rugk

What OS do you use? What version of NOD32 are you using/were you using? About the sites which were blocked: Legitimate, malware- and PUA-free sites are not blocked by default. What message appeared when the sites were blocked?

OffTopic: You wanted to know about telegram? Here it is: A 264 Attack On Telegram, And Why A Super Villain Doesn't Need It To Read Your Telegram Chats. OnTopic: Threema has recently released a new version (v 2.1) of it's Android and iOS App, which has now a new poll feature.

Ahhh... Now I understand.

So I think you don't have to worry. Whether the mail will be moved into the "deleted" folder or into a special folder created by ESS ("Infected Items") depends on your setting in ESS.

Yes it's a very comprehensive answer! I'm looking forward to hear your answer about another topic about mobile PUA...

@Marcos I think it's normal that you get an 501 error when accessing the servers in the browser. At least I get the same error although ESET LiveGrid is fully working...

Okay, so I looked now at the virus radar page and it seems to be fixed.. The latest update is "11014 Jan 14 2015".

Deleting the mail should be enough. (Unless the malware was already running on your system) However what kind of treat was this? Can you please say under what name it is detected and whether it was moved into the folder "Infected items"?

Well... But we don't know how the DNS (cache) poising/spoofing detection works. I also assume there is only a protection for special kind of DNS spoofing which is able to be recognized from the clients side, because if a DNS server is compromised (or has a wrong cache entry) and returns wrong values then it would be very implausible if any client software could detect this. Maybe I answer your question in the reverse order: Enabling DNS Poisoning detection is surely an increase of ESS protection.

@hemant9394 Ehm... and if you have no internet connection how do you get the "offline updates"...? You sent it from a mobile phone with Bluetooth... Oops... wasn't there something like Bluetooth-Tethering? Okay you send it though your WLAN... well... no... that's even more useless. So what? I really can't see any reason for updating the VSD offline, because "you can not get everywhere internet" - Yes, but if you get it - just update. The only exception may be users which have no internet connection at all - they could get some updates via USB (or something similar).

When you try to put Windows it into standby or when you shutdown Windows it crashs? So what does "crash" mean here? Does it show a bluescreen? If so it would be nice if you can look for the dump file and PM it to a moderator or submit it to the customer care.

Okay and have you set the setting to "create a full memory dump"?

I think they would like to get some logs to fix the problems (there are two problems mentioned in this topic). So if you can reproduce the problems and run the log script then this would make helpful for fixing the problems.

Well... when resetting the IDS settings and this setting isn't causing any issues I would reactivate it. About the document protection: All Office documents are already scanned by the realtime-protection, so the document protection is only an additional protection layer.

And has somebody tested it with the logging script now?

Are there some dumps in %ProgramData%\ESET\ESET Smart Security\Diagnostics? If not what setting did you choose here?

Recently there was published an nice kb article about this Facebook scanner - so that's the reason I want to "wake up" this thread. There you see instructions how to clean the PC with the ESET Facebook Online Scanner. Why does Facebook require that I scan my computer with ESET?

I forgot to link to it... Small Bugs in ESET Smart Security + Suggestions

I'm sorry, but in this case you can't do anything. So it is the best to let the latest version of ESET NOD32 v7 installed. Should you upgrade your OS at some time to a newer version then you can install the latest v8.

In ERA v6 there is already a web console where you manage your clients. But I think it is only accessible in the local network (at least in the default configuration).

And what about mklink /H? This will create a hardlink...

And at what time did appear this doubled update message? Is it the log entry you selected?

At first: hardlink or symbolic link? And BTW the installation directory you can also change at the installation. You just have to download the offline installer and select "advanced settings" during the installation. But why did you created this links? Why do you want to move the files from the one partition/drive to another?

Great! Very fast reaction!

Really? This is only a static GUI element... and to hover the pointer over something you don't get it trusted... You also don't have to worry that some of your updates stopped - it seems you just got a notification too much. BTW what shows the event log when this issue happens?