TGW

Real-time : ESS, Zemana AntiLogger. On-demand : MBAM, HMP. Browser : FF24 + ABP, WOT, QuickJS. Virtualization : Sandboxie, ShadowDefender, VMWare. Encryption : TrueCrypt. Backup : Macrium Reflect. Rescue CD : ESET SysRescue, Kaspersky Rescue Disk, Avira Rescue System. Boot CD : Hiren's BootCD, Microsoft DaRT. Secure DNS : Comodo. Other : EMET, GMER, Panada USB Vaccine, AppLocker, Process Hacker, HMP.Alert. Notes: All programs are up-to-date and heavily optimized to ensure high security while maintaining usability and flexibility. There is also a long list of other programs and services I use occasionally as needed.

I can't tell for sure, but it probably is a beta version of the module since there are some on-going issues with HIPS on Windows 8.1, so maybe they're pushing the latest available versions to address those issues.

This clears it up...

1. ESET Training is only available for USA, Canada and the Carebians residents AFAIK. But I see that you have the training section, what's the exact problem? 2. Open ESS > Advanced setup (F5) > User interface > Access setup > Uncheck the 'Require full administrator rights for limited administrator accounts' option checkbox.

Like Avast you mean with all the shields and modules? if Yes, then I would have to disagree, I have always thought that having everything tightly integrated is one of ESET's strong parts. But that has nothing to do with the choices in the menus though No I mean the program menu itself only, which is shown in 2nd screenshot in the OP initial post. Something like Windows Start Menu, where you can add/remove items from the menu.

This isn't normal, I never seen Local Security Authority Process (lsass.exe) taking more than few MBs of memory during normal operation. Do you any chance have Anti-Theft feature enabled? If it is, then disable it and delete the user account it created, restart the computer then check your memory usage again, and post your findings please. If this wasn't it, then you may want to check the 'lsass.exe' process is the actual legit Windows process, it can also be a virus using the same process name. // EDIT Just noticed your edit, I can see a suspicious process in the screenshot you posted (user.exe): See: hxxp://www.threatexpert.com/files/user.exe.html Please verify if it's a legit process or not, e.g. upload it to VirusTotal, check it with ESET Live Grid, digital signature validity (if any), etc. VT: Task Manager > Right click the process > Open File Location > Copy it to desktop > Go to VirusTotal website and upload it (request re-analysis if the last analysis was long time ago). ESET Live Grid: Task Manager > Right click the process > Open File Location > Right-click the file > Advanced options > Check file reputation using ESET Live Grid I also recommend that you update ESS to latest available VSD, then run a full scan. And post back the results.

After checking the email, it's 100% bogus.

It's hard to fulfill each user needs and still keep the program menu usable, each user can come up with a task he/she does so frequently and wants it to be right there for quick easy access. I think it would be nice if it was modular so each user can configure it the way he/she likes.

Sounds fishy... @Arakasi See here: hxxp://h30434.www3.hp.com/t5/Desktop-Operating-Systems-Software-Recovery/Email-from-Marc-Andersen-lt-research-hpcomputerlabs-com-gt/m-p/3033777

I'm not sure what's the problem here, I was able to load the website with no issues. (FF24/ESS7/Win7) Please post the exact error you're receiving and/or a screenshot that demonstrates the issue, along with your operating system version, browser version, firewall (if any).

I don't think you can buy from the international website, when you attempt to buy you'll be redirected to the appropriate/local store/reseller. But you can buy from any online retailer that offers international shipping if you wish (e.g. Amazon). Buy from whoever offers the best prices, be it in Croatia or elsewhere (if possible).

You probably have enabled "Pre-release update" option in your previous installations, hence why that module was updated to 1009 (20130301), and as far as I remember it was released address certain issues in server products. According to ESET, this module doesn't need any improvements/updates, but for some reason people have 1006 (regular) and some others have 1007 (regular), not yet explained. Also, this module should not be confused with Real-time system protection functionality, which incorporates this modules and other modules to provide the protection.

Yes, it's alright, I see nothing unusual.

The above listed entries are for most part harmless leftovers, therefore it's not required to do any cleanup whether you upgraded using the in-product update or installed over the existing installation via online or offline installer.

Try this: hxxp://support.microsoft.com/mats/Program_Install_and_Uninstall

Let's try to narrow it a little bit more, enable real-time protection and keep HIPS disabled, then try to shut down, if you experience a slow shutdown, enable HIPS then restart the computer, and once you're logged in again, disable real-time protection and try to shutdown, and post back your findings. This and what Marcos suggested in the Wilders thread you linked to isn't intended as a permanent solution, but rather an attempt to diagnose the issue.

I'm glad to hear that it's a known issue, wondering if a fix is expected soon? And would it be pushed as a module or a version update?

If "Anti-Phishing protection" is enabled, and the user disables protection temporarily and then re-enables it, all modules are re-enabled correctly except "Anti-Phishing protection" remains disabled and has to be re-enabled manually every time. Steps to reproduce: 1. Enable Anti-Phishing protection if it's not already. 2. Temporarily disable protection from the program menu. 3. Set any time interval. 4. Re-enable protection or wait until the time is up. 5. Open ESS > Setup Notice that the "Anti-Phishing protection" indicator is still red indicating that it's still disabled, see the screenshot below: ESS 7.0.302 - Windows 7 (32-bit) Virus signature database: 8931 (20131017) Update module: 1044 (20130708) Antivirus and antispyware scanner module: 1411 (20131004) Advanced heuristics module: 1143 (20130909) Archive support module: 1180 (20130930) Cleaner module: 1078 (20131003) Anti-Stealth support module: 1053 (20130906) Personal firewall module: 1151 (20131016) Antispam module: 1026 (20130715) ESET SysInspector module: 1237 (20130701) Real-time file system protection module: 1007 (20111129) Translation support module: 1122 (20130911) HIPS support module: 1097B (20130927) Internet protection module: 1085 (20131011) Web content filter module: 1028 (20121113) Advanced antispam module: 1495 (20131017) Database module: 1040 (20130822)

I'm unable to reproduce the issue. I scanned ProgramData, the scan was fast (18 seconds) and finished successfully. ESS 7.0.302 on Windows 7 (32-bit)

Do you by any chance have any other resident anti-malware or any security software? Disk encryption? This might be a bug in ESS, and the file is already corrupted, but since I'm unable to reproduce the issue on any of my machines I can't think of much, anyway, try the following: 1. Disable any other resident security software (if any) > Restart the computer. 2. Scan the disk for errors. 3. Repeat the steps from above again. If all fails, send the files to ESET as per Marcos instructions, they probably can decrypt them and send them back to you, unless they're severely corrupted (probably not the case). Good luck.

What's the exact error you're receiving? Try to disable protection temporarily then try to restore the file(s) again: Right-click on the file(s) > Restore and exclude from scanning. Hope this helps.

You're correct, it's been long since I had to kill any of the two processes, and maybe I used Process Hacker for the job back then. I don't think you need to take ownership of the files, disabling "Self-defense" in ESS advanced setup followed by a restart should do the trick I guess. And you still can kill 'egui.exe' using Process Hacker without disabling "Self-defense". If this happens again, also check if the following registry string at HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run exists: Name: egui - Value: "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice And if ESS service is running. Cheers.

Do you see ESS icon in the system tray? Or is it that when you click on it the GUI doesn't show up? In case you don't see the icon, there is a slim chance that it might be hidden by Windows, click the small arrow next to the system tray icons and check there. If that's not the case, open Windows Task Manager, and look for the two processes that belong to ESS: ekrn.exe and egui.exe, if you can't see one or both of them, please post back. If both ekrn.exe and egui.exe are there but you're still unable to see the GUI, try to start ESS from the start menu, if the GUI didn't open, kill egui.exe process via Task Manager (admin elevation might be needed) and then try to start ESS from the Start Menu again. Post back your findings.

You guys are welcome

When you see that error hit the Update button again right after it, sometimes it works. If that didn't help, clear the update cache, to do so: Open ESS > Press F5 to access the Advanced Setup > Update > Update > Clear update cache > Hit clear button. Now, try to update again.