Scheduled Scans

[JoMos 2]

Another nice feature for the firewall component that would help a lot with maintaining the firewall rules:

Description: Firewall rules cleanup of unnecessary / invalid entries
Detail: I've set my firewall filter setting to interactive mode, meaning that I can define for every program what the firewall should do. Over the time, you have entries in the firewall rule set about programs that are not existing on the computer anymore. A button for an automatic cleanup of those rules (delete all firewall rules that are pointing to applications that don't exist on the computer anymore) would make it easier to keep the firewall rule list tidy and it also benefits the administration of the rule set.

[itman 1,665]

This one has been bugging me for a while. Eset HIPS default behavior for ask rules that have not received a user response is allow. This is the only HIPS I have used where like default behavior is not block.

Before I get into my suggested enhancement in this regard, overall I agree with Eset's approach. It is designed to prevent a user from creating an ask rule that due to;

• Eset GUI not fully initialized at boot time
•  Non-response due to user physically not present at device

that could inadvertently lead to critical system/app function being blocked leaving the system inoperable.

However, the fact remains that the default allowed activity could have been malicious or suspicious in nature and needs user review.

I therefore propose the following HIPS enhancement as far as default allow ask rule activity:

1. All such ask rules are logged in the HIPS log.

2. Eset display a non-expiring desktop alert that such default activity has occurred. At boot time, this could be done after the Eset GUI is fully initialized. The alert does not have to more than a notification that such default behavior occurred.

This would alleviate one constantly reviewing the HIPS logs for such activity assuming he previously set logging to the correct level to capture such default activity. 

Edited January 16, 2019 by itman

[AGH1965 12]

A cleanup option for firewall rules when using the interactive mode, that deletes all rules that are pointing to applications that no longer exist on the computer, would be very helpful indeed. (I fully agree with JoMos here above.) 

Especially now more and more applications move to a new folder with every update, the number of useless firewall rules grows rapidly. Deleting them manually isn't a pleasant job and keeping them might slow the firewall after some time.

Edited February 27, 2019 by AGH1965

[zeromido 1]

Description: Prevent scheduled actions

Detail: Prevent any scheduled actions that might interrupt a scan or any security related operation. For example, scheduled shutdowns, restarts, sleeps, log offs, hibernates, etc.
I think this can be done using an option in settings. Maybe somebody got a better idea to do this?

[AGH1965 12]

Description: Prevent sleep during scan.

Detail: Windows can put the computer to sleep before the scan is finished. That is very annoying. There should be an option to prevent that from happening.

 

Oops, it's a coincidence that @zeromido asked someting similar here right above. Before I started typing, I first searched the forum for "scan prevent sleep".

Edited March 14, 2019 by AGH1965

[Marcos 5,085]

2 minutes ago, AGH1965 said:

Description: Prevent sleep during scan.

I'm not sure if this is possible from technical point of view. Anyways, this topic is monitored by people responsible for making decisions about future features so it will be noted.

[AGH1965 12]

5 minutes ago, Marcos said:

I'm not sure if this is possible from technical point of view.

It is very simple. Use SetThreadExecutionState. See: link to Microsoft Windows Dev Center.

[Biyakuga 1]

Another nice feature for network monitoring.

Description: Ability to take actions such as block MAC/IP address etc...
Detail: Right now the connected home monitor is pretty useless because it is like I know someone connected to my network (good or bad) but I can not do anything about it (like block his access to my computer or from my network).

Description: AdBlock/Guard
Detail: AdBlock is a vital feature for secure browsing and I think it is about the time ESET will add AdBlock features or even partner with AdGuard.

[AGH1965 12]

Description: Button to stop active scan also visible for users without administrator rights.

Detail: In the past the button to stop an active scan was also visible for users without administrator rights. When such users pressed the button, they had to enter the administrator password. In my opinion that is how it should be. Unfortunately in v12.1.31.0 the button is not visible for users without administrator rights.

[TomFace 539]

On 11/8/2018 at 1:08 PM, TomFace said:

With the upgrade to EIS v12.0.27.0, I've (and others) lost the auto-update ability after connecting to the internet (non-dial up). My situation is when I start up in the morning, I do not automatically connect to the internet (I use at&t U-Verse). With v11, it always checked for updates AFTER I connected to my internet connection.

See https://forum.eset.com/topic/17440-eset-12-does-not-update-automatically-at-computer-startup/?do=findComment&comment=86400

When I do start up in the morning, EIS does check for updates, but I am not yet connected to the internet.

Regards.

Tom

 

It appears this feature has been reinstated with v12.1.31.0. Thank you ESET.

Regards,

Tom

[Marcos 5,085]

On 3/20/2019 at 4:13 PM, AGH1965 said:

Description: Button to stop active scan also visible for users without administrator rights.

Detail: In the past the button to stop an active scan was also visible for users without administrator rights. When such users pressed the button, they had to enter the administrator password. In my opinion that is how it should be. Unfortunately in v12.1.31.0 the button is not visible for users without administrator rights.

I don't recall such behavior. If it was there was whatever reason, it was a bug which was fixed but I say, I doubt the behavior was like that.

[AGH1965 12]

4 hours ago, Marcos said:

If it was there was whatever reason, it was a bug which was fixed

Why? egui.exe has many buttons that are visible for all users, but that are only useful for those who know the administrator password. Why make an exception for stopping active scans?

 

4 hours ago, Marcos said:

I doubt the behavior was like that.

The behavior was certainly like that. I'm not saying the button disappeared with v12.1.31.0. That may have happened with an earlier update. I just  noticed the absense with that version.

In the past the button disappeared once more with an update. At that time it was reported at this forum and with a later update it reapppeared. (For some odd reason old posts seem to have disappeared from the forum.)

 

However, there is a work-around. Normal users can stop an active scan. They can start egui.exe as administrator. However, if they close that egui.exe, then the normal one doesn't  open anymore. That is a bug. Showing a useful button isn't though.

 

Edited March 22, 2019 by AGH1965

[Neilyum 0]

Hi folks! 🙂

I would like to request a minor change to the next Update. The way things are now, when finishing a Scan, the newest version *does* play a sound file upon completion, but it's indistinguishable from any other "Ding" sound played by the System.

What I would really like to have is the *option to choose* the sound file (wav, mp3, etc.) that plays when the Scan ends!

Thank you for your consideration, and a special Thanks to TomFace for recommending this! 🙂

[97LEGEND 0]

Description: VPN 

Detail: Please provide VPN with antivirus. 

[peteyt 393]

1 hour ago, 97LEGEND said:

Description: VPN 

Detail: Please provide VPN with antivirus. 

Think this has been asked before but can't see it happening as most would rather have eset just for security 

[Pierrot 0]

Description:  Rule to decide if a particular removable media will be scanned or not

Detail:  If I’m right, nowadays, the only thing we can do is to set a general rule that applies to every removable media that is inserted, in order to decide if it will be scanned or not (in the advanced configuration>malware analysis>removable media).

I would find useful, if we could choose for a particular removable media (that particular USB key, that particular external hard drive, that particular DVD, etc.) if it will be scanned when inserted or not. This rule would override the general rule mentionned above. So, one could choose, for instance, as a general rule, to scan every removable device he is inserting, but add an exception (as a particular rule) to avoid the scanning of some particular devices which he knows are safe.

I think this option could be set in the rules editor of the device control as an option between “Never scan / Always make a smart scan / Always make a deep scan”.

Hopefully you like the idea.

Kind regard.
 

Edited April 27, 2019 by Pierrot
Removed blank lines

[TechWiz82 0]

I logged in to say thanks for a great product

 

 

If I may suggest this

1) Please add a quick shortcut  for game mode, this would be a real changer, Im sure Im not alone on this one.

2) there are moments when EIST service/firewall starts to consume 15-17% of cpu power,. I started to notice this more recently, switching to pre-release channel  helped, but it's still not quite what it was before. Aparenlty it's windows new update fault in April 12th, some conflicts with certain AV

[AGH1965 12]

On 3/20/2019 at 4:13 PM, AGH1965 said:

Description: Button to stop active scan also visible for users without administrator rights.

Detail: In the past the button to stop an active scan was also visible for users without administrator rights. When such users pressed the button, they had to enter the administrator password. In my opinion that is how it should be. Unfortunately in v12.1.31.0 the button is not visible for users without administrator rights.

 

On 3/22/2019 at 2:52 PM, Marcos said:

I don't recall such behavior. If it was there was whatever reason, it was a bug which was fixed but I say, I doubt the behavior was like that.

 

@Marcos Why do you want EIS to have an inconsistent user interface? A user without administrator rights can edit a scheduled scan if he knows the administrator password, but when such a scheduled scan is running, then that same user can't interrupt it. That is very inconsistent. It doesn't make sense. Nowadays most administrators use an unpriviledged account for normal work and make use of UAC to do things that require administrator rights. Please support that, ESET.

[Navara 2]

Description: Lower priority for maintenance tasks

Detail: Several times a day while playing game (DarkSouls 1 on Steam if it matters) game gets very laggy and drops to 1 frame per few seconds. When I explore task explorer for what's going on, it's ekrn.exe fully utilizing cpu.

Searching trough it's logs I find out it was regular database update. No defending my computer against ongoing attack, but just regular maintenance. Those should be run on lowest priority possible to not interfere with computer operation...

Edited May 13, 2019 by Navara
boldify message parts

[Navara 2]

Description: Display last 5 log messags on hover on Eset's icon

Detail: As related to comment before, I would like to know what's going on with antivirus. So instead of just displaying product version when I hover on it's icon in taskbar, I would like to also see last 5 messages from logfiles (maybe configurable which ones - source, priority,... - or how many of them) there.

So that I know what's going on - maintenance, scanning, defending Hamás cyberattack,...

[Marcos 5,085]

10 minutes ago, Navara said:

Description: Lower priority for maintenance tasks

Detail: Several times a day while playing game (DarkSouls 1 on Steam if it matters) game gets very laggy and drops to 1 frame per few seconds. When I explore task explorer for what's going on, it's ekrn.exe fully utilizing cpu.

Searching trough it's logs I find out it was regular database update. No defending my computer against ongoing attack, but just regular maintenance. Those should be run on lowest priority possible to not interfere with computer operation...

Applications running in full screen mode activate gamer mode by default in which neither updates nor scans are run. Updates have nothing to do with the log maintenance task.

[Marcos 5,085]

11 minutes ago, Navara said:

Description: Display last 5 log messags on hover on Eset's icon

This is not possible since there are several types of logs which would mean to display about 60 lines of text in the tooltip. Logs can be accessed quickly through the right-click context menu on the tray icon.

[Marcos 5,085]

1 hour ago, BeanSlappers said:

If you guys haven't got it already, allow users to control each device via the web login for eset customers.

We have ESET Cloud Administrator for SMB users and ESET Security Management Center for enterprise users. As for home users, it's possible that we'll enable partial management of certain settings via web in the future but that's not planned to be done any time soon to my best knowledge.

[Marcos 5,085]

28 minutes ago, BeanSlappers said:

I would like to see users to be able have more options for the firewall.  Let users have more control.

Parental controls to block porn images as well.  Allow us to force safe search.

1, Unfortunately, this is a very vague description which doesn't say anything about what features / options you are missing.
2, I don't think there's any software that would perform optical recognition of images. And blocking images just based on the full url is simply impossible because of the infinite number of images on the Internet or thousands of new images taken by cameras every second that can be uploaded to the Internet at any time. Not to mention that optical recognition of images in real-time would substantially slow down browsing.

[SeriousHoax 83]

Description: A Manage application section like Kaspersky or an Application network rules section like Kaspersky or maybe both.

Details: Currently there is no way to know which programs I ran on my PC that was trusted by Eset or not. By having an Application manager it would make really easy give a detailed representation. Eset already kind of has this but that's for running processes only but not for all the products and also this window just shows information but I can't interact with it like it's possible in Kaspersky.

And for Firewall, it's possible to add rules for specific programs of course but it would be better if there was list of all applications to show what is set to allowed by Eset and what not. This should be interactive too so if a user want to deny let's say "Cleaner" internet connection then the he/she would select Ccleaner from the list and deny it internet access instead of the current situation where user need to manually browser the program to block it in Firewall. The current implementation should always be there of course but my proposed interface would make everything much easier. Also a program can have multiple files that access to the internet. From this list it would be much easier to find that out. So, overall user experience would improve a lot.

To have a closer look you may try installing Kaspersky to understand how this two mode works on their product. I don't want Eset to have the exact same to same that Kaspersky has but the basic idea should be the same.
I love Eset because it's great product and super lite. But I want Eset to have these features. I'm sure it's not just me but everybody would appreciate it and it will make the product even better.

Examples: