Marcos

It's correct to detect the mentioned toolbar as PUA. Most likely other vendors simply don't focus on PUA as detection of these applications requires a lot of work in terms of research or communication with vendors.

When creating a HIPS rule, select the desired application on the "Source applications" tab, then check the "Use for all operations" box on the "Target registry" tab and click OK. By default, the rule will be applied to all registry keys.

Keen observation I've edited my initial post and included download links for both products.

Please enable creation of complete application memory dumps in the ESS setup -> Tools -> Diagnostics and try to reproduce the crash again. When done, continue as follows: - create a SysInspector log - compress the 2 files and put your nick in the archive's name - upload the archive to a safe location and pm me the download link

Run "sc query eamonm" with elevated admin rights. You should get a response that it's running.

There are currently no plans to support Thundebird due to its rapid release cycle. However, email received via POP3 and IMAP will be scanned regardless of whether an email client is supported or not.

Then please submit the suspicious file to ESET as per the instructions here so that we can check if it should be detected or not.

Since we don't know your username and email address used for registration, I'd suggest contacting Customer care to verify your license.

If activation fails, contact Customer care and provide them with your license information so that they can verify its validity.

It will include the most often used stand-alone cleaners.

Please email the following stuff to ESET as per the instructions here: - Detected threats log - SysInspector log - examples of files infected with Expiro that cannot be cleaned.

I mean detection of potentially unsafe applications which can be enabled for protection modules and on-demand scanner separately. You can find this setting in the ThreatSense engine setup.

Do you mean the application is not detected by ESET? If so, check if you have detection of potentially unsafe applications enabled.

No, Windows Phone 8 limits applications to such an extent that no traditional antivirus program with real-time protection can be created for it.

You should have eamonm.sys loaded on Windows Vista and newer.

Yes, it is.

I think that quite a lot of people here play games and nobody has experienced such issues yet. Does the issue occur with every game you play or with specific ones? Does any of the following make a difference? - disabling real-time protection via gui - disabling Advanced memory scanner - disabling HIPS + Self-defense and restarting the computer - disabling firewall via gui - changing firewall integration to "Only scan application protocols" followed by a computer restart - changing firewall integration to "Personal firewall is completely disabled" followed by a computer restart

HIPS already helps protect crucial ESET's and system processes and it also significantly contributes to detection and blocking of zero-day malware. It's not only about HIPS blocking everything that seems to be suspicious, otherwise we'd end up blocking thousands of legit applications which is definitely not what we want.

ESET NOD32 Antivirus and ESET Smart Security 7.0.104 beta have been released. Changelog: Added Specialized cleaner Added configuration of action to be taken after a removable device is connected Fixed bugs discovered after the June release Existing beta users can upgrade to it using the built-in program version check function or install it from scratch. Download: ESET NOD32 Antivirus 7.0.104 beta ESET Smart Security 7.0.104 beta

Creating a local mirror is a good idea as you won't have to distribute U/P to clients, the amount of data downloaded from ESET's servers will drop down, etc.

Once the ESET plug-in is not registered in extend.dat, the plug-in won't load and thus cannot affect Outlook whatsoever.

There's still a lot of malware on the website, it will remain blocked.

What makes you think it's malware? Have you noticed any suspicious behavior of the application?

You can send me a pm. However, this option is probably available only after registration on this forum.

Should the stand-alone cleaner fail to clean the malware, contact samples[at]eset.com.