Morisato

Thx Marcos but I am not really holding my breath on it since we've talked about this once before but it has been ages since then 😛. I will keep on hoping though since v15 is still some time away and I am guessing v14 is in perhaps beta or the Insiders tester team haven't started on it yet. I really want to upgrade from the aging ancient v8 and transfer my rules over to v15. I'll probably have to do it soon anyway since v8 won't work on W10 I think. Okay, I get the security for new users but I ain't no new user. I've been here since 2013 as stated in the Joined. I just haven't posted in a long time is all (good thing you don't prune old inactive accounts).

Bah! The new limitations on how long you can edit your threads/posts sucks. Don't recall this happening in the older forum days.

Have they made any improvements to the Firewall Edit Rules to be more user friendly on the eyes in terms of readability? Seems not much has changed for it since the v11 if not before days. v13?: v8 Classic: I know that the new Firewall Edit Rules feature is inherently better in terms of functionality once you're manually adjusting rule sets for each communication line but the old v8 keeps everything on screen with less bloat and text cut off. Why not combine the two? I think average users identify better with icon imagery and text they recognize like just the app name itself as shown in v8. Why not combine that factor and incorporate the features shown in v13 once you expand the tree view for that app name/app.exe alone? Makes scrolling through rules easier to recognize what rule you're looking for on which particular app instead of having to look at every allow/deny executable names (like sifting through hundred of images). Another great feature from the classic v8 is that once an app is uninstalled, the leftover rule/s removes the app icon (Diablo 3 in this case) and shows the executable name instead so you know which app is no longer installed on the PC and can easily be removed/cleaned up with a simple press of Del. I've requested this since the beginning of the new interface days but it seems nothing really has improved/changed since then and why I am still on v8 with up-to-date signatures in place.

Hah, when I was searching for EIS 11 rules images before posting (couldn't find any), I came across the issue you were mentioning. This issue dated back in 2015. https://forum.eset.com/topic/6237-annoying-text-in-firewall-rules-editor/ Even TomasP said, "Hello, I have checked this with our development team and they say a fix for the situation is planned for a future version." Now whether this has already changed or not I am not sure since I never tried v9-11 (dammit everything I do seems to coincidentally relate to the dates 9/11). If they did remove the 'allow communication' part, they could totally add more things there to fill the gap if need be. I was sorta hoping it would be a hybrid of v8 with elements of the new layout. Tree folder like view like you see in v8 with the modern rules shown when you expand the rules hidden (by default). Another perk of the old v8 is that it shows file description along with the file version which is handy imo. Best of both worlds is to add view skins of sorts so people can choose the new layout or hybrid of the old/new.

Is it like v9-10 as in bloated and messy? I'm still on v8. Reason I like v8 rules layout so much is because it's really easy to find the app you're looking for just by looking at the icon/name instead of that horrid listing they got in 9/10. I mean if they kept the icons/app name layout and used the new individual rule layout when you expand the rules of that particular app I would definitely upgrade to that. This is v9 if I recall and it's a mess. Don't know how anyone could navigate through that.

https://arstechnica.com/information-technology/2017/10/equifax-website-hacked-again-this-time-to-redirect-to-fake-flash-update/ https://www.virustotal.com/en/file/6153f429c0cedc721846e60255834ae0f43829cc6a387b766de6f301dab54eca/analysis/1506995209/ An updated variant of this was in use. MediaDownloaderIron.exe. Only Panda, Symantec, and Webroot detecting the file as adware. Payload Security shows the code is highly obfuscated and takes pains to conceal itself from reverse engineering. Malwarebytes flagged the centerbluray.info site as one that pushes malware, while both Eset and Avira provided similar malware warnings for one of the intermediate domains, newcyclevaults.com.

I swear the OP reporting this is some outside foreigner (my bet is Russian) and was making threats of mass spam redirecting users of his site or others using the API towards ESET support for blocking/notifying said malicious script (to run without intent of user knowledge and use CPU resources that could affect the user in question depending on task). OP is most probably some script kiddie, living in moms basement (doesn't pay for electricity), poor and using such tactics to gain monetary funds. A lot of teens to young adults are doing this (I know of a friend who does mining). CoinHive may offer more transparent options to users but at the end of the day, it's the web admins choice to implement them or not and I would say most will not seeing how ignorant most web users are. @itman Eset only detects the script if HTTP scan is on, correct? Was reading some of the previous comments stating it doesn't detect it under certain conditions.

https://www.washingtonpost.com/world/national-security/israel-hacked-kaspersky-then-tipped-the-nsa-that-its-tools-had-been-breached/2017/10/10/d48ce774-aa95-11e7-850e-2bdd1236be5d_story.html https://www.nytimes.com/2017/10/10/technology/kaspersky-lab-israel-russia-hacking.html Poor Kaspersky and those that still use it (though it seems to be safe unless you have files that trigger certain keywords on scan).

https://www.onmsft.com/news/wikileaks-releases-cia-spyware-known-as-athena-that-targets-all-windows-versions-from-xp-to-10 https://wikileaks.org/vault7/#Athena First link mentions it as spyware though the malware itself may be different. Documents and the rest are in the second link. Now if you really want to avoid this, just install Windows 98

"As an example, ESET’s network protection module was already blocking attempts to exploit the leaked vulnerability at the network level before this particular malware was even created. ESET increased the protection level for this specific threat as Win32/Filecoder.WannaCryptor.D in the detection engine update 15404 (May-12-2017, 13:20 UTC/GMT +02:00). Prior to that, ESET LiveGrid protected against this particular attack starting around 11:26AM (UTC/GMT +02:00)." Way to go ESET team https://intel.malwaretech.com/botnet/wcrypt Infection map for those interested.

Eset v8.319 + IE11. I didn't get this notification at all with HTTP checking on and off. Went to the site just fine. Strange... @um_user Use the method mentioned by @cyberhash above:

Using Eset v8.319, Windows Defender, and MBAM v3.0.6 (non-trial/premium) as a 2nd opinion scanner. I like v3 but it doesn't act like it does with v2 where if you close the app via the X button, it closes the whole app itself instead of leaving it running in the background via system tray like it does with v3. I'd fall back on v2 but don't want to miss out on the fixes for v3 so I am sticking with the current one for the time being as it isn't much of a bother atm. I only installed MBAM because there was cases in the past where some 0-day was not detected and only detected on MBAM or something similar to that and it soon became just a backup scan in case ESET doesn't detect anything. Same with Windows Defender which I think the trio work well hand in hand with MBAM only being used once a month scan on the system.

Yes, it persists after restart. I fixed it by uninstalling then reinstalling without upgrade path from v8 to v10. It should at least time out instead of being stuck in the activation screen if that were the case though (if license was invalid due to it being a different version). Also, why does https://www.eset.com/us/home/smart-security/ direct to or rather show Internet Security instead?. I couldn't see the differences on the store page (comparing IS, ESS, and ESSP) unless I went to look for it in the support article, hxxp://support.eset.com/kb3753/.

Can't seem to cancel it to maybe add a different license if need be for ESSP. I just upgrade from v8 to v10 and the first thing it tried to do was activate but it just stays on that screen indefinitely. I can look at the advance setup options and stuff under 'more info' but that's all I can do and nothing more. Didn't have this issue I think during the insiders version.

I wouldn't really bother with that Marcos. It probably isn't the type of site that someone is willing to say for it may relate to some sharing site of a least legal manner else he would've mentioned it already or that he wouldn't have taken the risk to proceed further. That is my assumption anyway.

Hey Marcos, thanks for the response. The reason I bring it up is because it's detected when I do a manual scan or scan/clean on the folder itself. It didn't detect though when I initiated the autoplay of the mounted image in which case it placed the Trojan files in a appdata/local folder. I already submitted and got a response of what it can do more or less. My question is what would prevent this from happening in the first place, File open or File creation? I always have File execution selected but it didn't detect it when the files were placed where I mentioned above. What I'm looking for is what would make eset scan once I double click on autplay/autorun.

Under which selection (File open or File creation) would initiating a autoplay disc which initiates a autorun.inf that makes a new folder with a Trojan under appdata/local fall under as detectable? I only had File execution selected but it failed to detect the Trojan and was only stopped further by eset's interactive mode firewall from connecting online. So it has to be either File open or File creation.

Thanks. Guess I will wait to see what v11 brings since I already beta tested v10 and was more or less v9 with few more additions.

Yes I know but it's better to look at the overall block than just one month since those change constantly each month which says on some other months it has blocked less than the other 2 competitors.

Holy ###### you guys actually got Marcos to change the v8 update nag. I was wondering why I wasn't getting any nags. Sadly I am in the same boat as everyone in here about v8 being the last true ESET product and wouldn't upgrade further. If you can somehow make the firewall rules setting similar like v8 but I guess more updated in a sense to v9 while keeping the v8 clean format I'd totally jump to v9-10 in a heart beat. Another good thing about v8 is that I can disable most of the unimportant things without it flagging a red icon telling me that I am not fully protected (excluding browser scans for I only disabled that because it slows surfing a tiny bit). More like skip any future versions, period. Saying v8-v9 won't stop it from asking for v10 which more or less looks like v9. So the sad part will be for how long v8 will be supported until. Does end of support mean no more virus database updates or module updates or?

Good to know Marcos, thanks for the heads up.

hxxp://chart.av-comparatives.org/chart1.php Real-World - 2016 - Feb to Jun - by value - 80 to 100% zoom Kaspersky and Bitdefender are pulling ahead. Excluded AVG and Vipre due to impact score performance. Yes, 98% but I know you guys can do better and be on par with the other two. I've always seen you guys always stuck at the 98% range for some reason and never a bit higher.

https://labs.bitdefender.com/2016/03/combination-crypto-ransomware-vaccine-released/ Does ESET have modules of such to prevent ransomware and stop its encryption process even? hxxp://www.bleepingcomputer.com/news/security/fantom-ransomware-encrypts-your-files-while-pretending-to-be-windows-update/

Thanks for the info Marcos. I will keep a close eye on future versions and the changes that would be made on it. Who knows, maybe this time it will convince me to upgrade.

I can't fathom or find any logical reason how v9+ firewall layout is supposedly better than v8. I tried it in v9 and I couldn't get used to the expanded long list so I skipped v9 and waited for v10. After some months later when v10 went into beta, I took the liberty of giving it a go once more to try to convince myself a reason to upgrade from the old since the damn software keeps telling me to upgrade from time to time (need to find a way to block that). It used to just give a ! via taskbar icon that a new version is out so I blocked that from doing so again but now it does an actual pop-up notification to Upgrade now instead. Almost felt a tad annoying as the GWX W10 upgrade program. So I am wondering how you users of v9+ are coping with the firewall layout vs v8's more effective layout imo. In my view, when I compare the two, these are my pros of v8 vs v9+ layout: -Compacted to the software .exe alone (while keeping the apps title) for neatness and clarity while retaining individual settings in a tree folder like manner. -Includes the software's icon for those who find it easier or more comforting to identify by image and/or image + text. -If a software has been uninstalled, the icon reflects that by removing itself so you can easily see which rule can be removed safely as it is no longer in use. -Keeps rules in order of when it first initiated a connection to the internet from the top being the oldest to the bottom being the most recent (sadly can't reorganize by name or such if need be for other purposes). -No need to stretch the window horizontally longer to see 'everything'. -Is color coded for clarity and ease on the eyes as you can see in the image provided.