BALTAGY

I think this message is right since i must choose an app exe, i just tested and i can run an app from appdata and edit files in other drives

This one means any exe in appdata in all users ? Edit got the same error I think you did understand us wrong, i want ESET to detect any exe in a location like appdata folder then prevent them from editing any files in other drives

Using Users\XXXX\AppData\* or Users\XXXX\\AppData\* gives error "User rules file contains invalid data"

Can you let me know how this rule can be created, i tried to use Users\XXXX\AppData\*.* but i got error since i must choose an app exe or all applications

While choosing a folder with ESET it should add *.* by default Also if they added ability to choose a folder that contain some exe files to be used in HIPS like if i add temp folder and any exe will be created inside can't do any changes to files, that will be great to stop ransomware

Also it will be great to have an option to add a folder that contain exe files For example i like to add all exe files in temp folder and prevent it from writing to files in other drives, i think it can be a good protection for Ransomware ?

Tested it in E drive it's working when i add E:\*.* or choosing the file But using E:\ only don't work even ESET say it's blocked but it's not same on Desktop That was the problem, using ESET to choose a drive or folder don't add *.* and you will be asked or you will see in logs that it's auto blocked but it's not

Hi, I tried to prevent any program from editing files on desktop as a test, so created HIPS rule to prevent any app to write or delete files on desktop location I get the warning and i choose block but still the file get renamed and i can edit it and save it even if i tell HIPS to auto block any changes Not sure if it's HIPS problem or something i did wrong ? i did test it in Vmware as a clean install Thanks

Shouldn't ESET scan any running process ? also in startup shouldn't ESET scan any exe/process that run ?

Once you finished the install and the enter key screen come up, go as above and disable app update first then use your key and update, you will only be noticed about a new version but it wont auto update

When you clean install it don't use the key, go to advanced Setup > Update > profiles > Updates > and turn off application update Then use your key and update

Isn't LiveGrid should be doing the same ?

Before this topic get closed look at this Ransomware https://www.virustotal.com/#/file/f84bf09ea9f44a46d4c4c8b25cdd1a57e1634e3618b279d950b06697ee039e3b/detection The 100% detection can't detect it but ESET Can!

You keep insist that there's 100% detection while on all your topics everyone try to tell you there's no such a thing is 100%! How many people tried to explain that? and you still insist! Every Antivirus in the world non of them can detect 100% in real world, if any product will reach 100% with many false positive, i'm one don't want to use it! I don't want to use an Antivirus that keep flagging many clean files as viruses! I think it's time this topic be closed like the other and i know you will go back to same scenario soon with 100% thing!

That's what i'm saying, i saw yesterday 2 viruses that the product he's talking about don't detect and ESET did detect them first That's why i keep telling him there's no 100% protection

I prefer low FP, simply making the product detect 99% ( There's no 100% ) is easy, but making it 98.4% with a very low FP is better for me I can give you many viruses that the product your talking about don't detect, so please understand that there's no 100%

Also it's known to have a lot of false positive and that's not a good thing, ESET is very low in false positive

What i mean from the topic is joining these kind of forums will help detect new viruses more faster Example of today: https://www.virustotal.com/#/file/73c7e1dfffcadf2f8b40d26d91a4c2534dad108b2e26cc1cc476d086756631c3/detection I know it can be detected via other module and maybe not

Users testing products there is not much like before, i used to see many products being tested and any users could download the samples

Can you share how you created this rule ? NVM i made it, since i don't use PowerShell i made a rule to ask if any app want to run it

Hi, I want to know why ESET don't join forums like MalwareTips to detect new viruses/Ransomwares more faster ? An example: https://www.virustotal.com/#/file/05bfd83bb0d4e7d27bbfc2c057b2b692612de808cc4bca73d9e0ae1d9d479623/detection I know it's a new Ransomware but it could be detected by now ? Another Example: https://www.virustotal.com/#/file/3203dc5ea66e86755254214b7b1ca8cb38271978e3ac2bdda35bce973ed0146c/detection And Merry Christmas everyone

I still don't get it, and you never answered me! Why you pay for Antivirus while you think there's another better one and it's free ?! You keep believe/saying Defender is better, why don't use it ? BTW same tests say number 1 products is 100% performance so please try how 100% performance looks like, i don't need to say the product name

PM sent

Today i saw my EIS uploading something to eset servers 2 times, i didn't save the first IP but the second is tsm12.eset.com I see the second is related to Live Grid but i don't have infected files in my quarantine First time it was 53MB upload and the second about 63MB I never seen eset uploads this size before ? My EIS is v11.2.49

I'm using UBlock with Adguard filters on Firefox and Chrome along with ESET, All working fine here