peteyt

I've just replaced utorrent. I always had it but decided if there was an ad free one I might as well use that as there have been a few tales of bad practices and I'd rather use something with a better reputation. I'm not sure exactly what the problem Is that causes the issues as of lately however it seems putting it into exclusions fixes it

Would there be an easy way for eset to do this?

No the phantom account is part of eset Anti Theft - if you mark a device e.g as missing only the phantom account will work and possibly (although I'm unsure of this) if someone logs in it may help to detect their location. As someone who uses eset on their PC mainly (do not currently own a laptop) it is not something I have used

I wonder if a windows repair would be the best option. It will remove installed programs but you can tell it to keep files

Strange - And I did presume that but I've never had a hips alert myself. Unless it was set to smart?

One thing I am wondering is if the HIPS is set to manual, which is something I would not recommend for general users. I just have it set to automatic because while I have some knowledge it is not enough and I would probably end up blocking or allowing the wrong thing

A few things to try. Firstly if your on 12 update to 13. Did you try to switch to learning mode for the firewall instead of interactive mode? It does sound like something is corrupt. You could try to repair eset by going to add/remove programs ans find eset. When you try to uninstal there should be a repair option that could repair and fix the issue. You could always back up your settings if needs be but there is a risk the issue could get copied. You could also uninstall if the repair does not help and reinstall from scratch. If a full uninstall does not help you may need to uninstall with esets uninstall tool in safe mode available from https://support.eset.com/en/uninstall-eset-manually-using-the-eset-uninstaller-tool although hopefully the repair will work and avoid all this

According to a similar post 2051 2005 means incorrect password. On the other hand, 2051 2000 means that you are trying to associate the device with the name that already exists in your device list.

Just to add windows 7 will end most support in january

Am I correct in assuming non home products can download and then install updates on an offline device or have I read that wrong somewhere

Can you save the rules on their own?

The problem with the system cleaner for me is it does not give enough information. It is handy that it tells you a setting has been changed but would be handier if it was able to tell you what actual setting so you could decide better. However like Marcos has said it is okay to ignore if you do not suspect malare which to me it sounds like you are safe. I also think it would be handy if after you could see the spefic settings you could add them into some kind of exception. When this feature first came out I gave it a try. Problem was I saw nothing to indicate what got changed and it did not make any logs and there is no way to undo it. Again it might be a good feature for people trying to clean up the leftover mess from an infection but thats it as there is for me not enough info and could actually cause issues with people chaging stuff and not knowing what

Weird I'm not 100 percent but looks like there might be a problem which has caused it to get removed. Possibly uninstalling and reinstalling or running the uninstall and choosing repair. You can always try to backup any custom settings before you do this.

I'd recommend downloading the live installer for the latest. I see you had problems with a previous version. Version 13 seems stable but if you have any issues you can report them. Problem is by downgrading it avoids the problem being fixed. Newer versions also often have better improvements and newer technologies

Welcome to the forum. Glad to see a fellow horror fan to. I love slasher and giallo films

Just a quick question. I presume excluding utorrent would mean torrents and their files downloaded via utorrent would still be scanned

I actually posted this in the wrong post. My question was actually in regards to the zerocrypt ransomware from this post my question is as the user in the video didn't show us him downloading the ransomware does that mean it was probably detected and he conveniently did not show this part.

Just wanted to share a video by the same user for another AV where the developer of that AV has claimed the user has been using bad practises including in the video secretly whitelisting one of the malicious files It shows that you have to take tests with a pinch of salt

Can I just confirm - would the user in the video have had to disable eset to download this ransomware. Obviously it shows in the video eset didn't detect once run but I presume eset would have blocked it from actually being downloaded in the first place?

As mentioned this ransomware with a few others get in by brute force. Is RDP enabled. What tends to happen is they use brute force to figure out the login to get in. They then attempt to disable eset which is made much easier if eset doesn't have a password set for its settings. You can set it so that RDP has a set number of login attempts before locking a user out. Also it's important to make sure you are fully patched with windows updates

You don't need to do that yet. Have you tried to disable the mentioned eset settings and test it?

I did wonder but it's something I have been curious about for a while so thanks for the link. I persume ransomware could also abuse/hijack this so adding microsoft ones into a whitelist and warning about others would not be a reliable option?

Maybe you can answer this question - I have windows 10 pro - I do not encrypt anything - I have played around in the past with securedata for testing purposes but that is it. Does windows do any encrypting itself without a user enabling it. Basically if windows does not encrypt anything without a user enabling it and average users do not encrypt stuff could an AV not use this to implement an allowow/deny kind of process e.g. we have detected something attempting to encrypt files if you have not initiated this it might be ransomware and the user can allow it e.g. if they were the ones running it or block it. Now I know ransomware will hide the fact it is ransomware but would an AV be able to detect the encryption itself before it did any damage? Maybe even have an option to block encryption which could be enabled/disabled in the settings that would automatically block any kind of encryption of files.

could be linked to virtualbox. Do you have a VPN installed?

Could eset not have an option to detect any encryption and warn the user. As you stated average users probably wouldn't use encryption so if there was an option that warned everyone these users would then probably know it was dangerous as they aren't encrypting something. Does windows itself encrypt files without a user telling it to - as that is the only issue if windows was doing encryption and it was getting flagged. The video is better than most videos as most I have seen disable key things and then run the virus and then claim eset is bad trying to ignore the fact they made eset bad by disabling the stuff that would have detected it. However - like a lot of these videos it doesn't show everything. Would eset have blocked the virus from downloading in the first place - that is the key thing. Eset might not have picked it up when it was run but that doesn't mean it didn't detect it being downloaded and the uploader may have had to disable eset to download the virus - which means eset was protecting the user they just chose to ignore it.