NewbyUser

Yesterday I was unable to update to 14..2.23 via selecting 'Check for Updates' within the programme.  I went  to the website to download and  install the latest version which didn't go at all smoothly.  
Interesting that you've now pulled v14.2.23 but outwith this thread there's no information and no advice if you have already installed v14.2.23.  For key security software this is simply not good enough.

I also had a few times under the previous build.

Ahh.......... Appears you are privy to what those ESS new protection features are. Please clue us in as to what these features are.

Yes exactly. They are very sensitive about false positives and this is why they falling behind. Some other products are doing well in this regard while maintaining low false positives. 

I will also add that this posting is out of scope for this forum. This forum is about Eset product questions and issues.

Gotta love the Good Deeds Service touch lol. 

Gotta love the Good Deeds Service touch lol. 

Glad you got your site clean, if in fact you did as it is debatable. but, while I am not in way part of Eset, I don't see the PUA classification being removed, you literally advertise being able to hack other people's IG accounts which is actual malware by definition, and illegal in every country I'm aware of it's laws, so you should be happy with just being classified as a PUA. and call it a day.  Password stealing trojan seems more appropriate to my view. 

This forum is not intended for disputing blocks or detections. Since the malware has been removed, the website was unblocked but the applications will continue to be detected.
Having said that, we'll draw this topic to a close.

If the Eset update hang issue was related to this, it would have not resolved itself after a system reboot as I see it.

I see them the same as the passwordrevealor guy, designing something to hack, but NSO gets a pass because they do it for "law enforcement and national security"  

the world is rocked by the horrifying news of how despotic authoritarian governments and their agencies have used the spyware pegasus made by NSO from israel to intrude the phones & privacy of journalists/opposition leaders/judges/activists etc.
from all accounts, it is now becoming clear that the two primary operating systems on phones, android & ios by google & apple have intentional backdoors disguised as security bugs to allow the security agencies to snoop into any smart phone worldwide.
my question is, as a responsible antivirus vendor, will eset ever be able to protect the users from such illegal intrusions ? is it ever possible, considering that the OS itself has been laid bare to such intrusions by incorporating "security bugs".
phones, especially the smart phones are are no longer secure, but the stunning silence of all AV vendors is even more cause for concern.

What I find funny is the people behind pegasus keep saying this person and this person etc. weren't being tracked by the software and the next thing they say they don't have access to customer data so can't see who/what their customers are spying on, which contradicts the previous statements 

Scary stuff 
 
Revealed: leak uncovers global abuse of cyber-surveillance weapon | Surveillance | The Guardian

Since this is password cracking software, I found a good article covering subjects such as if its legal to sell and use such software: https://blog.elcomsoft.com/2020/10/everything-you-wanted-to-ask-about-cracking-passwords/ . Of note:
Next an excerpt from Password Revelator web site:
I do hope that regardless of the Eset classification of access to this web site, it will flag any download from it as a PUA.

Still that's not good enough. Maybe we could ignore if it was one or maybe two. But 7 ransomware miss at the time of testing is a huge number. It shows again what the OP suggested that ESET's ransomware shield is very bad and almost not effective at all. ESET needs to improve.

Thanks, I thought of suggesting customization lol. But it would be somewhat complicated and obviously not something worth the overall effort and not worth making it a priority. And yes, it probably is designed that way for ease of use. I've read a number of reviews complaining about the "myriad of settings" available. Seems most people just want a "protect me" button lol. 

Nothing.
To begin, most Python ransomware attacks are targeted ones. So unless your a corp., your chances of being targeted are about zip. Bundled Python runtime component attacks are very "noisy" and usually leave a lot of residual artifacts on the device. As such, they aren't suitable for RaaS concerns that are selling their ransomware to the hacker masses.
I don't have Python installed and have no intention to doing so. I am not a gamer that might be using software containing bundled Python runtime comments. Neither am I part of the scientific or research community that might be sharing Python software so bundled. What I am doing will unconditional block any python script from running legit or malicious.

It's been a slow forum posting weekend and it appears this thread has run its course. We have all had the opportunity to "rant and rave" about Eset Home version protection features we all wished we had and in reality, probably never will have. So it is time to expose this Python POC for what it is - fake ransonware. Err ..... what, you say? The POC encrypted files. Well so does a lot of legit encryption and other apps including user created ones. So lets get into this.
A few years back, the NextGen security software vendors were trying "to get traction" against the established AV vendors with their supposed superior behavior detection methods. Corresponding to this was the appearance a proliferation of ransomware "simulators" where one was encouraged to test their existing AV solution with. The most infamous of these was RanSim produced by KnowBe4: https://www.knowbe4.com/ransomware-simulator . I wrote a thread about the methodology used by this product and similar ones here: https://forum.eset.com/topic/10792-ransomware-simulators-a-detailed-analysis/ . Eset subsequently commented upon Ransim tactics in their own publish article on Eset ransomware protection:
https://cdn1.esetstatic.com/ESET/INT/Docs/Others/eset-vs-crypto-ransomware.PDF
So let's get into some details on the POC. First, note this from the POC's author posting about it at malwaretips.com:
Next is why no vendor on Virus Total detected the POC initially and I believe presently. That one is pretty straightforward. The ransomware portion of the POC never ran. The POC pauses program execution waiting for user input to continue. VT's automated sandbox analysis timed out waiting for input it does not respond to.
In summary, I am not 100% ruling out that techniques used in the POC could bypass existing Eset ransomware detection methods. However, a POC must be developed deploying real world ransomware deployment and execution methods with the most important being the program runs uninterrupted and encryption activities performed against all existing files in C:\Users\xxxx\Documents\*, etc. directories.
 

All the ASR are available for Windows Defender too.

At this point, you will have to tract down what service is causing this and find out if its legit.

The issue is fixed in the Internet protection module version 1396; currently it is available on pre-release update servers.

I've found it submitted. Actually the problem is that on the website the ransomware note was inserted in a raw form without any html formatting (after <pre> and <code> tags) which triggered the detection.

think you a lot off.
I will try your solutions and afterwards we will discuss 

While Windows is not officially supported, perhaps it runs on Windows as well according to this statement:
It was originally designed to run on Raspberry Pis. So, unless you had a Raspberry Pi, or a computer running Linux, you were out of luck. However, it's now available for Docker. This means it can be installed on any device which will run Docker, such as Windows PCs or Macs.
Anyways, ignoring the fact that it's Pi-hole, the DNS requests might have originated from antispam. Do you use MS Outlook or any of the supported email clients that ESET can integrate with?