Nightowl

I wish for an Application Control that is similar to Kaspersky's App Control , Trend Micro's App Control It can give more control on what runs on the PC and what cannot run Thanks ESET.

Is your NAS exposed to internet?

Your link leads to 404 my brother. Give us the old eye icon in the taskbar and old skins , would be perfect!

I apologize , I got confused with VirusTotal , I didn't pay attention it's virusradar website.

Unfortunately ESET have no control of how VirusTotal looks like. I believe ESET will tell you to send the suggestions to VirusTotal Team But what I would like from same category , is a section in the ESET website that will allow us to send submissions like VirusTotal , but to test it with Augur/ESET definitions.

Yes but doesn't have changelog or I couldn't find it yet EDIT : Clicking Advanced Downloads , shows it.

He could mean this https://www.eset.com/int/home/internet-security/download/

I understand , thank you. Edit : I see why I got confused , 2019 shows the page of defender even if it's disabled by ESET since it's installed in the system , in 2022 the page of defender is disabled and shows that message that I posted , sorry for confusing.

Hello, ESET is running fine as far as I see , but Windows keep reporting to me that there is no active antivirus provider ESET Server Security 10.0.12014 It doesn't impact the work or anything , but I would like to fix it so it doesn't keep annoying me. ESET is all green.

VBS wıll be dıscontınued by Mıcrosoft due to the risk and due to discontinuing Internet Explorer I think we will see more and more of Powershell attacks instead of VBS

Clicking "Go Home" would trigger hxxps://watchseries.id/home;HTML/ScrInject.B trojan

I tried to go to the link that the error gives you but it's not found An ESET staff might help you faster than me but I will try my way. Let's check if your server isn't corrupted in some parts Please run this in CMD admin : sfc /scannow The sfc /scannow command will scan all protected system files, and replace corrupted files with a cached copy

https://www.eset.com/int/business/download/file-security-windows/ Try Version: 10.0.12014.0 if it works

Try to temporary disable your Web Access Protection , it probably should work , but I know you will remain without Web Access Protection , but this is my workaround for accessing my VPN application. (no I don't work for ESET , so not an official answer)

When I made contact in July , I received that it's a Known Issue between VPN and Web Access Protections and it will be looked on in the future.

I have updated to 10.1.8.0 and re-enabled Web Access Protection but sadly same problem remains , I've tested because I have read from release logs that it got improved. It can be re-produced by downloading FortiClient VPN (VPN only) deb package from here https://www.fortinet.com/support/product-downloads And having ESET web access protection to be running in the same time. No need for login or passwords or VPN's IP , the GUI will not work as long as Web Access Protection is running. Thank you.

It's normal , if you got your ISO from here https://www.microsoft.com/en-us/software-download/windows10ISO It's safe because it's Microsoft, other than that like what you posted about SearchApp.exe , it's the search which built into Windows , it communicates with the internet probably with Bing

Just sit your detections to Aggressive in ESET and HIPS in Smart Mode And if you want to control what goes out and in , you can go with Interactive Mode in Firewall , but will give you lot of alerts for the first time till everything get configured , you can use the Learning Mode before going Interactive Mode. In TCPView you will see lot of attempts and connections by Windows itself because it communicates with other things and with microsoft etc , but if you obtained iso from Microsoft and formatted and installed it , I doubt it would be tampered with iso , but anyway , you can run a deep scan with ESET after you set everything to aggressive detection and reporting and if you still don't trust the result of ESET , you can check another free scanner like Sophos Hitman or any free scanner that won't run as real-time so it doesn't conflict with ESET real-time protections.

What are you surfing to in Edge? or what Extensions are you using in Edge?

Rambler is a website that is similar to Yahoo/MSN and is owned by Sberbank , I doubt it will launch attacks on specific users to steal their instant messaging accounts Another connection is that the attackers used emails from Rambler.ru services , which is the same thing if the attacker used gmail or proton or whatever , since even bad actors that aren't connected to PC work used ProtonMail which is based on Switzerland. It doesn't matter where it's coming from , even if from your friends , if the link isn't supposed to come or the message look weird , don't open it

Thanks for your assistance ITMAN I will check it out. I wish I had an easier route rather than messing with Microsoft's GPO

I was looking at it yesterday (SRP) , but your explanation is better than what I was reading , I will give this one a try , and apply it to specific folders like Downloads , TEMP etc. and will see what happens About Downloads location , I bet I can keep it there , I just put the wanted extentions to be blocked Thank you bro.

I will try to do it through Fortinet filters.(hardware firewall) Thank you bro. I will try to google for best practices/hardening and take a look Thanks for suggestions Should also block Python,Firefox,Chrome,VLC,7zip,rar from running from AppData/TEMP or creating new applications from there like that remcos variant that brought it's vulnerable exes with it I think in first place , since powershell , cmd is prevented , the next step of the vulnerable exes shouldn't come , but who knows Anyone have suggestion?

Is there anyway to prevent *.VBS and *.PIF from being downloaded , received from Skype/Whatsapp etc ?

Solved