Marcos

ESET provides only quality solutions to users. Yeah, we could develop a simple sandbox within a few months and many people would be excited, but what would it be good for if every other malware could circumvent it. Developing a quality feature requires a lot of time for research, coding and testing. Although there are quite many sandbox solutions available, you could count the really good ones on one hand. On the other hand, Advanced memory scanner significantly improves protection against new born malware and so does another new feature to be introduced in future v7 builds.

Localization of a product is not only about translating resource files and documentation. Needless to say that this must be done by a professional translation agency who gives warranty for the quality and delivering the stuff on time. In the case of Arabic, the biggest challenge is in adding support for right-to-left languages in gui.

I presume that the number of users using TheBat! is substantially smaller than those using MS Outlook or other email clients made by Microsoft so there are no plans to make a plug-in for TheBat! yet.

Software setting mail.ru as the start page is not malware but maybe PUA or legit application (it should ask for permission to change it in that case). Is there anything else than modified registry permissions that makes you suspect your computer got infected? Perhaps you could start off supplying a SysInspector log to ESET for analysis.

The files are being exclusively used by the operating system, hence access for other applications is denied.

I don't think entering many exclusions would make any noticeable impact on the system performance.

Every antivirus software must hook deeply in the OS, otherwise it wouldn't be able to protect you against advanced malware like rootkits or bootkits.

See the "Other versions" section on the download page: ESET NOD32 Antivirus 5 (5.2.15.2) ESET NOD32 Antivirus 4 (4.2.71.5) ESET NOD32 Antivirus 3 (3.0.695.0)

If the Fynloski malware is not found even with the latest signature database 8529, try performing one more scan with 8530 which will have detection for recent new Fynloski variants included. Should it still be detected only during a memory scan, create a SysInspector log and submit it to ESET along with a link to this thread as per the instructions here.

Unfortunately, this is the only possible workaround. Excluding files just by names regardless of the path is dangerous as malware could use that name to evade detection.

Why not use automatic mode with exceptions if you are not sure whether to allow or deny certain communication in interactive mode?

The website will be unblocked in the next update. As mentioned by Janus, the best practice for reporting FPs is by following the instructions in the aforementioned KB article.

Please contact Customer care and supply them the ERA server log as well as the screen shot of the error.

Please submit the SysInspector log along with a description of the issue to ESET as per the instructions here.

If you temporarily enable logging of blocked operations in the advanced HIPS setup, are certain block events logged?

I wrote in another thread that V7 beta currently doesn't support Windows 8.1 PR. It will be supported in the next beta build.

I assume that no communication was blocked, but just in case enable logging of blocked communications in the IDS setup, reproduce the problem and then check the firewall log if there are any records about blocked communications / connections. If there are some, post the records here.

The website is not blocked. Please send a screen shot of the alert you're getting to ESET as per the instructions here.

The websites will be unblocked as of the next update. Feel free to report them to ESET as per the instructions here in the future.

This is a known issue and will be addressed in the next beta build.

Hello, you can send me a personal message which I will pass to the engineers.

There is no difference between these applications except the way they activate.

We have launched a full investigation on how the incident occurred and will share more information soon, as it will be completed. As well we were tracing the origins of the attack and were able to shutdown the website that the criminal has been using and the fake form has been removed. We have notified German users about the fake e-mail via special e-mail message and the broader German public via our website and social media. We advised people who might have filled out the fake form with sensitive financial data to contact their financial institution immediately. We are still continuing our investigation and are gathering important information to notify the affected.

Have you tried booting to Windows Recovery Console and running "Bootrec /fixmbr" and "Bootrec /fixboot"? After booting to Windows, please provide us with the following logs: - Sirefef cleaner log (should have been created as it was cleaning the malware) - SysInspector log - ESET Threat log / On-demand scanner log details if the threat was previously detected When done, compress the logs, upload the archive to a safe location and PM me the download link.

Since we were unable to reproduce the issue, I wonder if other users who have encountered the issue could report it here.