Marcos

Couldn't it be that v7 has updated between the 2 scans or the computer was restarted which are events that clear the cache? We'd need to get more information about your version of Google Chrome, operating system, ESET modules you have installed as well as the websites where the issue manifests. Please create a new thread on this issue where we can tackle it further. If possible, create a dump of egui.exe when the issue occurs (open the Task manager, right-click egui.exe and select "Create Dump File"). When done, pm me for further instructions.

Do the clients update from a local mirror or from ESET's servers? What error are you getting on the clients when attempting to run update manually?

Please continue as follows: - download the latest v7 beta and ESET Uninstall tool - start Windows in safe mode and follow the instructions as per the KB article to uninstall ESET completely - after starting Windows in normal mode, install v7 beta from scratch

Eventually it turned out that Opera has changed the Trusted Root Certification Authorities certificate store and now uses the system TRCA, hence an attempt to add the ESET root certificate is failing. Just ignore the message and https traffic will be scanned in Opera 15, too.

ESET blocks access to bad websites. No advisory system is needed, a website is either good (clean) or bad. Websites are mainly evaluated based on the data from LiveGrid. ~150 MB allocated by ekrn.exe and egui.exe don't seem too much nowadays. For best performance, not only the engine with signatures loads to memory but also shorter files are unpacked in memory without writing to the disk. The detection has been based on heuristics for a long time. As of v5, cloud blocks are supported and utilized as well. V6 and newer can protect against zero-day malware even before the appropriate update with a detection added is released.

We would be glad if you could let us know why you prefer v5 to v6. Your feedback helps us develop the products to your liking.

Hello, does disabling any of the following make a difference? - disabling firewall via gui - switching the firewall integration to "Only scan application protocols" followed by a computer restart - switching the firewall integration to "Personal firewall is completely disabled" followed by a computer restart - disabling HIPS and Self-defense followed by a computer restart - disabling real-time protection via gui

Couldn't it be that somebody logs to this computer remotely via RD and thus HIPS windows are shown in the account of another user?

The rules should work as long as the browsers are not already running. Could you confirm or deny my assumption?

It is important to know whether the files infected with the virus were detected or not, whether cleaning failed or succeeded but files became unusable after the cleaning. A malware infection shouldn't cause the scanner to stop scanning, perhaps it was scanning a large file and after a few minutes it would continue scanning other files.

Do you use the firewall in automatic mode with exceptions? Please enable logging of blocked connections in the IDS setup, reproduce the issue and then copy and paste here the recent ESET firewall log records.

Basically all relevant samples are processed quickly. We're seeing a lot of "rubbish" being sent to the viruslab so without checking your samples it's impossible to tell if that's the reason why your samples haven't been processed yet. Feel free to PM me your email address so that I can check out your samples.

Please create a SysInspector log and submit it to ESET along with a link to this thread as per the instructions here.

If you run an on-demand scan, are you sure there are no logs created if you select "Computer scan" in the Log files section? The best would be if you could save the entire log to a text file and upload it here so that we know what threat was actually detected, the location it was detected in as well as the action that was taken.

Importing the root certificate into Opera 15 is not currently supported as they've made substantial changes to the program. You'd need to export the root certificate from v7 and import it to Opera manually.

Exclusions are applied only to files on a disk. Please post the appropriate threat log record here.

You can only disable particular protection modules or uninstall ESS completely.

If disabling Advanved memory scanner makes a difference, this issue should be fixed in the next v7 beta build.

Why the path ends with a backslash and slash? Use either a relative path, e.g. mirror or an absolute path in the form c:\mirror.

Please follow these instructions for submitting suspicious files to ESET for analysis.

Hello, the only issues with Malwarebytes Pro were observed on Windows XP when the system hung after connecting a USB disk. We provided Malwarebytes with more information about the issue and informed them what they should fix but until now we haven't heard from them whether or when they are going to fix it. There's at least one vendor of such troublesome software who already issued a fix several months ago.

The website no longer contains the malware detected in the past. It will be unblocked in the next update. Next time, we recommend reporting blocked websites to ESET as per the instructions here.

Dump files are generated when ekrn crashes. If a computer crashes with BSOD, you need to look for the dump created by Windows, ie. by default c:\windows\memory.dmp.

Installation via the above mentioned batch file worked fine on Windows XP. Couldn't it be a problem of rights / UAC as administrator rights are required for installation?

To date, the following drivers have been identified to cause lockup issues on Windows XP when used concurrently with ESET products: %windir%\system32\drivers\wavxdmgr.sys 06.06.00.066 (WAVE EMBASSY® Security Center) %windir%\system32\drivers\InCDfs.sys 5.9.10.0 (Nero) %windir%\system32\drivers\sandbox.sys 15/6/2011 (Agnitum Outpost Firewall) %windir%\system32\drivers\mbam.sys (Malwarebytes paid version) %windir%\system32\drivers\PDFsFilter.sys (PerfectDisk OptiWrite Filter Driver) %windir%\system32\DRIVERS\YahooStorage.sys %windir%\system32\DRIVERS\xlkfs.sys (Easy File Locker) %windir%\system32\DRIVERS\PCTCore.sys (PC Tools Kernel Driver Suite) %windir%\system32\DRIVERS\FSPFltd.sys (FSPro Labs My LockBox 2) If you experience lockup issues after installing ESET NOD32 Antivirus or ESET Smart Security on Windows XP, check for the presence of the aforementioned drivers. If found, rename the driver in safe mode or uninstall the troublesome software to see if it resolves the issue. Should the problem persist, generate a complete memory dump from the point the issue occurs as per the instructions here. To enable manual generation of memory dumps, right-click this link, save the file on the disk and run it with administrator privileges. Once you have generated a memory dump, contact Customer care or an ESET moderator for further instructions.