SweX

You're welcome, let's hope you get it sorted ASAP.

Place your cursor on "AlexJ" next to the post above and a window will appear, at the bottom click on "send message", after that you will understand what to do next.

Does it mean there will be a module update coming soon? No not a module, this is not "fixable" in any module, it's one of those problems they can't fix and release a new module, instead it will be included as a fix in the next build release of the product. It should be stated in the change-log once the build is released.

Hello, If you indeed get VSD updates according to your latest screenshot then AFAIK the license must be working and accepted by the server. But what also is of concern is the disabled/non-working Web Access Protection. It should not be disabled. As long as it is disabled that error about maximum protection will not go away. If you have NOT disable Web Access Protection deliberately then there might be something wrong with your install. Personally I would try a clean fresh install, then put in your user&pass at the end of the install and see if it works now. Edit: I see now in your screenshot that the GUI says "an error occurred while starting services" How long have you had that problem ? Not since day one I hope. It's quite serious and needs to be resolved ASAP. Have you previously at some point tried a fresh install to see if it fixes this issue ? Edit2: Not sure why I miss so many details in posts today. I see you use ESS V7. Please download the latest version which is V8 and see if that will resolve the error. But to prevent that you may have to do it all over again and move the problem that cause the error along by installing over-the-top. I would first use the ESET uninstaller in safe mode, and then make a fresh install of V8. 1. Download v8 from here(choose 32 or 64 bit OS, and language), but do NOT run it immediately, let the installer sit where ever you save it until V7 is fully uninstalled and out of the way. hxxp://www.eset.com/us/download/home/detail/family/5/#offline 2. Follow these instructions carefully to uninstall V7. hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN2289&actp=search&viewlocale=en_US&searchid=1425981522310#Win_7 3. Run the V8 installer that you downloaded in step 1 to install ESS V8. Have your user/pass ready during the v8 install process and activate it at the end. Please report back if all went well or if you still have problems with any error message, updates etc etc...after you have installed V8. The problem causing the "an error occurred while starting services" could be more serious so it may or may not be fixed by this, but performing a clean install of V8 is what I would try first because it often fixes this sort of problems.

Yes it works, but you could enable pre-release updates in ESS so you get new modules faster incase ESET needs to update some modules to stay compatible after a new Win 10 build is released.

Article: hxxp://www.cso.com.au/article/563978/security-tools-missing-up-100-malware-ethreatz-testing-shows/ hxxp://www.cso.com.au/article/398860/ethreatz_automated_malware_testing/

Does Epfw LightWeight Filter come with EAV/NOD32 as well that FPPfan are using ? Long time since I used NOD32 so I don't remember.

The web access protection is not active on VirusTotal afaik when you run a URL check, in the product WAP scans web content in real-time as it is loaded in the browser and will detect and block threats if anything is found like in your case. Windows defender does not include any type of web protection afaik, so no surprise that it said nothing about it. Exluding the website to be able to access it = bad idea. Better have them clean the site so your wife (and others) can access it safely afterwards.

I don't use Sanboxie so I can't comment on that, but it shouldn't be incompatible with ESS in any way afaik and cause issues like this. So the slow loading and (sometimes) crashes happen in all the browser you mention, IE, Chrome and Firefox ? Personally I would try for a while without sandboxie and load one of your browsers without any add-ons enabled and go to a few sites that you know you had issues with, that way you only use ESS with the firewall and web access protection with protocol filtering and if the issue is in ESS you should still experience the issues that you mention.

Do you use any browser add-ons or extensions in your browser? The only one I use is uBlock for Firefox. It's good that the TS in the Wilders thread confimerd that the issue was with ABP for IE, as it worked fine with Chrome.

@yongsua I just want to say that it's very good that you report about your issue and are willing to work with ESET on this, (unlike some other users if you know what I mean). Letting ESET know about any issue one may have and do some testing is the only way to find the cause and hopefully a possible solution to it.

hxxp://arstechnica.com/security/2015/03/system-catches-malware-sites-by-understanding-sneaky-domain-names/

It seems so. Zfactor didn't have any issue with EAV while Mortal raptor had been using EAV. I've asked to ESS on Windows XP as the standard ndis driver is used there, not the new lighweight filter that wasn't supported in older OS. Mhm what a shame....for Mortal I mean. I don't think his issue will ever be fixed if that is the case, sadly I don't think he have enough patience to work it out together with you, at least he doesn't show much interest in doing that. Instead he seem to hope for the issue to go away by itself eventually in some future version, which I doubt it will. I have told him so many times what he should do so I won't bother responding to his comments about this particular issue again, it is what it is. Well, he's using Avira now, and have bought a Norton license (again) so I guess he stays happy for a while.

See this thread for more answers: https://forum.eset.com/topic/4214-windows-start-ess-hips-block-some-access/

Hmmmm

So is Mortal raptors problem, and zfactor's problem not the same ? As mortal complained when he used EAV IIRC and afaik this driver is not used in NOD32 right ? Anyway, it's good that you keep investigate so we finally can get zfactors problem solved even if the problem is not in the product itself, it should be able to be fixed by ESET or MS eventually, depending on what the investigation shows.

I've done an exclusion in ESS8 but all invain. I don't know how to disable Komodia in Adguard or in ESS8. For a layman like me I want a solution. Ess8 warns me to clean hitmanpro alert 3 before execution and I uninstalled it due to so many pop ups. But for Adguard I couldn't find any solution and repeatedly happening at every reboot that ESS8 warns me to clean the PUA. I'm using Adguard program. I'd posted the screenshot but don't know why it didn't appeared here. Both ! Surfright and Adguard. Hmm ok, I see your screenshot inside the quote, but I didn't see it before I clicked on the quote button. And now I also see that Adguard was the affected vendor. No, there is no Komodia in ESET's products. Komodia is no good, which is why Adguard did the right thing to get rid of it. I assume ESET let Adguard know what needed to be done in order to get Komodia out of the way, and out of their product......"The vendor was open for co-operation and took measures that allowed us to whitelist their files." But I still don't understand what you say about ESET and HMPA v3 ? Could you post a screenshot of the ESET detection of HMPA as well for clarification ? There are no PUPs or PUAs in any software from SurfRight.

Yeah but I was talking about the file he tried to download from uploaded.net"I was downloading an epub file which was NOT a threat from a good friend at uploaded.net." Is there a PUA in that one as well ? I have no idea what file that is. Well, when I tried to download myself, I did read that the Open Candy will be removed once a donation of at least 5€ is made to LopeSoft and LopeSoft will provide a standalone installer of this software without the Open Candy. His friend might have the standalone installer that might come from Lopsesoft or other sources. Hehe I see, well if it as as rugk say, that uploaded.net use a download manager of some type then it could be that piece that is detected, or it can be the loopsoft PUA itself. Impossible for me to say. The bottom line is that the solution is very simple for people that has problems with "too many" PUA detections, they don't have to be detected unless you set up the product to detect PUPs and PUAs. They are optional detection categories after all. A tip for LoopSoft...skip Open Candy altogether, provide a 15 or 30 day free trial without PUAs, and if the user likes it they can still buy it for €5. And not pay €5 to get rid of Open Candy! Bundling stuff does nothing good for the reputation of a developer or company. And I don't think it is impossible to find the stand-alone installer without Open Candy elsewhere if one really wants to find it. I would have no problem donating to loop soft if I like and want to use their software, but I would never donate to anyone that does business through PUAs. Donations is something nice and good, PUPs & PUAs are the opposite to that.

Sorry I want to get this right, which vendor was it SurfRight or Adguard ? I am happy to hear you was able to work it out so quickly with "them" the vendor, very nice.

Yeah but I was talking about the file he tried to download from uploaded.net "I was downloading an epub file which was NOT a threat from a good friend at uploaded.net." Is there a PUA in that one as well ? I have no idea what file that is.

Do it with Eicar, when you have the threat notifications on the screen leave it and go do some grocery shopping or whatever, and when you come back check if the notification is still on the screen, I figure that should be long enough to see if it stays up for a "long time" or not. I can't see why you would need to do a hard shutdown, the only "bad" thing that could happen is probably that the notification is long gone when you come back as you don't want that Or just fire up a VM and do it in there.

Smart Mode works great as a "set it and forget it" mode, I use it myself too and I've never had an issue with it.

What did the notifications say at the moment the download was terminated, what was it detected like ? No, it can't show up in the quarantine as the download of the file was terminated before the download was finished. Is ESET the only vendor detecting the file ? Have you or your friend uploaded the file to Virustotal.com to see if any other engine detects something ? But if you know it is clean then just send in the file to ESET and say that you believe it is a FP, if it really is clean then they will take care of it, if it is not, then the Lab may respond and explain why it is detected and that the detection will stay in place. How do I submit a virus, website or potential false positive sample to the ESET lab? hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN141&actp=search&viewlocale=en_US&searchid=1425374957237

@Marcos are you saying that Komodia is used in the Adguard program ? (not the Adguard browser extensions) And I don't see any screenshot in the OP ? Only a quote.

What is the detection name? I downloaded the latest version of HitmanPro 2 days ago and also made a scan with it, and not a beep from ESET. And I have PUP, PUA, and Suspicious apps detections enabled. Are you using the Adguard browser extension or the program ? I assume you use the program as you mention orange and green icon, I have never installed it so I can't say anything about it. I have used the Adguard Firefox extension in the past, and ESET never said anything while using it for around 1-2 weeks.