What to do when Eset tech support doesn't get back to you? Not sure, but I may have malware.

[Logomachist 0]

tl;dr: What to do when Eset tech support doesn't get back to you?  Not sure, but I may have malware.

 

Longer version:

I contacted Eset customer care with a couple questions^* on February second and received an email stating “We will review your case and respond within 1 business day”.  It’s 10:00pm on the fifth now and I still haven’t received a response.  What should I do?

^* My questions are twofold, and I’ll elucidate them here in case anyone on the forum can answer them.

Firstly, I suspect that resetting Eset’s settings to their defaults doesn’t stick. After making changes to the firewall and then clicking the button to return the firewall’s settings to their defaults the blue circles with numbers in them next to the left-hand menu (indicating changes) go away but as soon as I reopen the menu the circles have returned. I’m worried that some malware is messing with the settings after I change them.  Is this fear justified?

Secondly, is there an easy way to deny all programs from making outbound connections except for those I whitelist?  I figure I can do it by selecting a policy-filtered firewall and then creating rules for programs one by one, but I thought there might be an easier way.

[Marcos 2,728]

Hello,
Please provide me with the case ID number so that I can check with ESET LLC what happened with the ticket.

Regarding your questions:
1, It is very highly unlikely you would have malware that simulates keystrokes or mouse to change your ESET settings. Anyways, you can set a password to protect them, if you wish. I'd suggest exporting the config to xml files and comparing them to see if there are any differences. I assume it's just a gui glitch or whatever.

2, You can create a general block rule, put it on the top of the rules and then creating permissive rules for applications that you allow to communicate over the Internet.

 

[Logomachist 0]

My case is #233719 ("Setting up application whitelist + reverting to default settings").

 

17 hours ago, Marcos said:

1, It is very highly unlikely you would have malware that simulates keystrokes or mouse to change your ESET settings. Anyways, you can set a password to protect them, if you wish. I'd suggest exporting the config to xml files and comparing them to see if there are any differences. I assume it's just a gui glitch or whatever.

I never said it simulated my keystrokes/mouse just that it somehow changed the settings. But if the settings are sticking with the defaults like they're supposed to, that's good enough for me.  Now to see about comparing the xml files.  ::exports and compares settings:: Welllll... the XML files I exported do appear virtually identical.  I don't know why the blue circles indicating CHANGES from the defaults keep appearing even after I reset the defaults, but maybe you're right and it's just an alarming but harmless bug?  I'd like to hear what the support analysts have to say (when they get back to me).

Quote

 2, You can create a general block rule, put it on the top of the rules and then creating permissive rules for applications that you allow to communicate over the Internet.

Yeah, that's what I thought.  Will do.

 

Thanks for the advice.