Arakasi

Because..... My 5.2.22 does not look like that, or have a login domain option.

The greyed out Deny button may be a result of already having an allow rule. Maybe he can sift through and let us know. . .

Hello, Time would be lost. Wait till your trial is up, then activate your paid sub using the given U/P.

If you go to Control Panel > Windows Defender When you click it, it says This program is turned off, below that..... "If you would like to use this program click here." It will turn on, and services for it will start running again, including the gui so you can adjust settings. I would disable it again when you are done with school work as it is inadequate to today's latest threats. Only a premium AV company that has an established database that is current will protect you efficiently. Also real time for every file executed, being monitored by two programs, may yield bad results like freezing.

Hello again, If you go to Control Panel > Windows Updates > view update history(at the left) Attached is my screen shot indicating my last update was KB3011780 If you double click that line item, it will give you the reference url for "more information" hxxp://support.microsoft.com/kb/3011780 On this page you can scroll down to File Information, and at the bottom File Hash information. Good luck !

Hello I concur with Swex instructions, as well as a possible malware existence. Try scanning with the SysRescue or a few other third party on-demand scanners like hitman pro, then install ESET after the fact.

Also, if chance or time permits, reinstall or after installing/upgrading to version 8; try flushing your dns cache, disable your network adapter, then re-enable it, followed by a cmd : "ipconfig /renew". You may get a new prompt by ESS for your subnet to be marked as public or private. Additionally i would be interested to know if after the upgrade and unable to communicate with your router, if going into the advanced properties and deleting and/or re-adding your subnet to the trusted zone solves the issue. Lastly, what model of router are you using ?

Maybe the OP can mark as solved upon return. Glad its fixed !

Also, what about other browsers, same result ? Or just chrome ? Do you have any other security products, and what was your previous before ESET ?

Hello, Need some elaboration on this statement:

Good day Tani Welcome to the forums. While we don't talk or discuss, penetration testing, intrusions, hash, db, or any other forced de-encryption.... we love to discuss the basics of security and malware prevention. For the most part discussions are about the software. The general section can be used to discuss anything you would like to talk about provided it meets the Terms.

Happy Thanksgiving !

Hello Add exclusions to the program DeepBlue.

Go through the recent KB's installed and compare if its a legit update. If so app modification is working as intended and telling you the file was majorly changed. You could restore to earlier and see if it happens again but also the Deny not showing up is strange and unusual behavior unless you have some permission issues etc.

then.. as long as the real-time protection is alive.. it will recognize any coming virus, even if I turned the firewall off? I have shared my files over my LAN, encrypted, no password.. but I never see any incoming attack from the log.. I can't understand the difference between accessing my 44 using hxxp:// hxxp:// from browsers and using \\ from explorer.. \\ shell or windows explorer uses IPC(inter-process communication & DDE (dynamic data exchange). Component Object Model might help you understand, and windows explorer, previously file explorer uses named pipes. Http:\\ from browser is using the application layer of IP suite with HTTP protocol, actually using a network interface and is internet facing protocol. this will get grief from a software firewall monitoring the adapter.

Keep real time on, and if a major threat hits your disk no matter the location; if it tries to run , move, or launch itself etc. It will be caught provided the malware data of said threat is embedded inside ESET's definitions.

netstat while using, i dunno i dont think the software has to be installed if you create it using a path before its installed, knowing the path of the app will be another thing tho

See attached It falls under windows desktop clients > Kernel > etc.

Create a general firewall rule, and select the application. Anything it does regarding network activity will be blocked. If you want to block things like disk activity, program interaction, launching, etc. You will create a HIPS rule, select the application, and officially select the functions you do not wish the application to carry out. Get back with us if you need assistance with a HIPS rule.

EMS will automatically check your gps coordinates under certain conditions. If your battery hits low, 5-15% it will automatically get GPS, in the instance you lost the phone and the battery died on you.

However, If you go to create a custom scan, and in the select targets window, you can choose network and see all your computers, provided network discovery etc is turned on. Simply opening a command prompt, and typing "net view" will list all computers in workgroup or domain. I could list several more ways to see them as well including explorer of course. Not sure what your benefits were of Norton seeing all computers ? Were you performing actions or functions against them with Norton? Or just looking at them ? I am searching for the significance with your request. Thanks

Hello, Login to the account created at my.eset.com Finish your config there and respond to the email sent confirming.

no, no.. I want the 29 could access my computer too.. but not with its threats.. I want all IPs in my LAN access my 44.. that's why my question is simply "am I safe?" If you allow all connections to access 44 that remain in your subnet, this is a generalized rule. While it works, no it is not as safe, unfortunately. If you add more specificity like only port 80, you are getting a little safer. In the end, it is much easier to simply add your network's subnet to the list of trusted zones. Then all ip's in your subnet will be considered safe connections.

To answer your question about the logs and your rule created. You created a rule that always allows connections to .44 on port 80 regardless of the incoming IP. This is why .29 is allowed and showing up in your logs. This is a generalized rule. To fix it, create a rule like this per your quote "I believe that I only access my 44 from 45." Allow access only from .45 on port 80, switch firewall to interactive, and any connections made to .44 from others like .29 will have a prompt so you can create a block rule.

Hello, What you need to distinguish here is that a virus/threat may be in the form of a file, and a network connection from another object is an "intrusion" and this is what the firewall is built for... Preventing intrusions and irregular network activity. Malicious files vs Intrusions 101 If computer A sends a virus to computer B while "B" has firewall to block all incoming connections - (No connection made and file not transferred) If computer A sends a virus to computer B while "B" has firewall set to allow all incoming connections - (Connection made and file transferred) - however "real-time protection" or the part of the software watching disk activity will quarantine the threat upon arrival if it is indeed bad or surely listed in ESET's database. Will recognize. However in the result that a virus on computer A has instructions to change network settings on computer B without moving itself and the firewall is set to allow all incoming connections... This is a totally different story, and you would not be safe without the firewall locked down and configured properly to block the connection(intrusion). So in short, you may be safe, but depending on the threats, i would say an accurate answer is unobtainable with the amount of information given. If it were my network, i would straight up create a rule to block the ip ending in 29, re-image that workstation completely, then delete the block and get back on track. Creating generalized rules, although convenient, is not a good rule of thumb in the field if you require tight security.