Leaderboard

Thanks for all the replies, it was really just about windows logon that I was asking about. However knowing about all this sure was interesting.

When making a statement like this, please provide details on what occured. If for no reason other than to determine if there is an on going issue with existing Eset protection methods. Today's AV products are designed to prevent malware from being downloaded and installed on devices. Pertaining to malware that may have existed prior to AV installation, AV detection is limited in what it can detect. For example, you may have had a backdoor installed or some other stealthy hidden malware that is difficult to detect via signature or behavior methods. When it comes to today's malware, the axiom, "An ounce of prevention is worth a pound of cure" very much applies.

You can create 2 rules, one permissive rule with the trusted zone added on the Remote tab and another blocking rule without any IP address or zone specified and put the permissive rule above the blocking one.