Jump to content

Aryeh Goretsky

ESET Moderators
  • Content Count

    687
  • Joined

  • Last visited

  • Days Won

    44

Kudos

  1. Upvote
    Aryeh Goretsky gave kudos to itman in Time For Eset To Issue A-V Comparatives Realtime Test Transparency Reports   
    Background
    For some time, there have been forum postings regarding Eset's scoring in this test series. This has resulted in long and oftentimes mindless discussions on this issue. I am sure Eset has better use for its forum disk space.
    Solution
    Microsoft a while back adopted the use of published AV lab "transparency" reports to respond to its scoring in select AV lab tests. Their reports reflect typical Microsoft verbose detailing as only a concern with the resources it has to allocate to such an undertaking. Here's an example of a transparency report: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE27O5A?ocid=cx-docs-avreports .
    I think it would be sufficient that Eset's report simply state the samples missed along with a brief explanation as to the cause for non-detection and corrective action implemented. Of course, there should be verbiage provided if Eset disputed the AV lab non-detection finding.  
  2. Upvote
    Aryeh Goretsky gave kudos to Marcos in how to clean our software false positive by ESET?   
    1, This forum does not serve as a channel for disputing detections as stated also in Please read this before you post.
    2, PUA detections are unlikely to be false positives since they are created after in-depth analysis of particular applications.
    PUA detection is optional and is enabled only with user's consent. If a user thinks that using a particular PUA outweigh possible risks (e.g. ads that the applications may display), the user can exclude it from detection by the detection name.
    Having said that, we'll draw this topic to a close.
     
    By the way, just by a quick look at the application it's annoying to constantly get this pop up to buy some extra gold pack of something that was allegedly offered for free and there's no "No thanks" button next to Buy to refuse the offer. Annoyances like this may contribute to PUA classification besides others. It's a good practice to make the application fulfill AppEsteems criteria to minimize the chances of PUA detection, however, they are not the only ones that must be fulfilled by app makers.

  3. Upvote
    Aryeh Goretsky received kudos from RB fashion in Future changes to ESET NOD32 Antivirus   
    Hello,
     
    Not every requested feature can be added at once.  ESET's project managers have to carefully look at the technical and market requirements for each request.  Sometimes, the amount of work required to implement a requested feature may mean that it needs to be put off for a few version releases until enough engineering time can be budgeted to implement, test and maintain the feature.  And sometimes, a feature might be requested that is just out of scope, offers little real-world benefit to customers or may even be against ESET's business practices.
     
    In any case, what I would suggest is to provide as detailed a description as possible of the feature you are requesting, in order for ESET's project managers to make better sense of it, and a little patience, as not everything can be done at once.
     
    Regards,
     
    Aryeh Goretsky
     
     

  4. Upvote
    Aryeh Goretsky gave kudos to Rami in Future changes to ESET Internet Security and ESET Smart Security Premium   
    It's not that big deal in my opinion @nonamelab, It's a way to bring more people to use ESET and in the same time giving the person who invited the other person who doesn't use ESET , a month of usage or more I don't remember exactly.
  5. Upvote
    Aryeh Goretsky received kudos from TomFace in Rules of the ESET Security Forum   
    Welcome to the ESET Security Forum!
     
    ESET is pleased to provide you with this resource in order to make it easy for you to ask questions and receive answers about ESET's products and services.  Understand that the ESET Security Forum is a private community for existing customers of ESET, prospective customers who are interested in ESET's software, ESET employees and business partners.  Because of this focus, it is not like a general public forum, where conversations take place on a variety of non-ESET and non-security related topics.
     
    With that in mind, we have the following rules in place:
     
    When registering for an account on the forum, please fill out the information accurately and correctly.
    Do not enter the Username and Password for your licensed ESET software, but instead choose a username (in Latin) unique to this forum.  You should also choose a suitably complex password unique to this forum as well. Do not create multiple accounts.  If a person is found creating multiple accounts, ESET reserves the right to take whatever actions it deems necessary, including banning, blocking, deleting and/or merging them.  The exception to this rule is ESET staff, who may create multiple accounts for testing purposes. No impersonating other forum users, ESET employees or other people. Use appropriate language in the forum.  No vulgar, obscene or rude language will be tolerated. No vulgar, obscene or otherwise offensive images or video will be tolerated. ESET staff have the right to move, edit or modify messages that you post.  This may be done for clarity, to move a message to more appropriate forum where it will receive more attention, or for other reasons outlined in these rules. All decisions by ESET staff are final, and not open to discussion. This list may be updated at any time.  Please periodically visit this page to review any updates. Do not post direct links to any executable files, malicious/suspicious software or web sites in public messages, even if you think the software or site is clean and incorrectly detected by ESET.  Break up the URL by inserting spaces into it, or replacing the protocol handler with an obfuscated one, like . Do not attach malicious or suspicious files to messages, even if you think they are clean.  Write a public message, and then use the "report this message" option to send a private message to ESET staff with a link. Do not post any personally identifiable information (PII) about yourself, such as an email or mailing address or phone number, in a public message. Do not post the username and password or license key for your ESET software in a public message. Do not post links to software cracking tools, license key generators, pirated copies of software or other illicit software in the forum.  If you wish to report a site, write a public message, and then use the "report this message" option to send a private message to ESET staff with a link. Do not post private correspondence (private messages, email, etc.) publicly within the forum. Do not post "A vs. B" or "Which product is best?" type messages in the forum. Do not post overtly commercial messages in the forum (this includes in your signature). Do not pre-announce releases.  Due to differences in scheduling, it may sometimes take several hours after a release has appeared on ESET's web site for the release announcement to appear here in the forum. Do not abuse the forum's rich text controls.  Messages and signatures with inappropriate font selection, including size, color and, for signatures, length, may be edited by forum staff to conform to standards of decency. Do not ask other users for logs, especially if they may contain sensitive or other personally identifiable information. Posts made on behalf of a 3rd party company may only be made from accounts registered with an email address from the company's domain (verifiable by ESET staff). Do not use the "Report post" function for other purposes than reporting inappropriate content requiring moderators' attention. Do not report possibly incorrect detections or blocks (false positives) in the forum unless they may affect a lot of users. If you think that your application or website is detected or blocked incorrectly, please report it to ESET as per the instructions at https://support.eset.com/kb141. Be civil, do not post sarcastic, offensive or mocking comments towards any person or entity. Do not post messages that are off-topic, keep the discussion to the point and do not lead it astray. To discuss a different, unrelated issue or question, always create a new topic. If you have any questions or comments, please contact one of ESET's moderators.
     
    Last Revised: 5 March 2019.
  6. Upvote
    Aryeh Goretsky gave kudos to foneil in ESET SysRescue Live 1.0.16 has been released   
    A new version of ESET SysRescue has been released. See the ESET SysRescue Download page for more information and to download the tool. 
    How do I use ESET SysRescue Live to clean my computer?
    Changelog
    Changed: ISO updated to isohybrid. Isohybrid enables the ability to create live USB via various available apps. Older versions of Live USB creator will not work because they are bound to a specific version of ISO Changed: Updated legal terms and sensitive information handling due to EU General Data Protection Regulation (GDPR) Changed: System updated to Ubuntu Xenial Xerus 16.04 LTS Changed: Updated UEFI boot and the ISO now supports both Legacy and UEFI mode booting Changed: Integration of the second El Torito image grub Changed: Additional minor changes and improvements Fixed: Invalid copyright value in startup splash
  7. Upvote
    Aryeh Goretsky gave kudos to Cousin Vinny in Request for feedback on a plan to change handling of Potentially Unwanted & Unsafe Applications   
    Speaking as someone who is hands-on IT management rather than a reseller or MSP:  That is how I would expect it to behave and should.  My endpoints are configured for strict cleaning so I have not dealt with this issue, however if end users were greeted with option dialogs during an av scan without any way for the admin to suppress I would be quite aggravated with the product.
  8. Upvote
    Aryeh Goretsky gave kudos to rekun in Request for feedback on a plan to change handling of Potentially Unwanted & Unsafe Applications   
    I would welcome the changes, as I currently enable strict cleaning to get similar results 
  9. Upvote
    Aryeh Goretsky gave kudos to Marcos in Request for feedback on a plan to change handling of Potentially Unwanted & Unsafe Applications   
    Dear forum members,
    We are considering a change in the product's behavior but before doing that, we would like to consult you, our field experts with regards to the problem and suggested change.
    We kindly ask you to:
    Read this message carefully Talk with other people of your support staff, whether they are aware of issues related to current behavior Provide any comments (supportive / negative) towards the proposed change As of now, one of the issues that our customers are facing is the behavior of products in managed environment, related to handling of detections and cleaning of Potentially Unwanted and Potentially Unsafe Applications (hereafter referenced as PUA)
    The following are prerequisites of the behavior:
    Default cleaning settings on the Endpoints (normal cleaning) Detection of PUA is enabled. With these settings we were reported the following problems by several customers and resellers / MSPs that we have interacted with directly during a customer research.
     
    Main problems are:
    End users on local machines are forced to respond to an „interactive window“ that is asking for action in case of a PUA detection, which can by triggered by protection modules or the on-demand scanner. They offer the „ignore & continue“ action even in managed environments where the end user should not make decision. Users can try to install a PUA which usually ends with multiple interactive windows appearing. If a PUA is already in the system and you schedule an on-demand scan, it will be reported to the user again and a dialog with action selection is shown to the user. If this happens on a server, it will be never resolved; the dialog eventually expires, and then will be reported again and again to the server upon re-scanning. The only solution currently is to set an exclusion or to set cleaning mode to strict which will automatically remove the PUA detection without asking.
     
    What are we planning to do:
    We are planning to change the product behavior in a way that our endpoints will automatically block / clean PUA detections in managed environments according to the option selected by an administrator, meaning that the end users will never see interactive windows. Alerts (only one) will be reported to the ERA, and it will be up to the security administrator to either set an exclusion or acknowledge such detection. After exclusion, reinstall of the affected PUA will be needed on the target system; restore from quarantine is not enough since „cleaning“ also removes references which are not restoreable (this is valid also now, when Exclusion is „cleaned“).  
    We would like to hear from you and ask for feedback whether you consider this change as risky from the perspective of customer expectations. We do perceive the problem as serious and would like to change the behavior even for existing users by means of a module update. An alternative approach is to change it only in new versions of our products, meaning Endpoint V7 and eventually backport it to a new 6.6 hotfix if that happens in the foreseeable future.
    How the interactive window looks:

    How it looks in the logs:

    How it looks in the ESET Remote Administrator:

    Please note that we are also bringing a lot of changes into the ESMC:
    Cleaned „threats“ are automatically going to be marked as resolved (once the behavior is implemented, you will automatically get the PUA cleaned at the „first detection“) and will be automatically „resolved“ in ESMC (no duplicated entries when one clicks „no action“) You will be able to set exclusions directly from the threats section, basically by „one click“; there will be also an option to set „exclusion by HASH“ in EES.  
    Thank you for your feedback & support.
  10. Upvote
    Aryeh Goretsky received kudos from Dimitris G in Rules of the ESET Security Forum   
    Welcome to the ESET Security Forum!
     
    ESET is pleased to provide you with this resource in order to make it easy for you to ask questions and receive answers about ESET's products and services.  Understand that the ESET Security Forum is a private community for existing customers of ESET, prospective customers who are interested in ESET's software, ESET employees and business partners.  Because of this focus, it is not like a general public forum, where conversations take place on a variety of non-ESET and non-security related topics.
     
    With that in mind, we have the following rules in place:
     
    When registering for an account on the forum, please fill out the information accurately and correctly.
    Do not enter the Username and Password for your licensed ESET software, but instead choose a username (in Latin) unique to this forum.  You should also choose a suitably complex password unique to this forum as well. Do not create multiple accounts.  If a person is found creating multiple accounts, ESET reserves the right to take whatever actions it deems necessary, including banning, blocking, deleting and/or merging them.  The exception to this rule is ESET staff, who may create multiple accounts for testing purposes. No impersonating other forum users, ESET employees or other people. Use appropriate language in the forum.  No vulgar, obscene or rude language will be tolerated. No vulgar, obscene or otherwise offensive images or video will be tolerated. ESET staff have the right to move, edit or modify messages that you post.  This may be done for clarity, to move a message to more appropriate forum where it will receive more attention, or for other reasons outlined in these rules. All decisions by ESET staff are final, and not open to discussion. This list may be updated at any time.  Please periodically visit this page to review any updates. Do not post direct links to any executable files, malicious/suspicious software or web sites in public messages, even if you think the software or site is clean and incorrectly detected by ESET.  Break up the URL by inserting spaces into it, or replacing the protocol handler with an obfuscated one, like . Do not attach malicious or suspicious files to messages, even if you think they are clean.  Write a public message, and then use the "report this message" option to send a private message to ESET staff with a link. Do not post any personally identifiable information (PII) about yourself, such as an email or mailing address or phone number, in a public message. Do not post the username and password or license key for your ESET software in a public message. Do not post links to software cracking tools, license key generators, pirated copies of software or other illicit software in the forum.  If you wish to report a site, write a public message, and then use the "report this message" option to send a private message to ESET staff with a link. Do not post private correspondence (private messages, email, etc.) publicly within the forum. Do not post "A vs. B" or "Which product is best?" type messages in the forum. Do not post overtly commercial messages in the forum (this includes in your signature). Do not pre-announce releases.  Due to differences in scheduling, it may sometimes take several hours after a release has appeared on ESET's web site for the release announcement to appear here in the forum. Do not abuse the forum's rich text controls.  Messages and signatures with inappropriate font selection, including size, color and, for signatures, length, may be edited by forum staff to conform to standards of decency. Do not ask other users for logs, especially if they may contain sensitive or other personally identifiable information. Posts made on behalf of a 3rd party company may only be made from accounts registered with an email address from the company's domain (verifiable by ESET staff). Do not use the "Report post" function for other purposes than reporting inappropriate content requiring moderators' attention. Do not report possibly incorrect detections or blocks (false positives) in the forum unless they may affect a lot of users. If you think that your application or website is detected or blocked incorrectly, please report it to ESET as per the instructions at https://support.eset.com/kb141. Be civil, do not post sarcastic, offensive or mocking comments towards any person or entity. Do not post messages that are off-topic, keep the discussion to the point and do not lead it astray. To discuss a different, unrelated issue or question, always create a new topic. If you have any questions or comments, please contact one of ESET's moderators.
     
    Last Revised: 5 March 2019.
  11. Upvote
    Aryeh Goretsky gave kudos to ESET Security Forum in Subscribe to ESET Knowledgebase Support News, Alerts and Customer Advisories   
    As introduced here (KB News) and here (KB Alerts), I am unpinning those threads and replacing with this one.
    We now have RSS/email subscriptions for News, Alerts, and Customer Advisories.
    Information and instructions to subscribe is available here:
    Subscribe to ESET Knowledgebase Support News, Alerts and Customer Advisories
  12. Upvote
    Aryeh Goretsky gave kudos to Marcos in Future changes to ESET Internet Security and ESET Smart Security Premium   
    For the purpose of encrypting files, folders or whole disks we offer the Secure Data module which is part of ESET Smart Security Premium.
  13. Upvote
    Aryeh Goretsky gave kudos to peteyt in Future changes to ESET Internet Security and ESET Smart Security Premium   
    Description: More information in system cleaner
    Detail: I have mentioned this previously. System cleaner is the new tool in version 11 that alerts you to system settings that have been changed from default the idea being that they could have been changed by malware.
    The issue is they give no information on the actual setting just the type of setting. I tested this feature by clicking to change settings hoping I would be shown the changes and able to make a decision.
    What would make more sense is having a way to see the actual changes and a way to ignore certain changes that the user wants to keep. Many people change things themselves e.g Windows tweakers and this feature could cause issues if they change things without realising. This could always be a more advanced option disabled by default.
    If this cannot happen at least have a lot for this feature so that advanced users can see the changes made. If eset is changing a Windows option it shouldn't be too hard to log the change somewhere. Also an undo feature might be handy as when I tried it out hoping i would be given options eset just changed them and with no lot I have no idea what got changed 
  14. Upvote
    Aryeh Goretsky gave kudos to eternalromance in Future changes to ESET Internet Security and ESET Smart Security Premium   
    Description: Add option to ESET forums to see the most requested features
    Detail: Please add option to ESET forums to see the most requested features so users do not send again the same features requests and can more details to the existing ones.
  15. Upvote
    Aryeh Goretsky gave kudos to persian-boy in Future changes to ESET Internet Security and ESET Smart Security Premium   
    suggestion: Separate export and import settings or Hips
  16. Upvote
    Aryeh Goretsky gave kudos to eternalromance in Future changes to ESET Internet Security and ESET Smart Security Premium   
    Description: Add option to name to firewall rules created on the spot
    Detail: Please add an option to name firewall rules created on the spot under "Advanced options" (for example "Weather forecast on Start menu")

  17. Upvote
    Aryeh Goretsky gave kudos to foneil in Future changes to ESET Internet Security and ESET Smart Security Premium   
    ESET Smart Security has been replaced by ESET Internet Security with version 11, for more information and to upgrade to ESET Internet Security for free, see https://www.eset.com/us/home/smart-security/#existing
  18. Upvote
    Aryeh Goretsky received kudos from Arik in ESET Security Forum Frequently Asked Questions   
    ESET Security Forum FAQs
    How do I register/join the new forum?
    To join the new forum, visit hxxp://forum.eset.com/ and click the blue [Create Account] button in the upper right-hand corner.
      Why didn’t I receive a registration email when I created an account?
    If you are not signed in immediately after registration,  you will receive a confirmation email with a link to activate your account.  If you do not receive the email, first check your spam folder as the email containing your registration information may have been accidentally redirected to a spam or junk email folder. If the email is not in your spam folder, click here to reset your account.  Please mark noreply@eset.com as a safe sender in your email client or service.
      Can I sign in using my Facebook or Twitter account?
    Yes. To save time and to remember one less password, you can use your existing login information from Facebook or Twitter to link your account. Registration using this method takes only three (3) clicks and will return you back to the forum after you have authorized it.
      What are the different poster status levels?
    A variety of levels will be assigned to people due to the quantity and/or quality of of their contributions.  We are currently in the process of creating these and will share them at a later date.
      What are the forum rules and code of conduct?
    For information about the ESET Security Forum rules and code of conduct, see the Rules of the ESET Security Forum announcement.  Be sure to visit periodically to review any changes.
      How can I contact ESET for Forum suggestions and problems?
    For contacting ESET to suggest a forum enhancement or report a problem, please post a message in the appropriate section of the forum.
      How can I contact ESET directly?
    General contact information for ESET’s offices around the world is located at hxxp://www.eset.com/about/contact/.  For technical support, visit hxxp://www.eset.com/support/contact/ or from inside the main program windows of your ESET product, select Help and support to access a Customer Care support request form, in-product and online help content. Last Revised:  10 May 2013.
  19. Upvote
    Aryeh Goretsky received kudos from Arik in Welcome to the ESET Security Forum   
    Hello,

    Welcome to the ESET Security Forum, ESET's online community for assistance with our software and services. 
     
    In this forum you will find dedicated support sections for every ESET product line.  Additionally, there are sections to collect feedback from our users, such as new feature requests, as well as online assistance with malware removal.  We also have plans to integrate this community with other ESET web sites, such as the ESET Knowledgebase, We Live Security blog and Virus Radar encyclopedia.
     
    For now, though, I'd like to give you a quick tour of the various top-level forums.
    In the ESET Announcements section, you will find general information and news from ESET about the company, significant malware threats and the like. In the Forum FAQ's and Rules section, you will find information about the rules and regulations for using the forum, as well as asking questions about the forum. In the ESET Home User Products section, you will find information about ESET's Windows, Mac, Linux and mobile software for home users, such as ESET Smart Security, ESET NOD32 Antivirus, ESET Cyber Security and ESET Mobile Security.  You will also be able to ask questions here about those programs. In the ESET Business User Products section, you will find information about ESET's Windows, Mac, Linux and mobile products for businesses, including endpoint, server and remote administration programs.  You will also be able to ask questions here about those programs. In the Malware Detection & Cleaning section, you will be able to to receive assistance in removing malware detected by your ESET software. In the ESET Beta Products section, you will be able to find out more about and participate in beta testing ESET's software. Once again, we look forward to your participation, and thank you for joining us here in the ESET Security Forum.
     
    Regards,
     
    Aryeh Goretsky
  20. Upvote
    Aryeh Goretsky received kudos from Arik in Rules of the ESET Security Forum   
    Welcome to the ESET Security Forum!
     
    ESET is pleased to provide you with this resource in order to make it easy for you to ask questions and receive answers about ESET's products and services.  Understand that the ESET Security Forum is a private community for existing customers of ESET, prospective customers who are interested in ESET's software, ESET employees and business partners.  Because of this focus, it is not like a general public forum, where conversations take place on a variety of non-ESET and non-security related topics.
     
    With that in mind, we have the following rules in place:
     
    When registering for an account on the forum, please fill out the information accurately and correctly.
    Do not enter the Username and Password for your licensed ESET software, but instead choose a username (in Latin) unique to this forum.  You should also choose a suitably complex password unique to this forum as well. Do not create multiple accounts.  If a person is found creating multiple accounts, ESET reserves the right to take whatever actions it deems necessary, including banning, blocking, deleting and/or merging them.  The exception to this rule is ESET staff, who may create multiple accounts for testing purposes. No impersonating other forum users, ESET employees or other people. Use appropriate language in the forum.  No vulgar, obscene or rude language will be tolerated. No vulgar, obscene or otherwise offensive images or video will be tolerated. ESET staff have the right to move, edit or modify messages that you post.  This may be done for clarity, to move a message to more appropriate forum where it will receive more attention, or for other reasons outlined in these rules. All decisions by ESET staff are final, and not open to discussion. This list may be updated at any time.  Please periodically visit this page to review any updates. Do not post direct links to any executable files, malicious/suspicious software or web sites in public messages, even if you think the software or site is clean and incorrectly detected by ESET.  Break up the URL by inserting spaces into it, or replacing the protocol handler with an obfuscated one, like . Do not attach malicious or suspicious files to messages, even if you think they are clean.  Write a public message, and then use the "report this message" option to send a private message to ESET staff with a link. Do not post any personally identifiable information (PII) about yourself, such as an email or mailing address or phone number, in a public message. Do not post the username and password or license key for your ESET software in a public message. Do not post links to software cracking tools, license key generators, pirated copies of software or other illicit software in the forum.  If you wish to report a site, write a public message, and then use the "report this message" option to send a private message to ESET staff with a link. Do not post private correspondence (private messages, email, etc.) publicly within the forum. Do not post "A vs. B" or "Which product is best?" type messages in the forum. Do not post overtly commercial messages in the forum (this includes in your signature). Do not pre-announce releases.  Due to differences in scheduling, it may sometimes take several hours after a release has appeared on ESET's web site for the release announcement to appear here in the forum. Do not abuse the forum's rich text controls.  Messages and signatures with inappropriate font selection, including size, color and, for signatures, length, may be edited by forum staff to conform to standards of decency. Do not ask other users for logs, especially if they may contain sensitive or other personally identifiable information. Posts made on behalf of a 3rd party company may only be made from accounts registered with an email address from the company's domain (verifiable by ESET staff). Do not use the "Report post" function for other purposes than reporting inappropriate content requiring moderators' attention. Do not report possibly incorrect detections or blocks (false positives) in the forum unless they may affect a lot of users. If you think that your application or website is detected or blocked incorrectly, please report it to ESET as per the instructions at https://support.eset.com/kb141. Be civil, do not post sarcastic, offensive or mocking comments towards any person or entity. Do not post messages that are off-topic, keep the discussion to the point and do not lead it astray. To discuss a different, unrelated issue or question, always create a new topic. If you have any questions or comments, please contact one of ESET's moderators.
     
    Last Revised: 5 March 2019.
×
×
  • Create New...