mallard65

Yes, the scans with this build take much longer, it takes about twice the scanning time for the same files as the previous build!

Hello,
Yesterday NOD32 urged me to upgrade to 13.2.15, but there was no official mention of this new version here.
Only a few hours ago you published here such an announcement post...
This is a bad way of work - before I upgrade, I wish to know what is changed.
Please, in the future - do not release the binaries to be updated at clients before you have a public matching post with details about the new version.
Thank you.

Maybe it has something to do with the license you've used for activation. We do not sell to Iran. What is the public ID of the license you've used?

Simple answer here folks is Eset normal channel release updates are region specific. Select countries will see the release prior to other countries. It has always been this way.

Hello.
I never use the pre-release channel yet I got the new version late this morning UK time.

I am on the regular channel and I got the update today.
Is that a bug?

Since this forum is not a channel for disputing detections and url blocks. we'll draw this topic to a close.
Only the security malware lab is entitled to make decisions about url blocks. In this case, the blocks appear to be ok. Aggressive or misleading ads are subject to detection as well.

Already replied here:
https://forum.eset.com/topic/24551-domains-false-positive/
Again, this forum is not a channel for disputing detections and url blocks.

Since this forum is not a channel for disputing detections and url blocks, please follow the instructions at
How do I report a false positive or whitelist my software with ESET?
Having said that, we'll draw this topic to a close.

Does eset sell 2-3 month licenses. Thought the minimum was usually 1 year

The default setting for the Win Update service in Win 10 1909 and I assume 2004, is manual(triggered). In other words, the OS starts the service as needed and then terminates when Win Updating completes. The service is set this way on my Win 10 1909 build and I have had no issues with Win Updating with EIS 13.1.21 installed.
My opinion is for anyone having issues with Win Updates, the issue is not with Eset SSL/TLS protocol scanning but rather with the Win Update feature itself. Win Updating on all OS versions is notoriously buggy and frequently becomes corrupted for various reasons.

Since you are in the official ESET forum, the answer is clear Anyways, it's a good practice also to try various products to find out if a particular AV works alright on your machine. It can happen that an AV with excellent results in tests causes performance issues in your environment and vice-versa. Should you encounter an issue while trialing ESET, you can ask here for assistance.

Since you seem concerned about various Eset network outbound connections, here's a list of IP addresses and URL's used by various Eset products and features within: https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-eset-product-with-a-third-party-firewall

The trojan was not executed; it was scanned by the javascript scanner when you opened the compromised website and the connection was blocked.

The PUA detection is correct. It's optional. For more information what PUA are, please read https://support.eset.com/en/kb2629-what-is-a-potentially-unwanted-application-or-potentially-unwanted-content.
If you think that benefits of using a particular PUA outweigh possible risks, you can exclude the PUA from detection.

It's been a slow forum posting weekend and it appears this thread has run its course. We have all had the opportunity to "rant and rave" about Eset Home version protection features we all wished we had and in reality, probably never will have. So it is time to expose this Python POC for what it is - fake ransonware. Err ..... what, you say? The POC encrypted files. Well so does a lot of legit encryption and other apps including user created ones. So lets get into this.
A few years back, the NextGen security software vendors were trying "to get traction" against the established AV vendors with their supposed superior behavior detection methods. Corresponding to this was the appearance a proliferation of ransomware "simulators" where one was encouraged to test their existing AV solution with. The most infamous of these was RanSim produced by KnowBe4: https://www.knowbe4.com/ransomware-simulator . I wrote a thread about the methodology used by this product and similar ones here: https://forum.eset.com/topic/10792-ransomware-simulators-a-detailed-analysis/ . Eset subsequently commented upon Ransim tactics in their own publish article on Eset ransomware protection:
https://cdn1.esetstatic.com/ESET/INT/Docs/Others/eset-vs-crypto-ransomware.PDF
So let's get into some details on the POC. First, note this from the POC's author posting about it at malwaretips.com:
Next is why no vendor on Virus Total detected the POC initially and I believe presently. That one is pretty straightforward. The ransomware portion of the POC never ran. The POC pauses program execution waiting for user input to continue. VT's automated sandbox analysis timed out waiting for input it does not respond to.
In summary, I am not 100% ruling out that techniques used in the POC could bypass existing Eset ransomware detection methods. However, a POC must be developed deploying real world ransomware deployment and execution methods with the most important being the program runs uninterrupted and encryption activities performed against all existing files in C:\Users\xxxx\Documents\*, etc. directories.
 

Assumed here is the POC .exe at startup or upon user consent of the displayed prompt creates the My Documents\test directory. The program then copies all or part of existing My Documents files into the My Documents\test directory. The program code then proceeds to encrypt whatever files exist in the My Documents\test directory. Again, Eset will not detect this as ransomware.
Tell the POC author to first manually create the My Documents\test directory and copy whatever files he wants to it. Remove the corresponding program code that does this. Now run the POC directly executing the encryption commands against all files in the My Documents\test directory.

This is a ludicrous statement. Yes, python.exe is a trusted .exe. So no alerting will be done on the .exe. But its scripts certainly are not trusted. I find it a far stretch that no one is scanning Python scripts; especially un-obfuscated ones.

Ok Live installer it is. Just a synonym but the meaning should be the same. The live installer can still determine the OS and install the full product from online and then install it. Maybe it would be even possible to implement something like multi-threaded download so that the download speed should be fast unlike the in product download speed which is terribly slow for me which is also I mentioned above.
Is 85 mb would be the size of the installer for the whole package? I see that ESET currently downloads around 150 mb during the first update. So if the compressed version in an offline installer is only 85 mb then I think that's not big at all. That's probably the smallest I've seen. Even with my not so good internet it would only take over a minute to download that. Even a 150 mb installer shouldn't be considered huge and many other AVs have a lot larger ones. Also like you said, the live installer's job is to download the product without worrying about OS versions, etc so most people are likely to download the live installer anyway so a 85 mb or even a bit larger optional offline installer is fine and seems more appropriate than the current one.

I'm stating two issues here in one topic.
First, ESET has two types of installers, one is an online installer and the other is offline. But both are totally misleading. The offline installer is merely a 53 mb file which only installs the product but the all the modules data is downloaded after installing. Then the online installer which should do what the name suggests but it doesn't. All it does is downloads that 53 mb installer and install and of course downloads all the modules data after installing. Why even say it an online installer while it's definitely not! Highly misleading. Literally every AV I ever tried, all of their online installer download the whole product including modules and signatures, etc. ESET is the only exceptional one. Same goes for which is supposed to be ESET's offline installer. Almost all AV who still provides an offline installer installs the full product and only download the required new updates after installing unlike ESET. I don't understand! If you want to give users the option for an offline installer then that should contain every modules, updates till the day of creation and for the online installer it must download everything first then install the product.
The second issue is, ESET update downloading speed right after installing is always very slow for me. Most of the time it only use 10-20% of my bandwidth even when there is no other internet activity. I started using ESET when version 12 came out and so far it has always been this way. My internet is already pretty slow so only using 10-20% bandwidth makes the process extremely annoying. Update download speed is always slow I guess but since the daily signature updates are only a few kilobytes, those are not noticeable but the first update is. Why does this happen? Why can't ESET make use of the rest of the free internet bandwidth?

Thank you for your post.
I also only trust av-comparatives.
Of course, I share your views of ESET's excellence.

https://www.eset.com/sk/o-nas/press-centrum/eset-tlacove-spravy/nadacia-eset-podporila-vyvoj-slovenskeho-testu-na-koronavirus-a-financuje-prvych-100-000-kusov/
Machine translation:
Scientists from Slovak companies MultiplexDX, Lambda Life and ProScience Tech have joined forces with virologists from the Biomedical Center of the Slovak Academy of Sciences (BMC SAV) to build a reagent kit according to the World Health Organization (WHO) protocol for reliable detection of SARS-CoV-2. In the first phase they plan to produce and make available 100,000 PCR tests. The ESET Foundation supported the development of the test and finances the first 100,000 pieces to be offered as a gift to the Slovak Republic.
Key components have been developed and manufactured by MultiplexDX, a company dedicated to developing and manufacturing innovative reagents for various molecular diagnostic methods. The Slovak PCR test is currently being validated in cooperation with a team of scientists from the BMC SAS. Preliminary results show not only the functionality but also the good sensitivity of the new test, comparable to the currently used diagnostics. “This means that our test is reliable and accurate and can help diagnose early-stage patients. We can produce key components for 100,000 PCR tests in two weeks, ”explains Pavol Čekan, founder of MultiplexDX.
“In the process of validation and subsequent registration of the resulting report we cooperate with the non-profit organization CCCT SK. It will be estimated to take about three weeks, ”said Adam Andráško of ProScience Tech. "Virus detection consists of sample collection, RNA isolation and PCR diagnostics itself, with our joint efforts focused on the last step," said Ivan Juráš of Lambda Life. “I believe that the efforts of our scientists will be crowned with success, and we will have enough PCR tests from our own resources as important as coronavirus detection. This will help Slovakia not only in continuous testing, but we will also create a reserve in case there is a shortage of tests in the world, ”notes Robert Mistrík from the permanent crisis staff.
The ESET Foundation supported the development of the test and provided funding for the first 100,000 units from the COVID-19 Effective Diagnosis and Prevention Fund. These tests will be offered as a gift to Slovak state institutions. “When creating the Fund, it was important for us to ensure effective mass-scale diagnostics, which can only be achieved through science. Even in such a critical situation, the importance of supporting science in Slovakia, which we have been dedicated to for a long time, thus proves important, ”says Richard Marko, CEO of ESET.
Production capacities will primarily be available to diagnostic laboratories in Slovakia after the first 100,000 tests have been used. “We are ready to cooperate with state laboratories, flexibly respond to their needs and supply them efficiently. After meeting the needs of Slovak Laboratories, we can direct our capacities to other countries that would need our products, ”explains the authors of the test.