received via POP3 and IMAP will be scanned regardless of whether an email client is supported or not.

Then please submit the suspicious file to ESET as per the instructions here so that we can check if it should be detected or not.

Since we don't know your username and email address used for registration, I'd suggest contacting Customer care to verify your license.

If activation fails, contact Customer care and provide them with your license information so that they can verify its validity.

It will include the most often used stand-alone cleaners.

Please email the following stuff to ESET as per the instructions here: - Detected threats log - SysInspector log - examples of files infected with Expiro that cannot be cleaned.

I mean detection of potentially unsafe applications which can be enabled for protection modules and on-demand scanner separately. You can find this setting in the ThreatSense engine setup.

Do you mean the application is not detected by ESET? If so, check if you have detection of potentially unsafe applications enabled.

No, Windows Phone 8 limits applications to such an extent that no traditional antivirus program with real-time protection can be created for it.

You should have eamonm.sys loaded on Windows Vista and newer.

Yes, it is.

I think that quite a lot of people here play games and nobody has experienced such issues yet. Does the issue occur with every game you play or with specific ones? Does any of the following make a difference? - disabling real-time protection via gui - disabling Advanced memory scanner - disabling HIPS + Self-defense and restarting the computer - disabling firewall via gui - changing firewall integration to "Only scan application protocols" followed by a computer restart - changing firewall integration to "Personal firewall is completely disabled" followed by a computer restart