Default is very good, just remember to check PUA detection. Of course you can tweak it, but it isnt necessary, contrary to popular belief. You can use those settings below to harder the system against fileless malware and ransomware, but SysHarderner and OSArmor are much more pratical. https://support.eset.com/kb6119/?locale=en_US&viewlocale=en_US
I use the default settings with the following adjustments: 1.Enable detections of three 'Potentially unsafe/suspicious applications" under Advanced Setup->Detection Engine->Basic->scanner options. 2. Under Advanced Setup->Threatsense Parameters->Cleaning Level, I set to "Strict Cleaning"
Note that in regard to ThreatSense setting "tweaking," there is no global setting. It must be changed in the Eset GUI in regards to the below shown protection settings: First, be aware that the "strict cleaning" setting means that whatever Eset detects will be auto blocked, deleted, and sent to Quarantine. I would recommend that Web access protection ThreatSense setting be left at its default setting of "normal" cleaning. This way you will get an alert for PUA's and you can manually allow or block them. You can also at that time specify if you want Eset to permanently remember your selection. This way some download you want and truly know to be safe won't be auto deleted and quarantined.
I again opted ESET Internet Security for my personal Windows Laptop. In today's update, it got updated to 12.1.31.0 and I renewed it. I went through the release notes of 12.1.31.0 in one of the post. It says this version includes an option: "Deep Behavioral Analysis" which will work in conjunction with HIPS. I could not find any such option.
Thanks @Marcos @Azure Phoenix Strange or my mistake, don't know. It was not appearing before unless I restarted after renewal. I was already using ESET Internet Security and performed full scan three days back. After upgrading to 12.1.31.0, it has detected few PUAs and qurantined. These are labeled as "Variant".
This is Eset's terminology for polymorphic malware. That is malware that tries to evade signature detection by slightly changing its internal code.
I'm asking for help about the ESET BPP (Banking & Payment Protection). Please if you ladies and gents could give me help! I have been trying to buy an upgrade for a certain program. But for certain reasons, not known to me, the BPP is not working. It is not first time that this is happening. Sometimes you have to try to manually add a purchasing site to the Eset settings in the BPP settings. But this time it seems not to be working for whatever reasons. Using IE11 on Win 7 pro 64-bit. Am I right that in the new Eset version 12.1.31.0 there is still a "green border" around your screen in IE11 when trying to do a payment? Well, I do not see it when trying. I've added manually : https://secure.shareit.com https://secure.element5.com I'm a paying user of Eset, always have been for years. But if I cannot get this working right, I'm going to another AV; it's as simply as that. Thanks in advance.
I would like too see the 12.1.31.0 version too be testes and see How good it now scans with the new hips and everything.
I do see a green border. I pasted both of the domains you listed in the address bar. It goes there, though I get a "403 Forbidden" message from the site. This was with IE 11 on Windows 10 Pro x64. If it were me experiencing the issue, I would likely remove and reinstall ESET and see what happens.
Same here as far as the "403 Forbidden" message. Also it appears Eset has updated BP&P in ver. 12.1.31. You will see an entire different screen displayed when accessing BP&P via desktop icon option. I also found one issue immediately. You have to fully delete their shown URL. If for example you leave the "https:\\" displayed, delete the Eset URL, and then enter the desired site URL, BP&P will append https:\\ again. The result is you end up with https:\\https:\\ and the connection attempt will fail.
Thanks @xxJackxx and @itman ! Sorry for my late reply. The program I was trying to buy a new licence for is ADinf32 Pro. For whatever reason the purchasing proces went wrong at that moment and I was too frustrated. Maybe I did something wrong. I tried it today again and this time the proces went OK via https://secure.shareit.com etc etc
dunno what to make of " chrome.exe has been modified and now tries to access the Internet", or " Ekrn.exe has been modified and now tries to connect to the internet" shouldn't these warnings be a little worrysome or its just an update so Eset just warns me ran a scan with no virus thanks dll explorer and have 200 suspicious dlls while normally just 2 and by nvidia telemetry, perhaps false alarms, dll explorer is not updated maybe and Eset just behaves normally?
Those are coming from Eset's Application Control. They are telling you the app has been recently modified. The alerts should only be appearing in any frequency if the firewall mode is set to "Interactive." Unless you have recently updated Eset to a new version, I know of no reason why you should be receiving an alert for ekrn.exe. Mine dates to 3/7 which is when I upgraded to ver. 12.1.31. However in the past, I have had issues with Application Control in regards to it alerting to false change detection in regards to equi.exe and ekrn.exe change status when in Interactive mode. One reason I don't use that mode anymore.
only Firewall is interactive, HIPS is set to auto, I guess Firewall and Hips work in conjuction so to make it gone I should have both to automathic, I don't remember whether its egui.exe or ekrn.exe, anyway it was 100% eset module, checked on virus total both chrome and eset modules , seam fine, hash seam fine, cert also, also run all scans possible including avz by oleg, no probs (only no virus thanks complains). To be sure reset and modified router to latest soft. My router was attacked 1 month ago with bash.exe and shell shock - anyway something with shell and many types of attack (says the log), 12 times then gone, ip pointed to my pc but I was virtualized, after exiting virtual machine and after firmware upgrade all quiet , guess script kiddies trying their luck
i can not get my bank https://www.ing.nl/particulier/index.html too safe banking i have tried too put it in rules but even then it won't reconise it for safe banking. Can someone help me with this? Greats, Darts
Open up Eset Banking & Payment Protection via desktop icon. Then paste: https://www.ing.nl/ into it. Suspect the reason direct access to bank web site from a non-B&PP browser doesn't work is the web site uses HTTP/2. Eset currently doesn't support it but is working on it with expected fix in the near future. Also when your having issues like this, it is best to post the problem on the Eset forum web site: https://forum.eset.com/
Hi Darts, Would it help if you put the following site in the Eset BPP list manually: https://mijn.ing.nl In Dutch: Zou het helpen als je de volgende site handmatig plaatst in de Eset BPP lijst: https://mijn.ing.nl En dan in plaats van in te loggen op https://www.ing.nl/particulier/index.html naar die bovenstaande link te gaan.
Dag FanJ, Dank je wel voor je reactie terug , wat betekend BPP eigenlijk? Laat het me maar weten. Thanks for you're reaction back , what means BPP? Let me know. Groet, Darts
First I may have to explain to the not-Dutchies what https://mijn.ing.nl means. The Dutch word "mijn" means in English "my" or "mine". Many companies (and official sites) use it in some way, when you have to log on there; in general: https://mijn.company.nl Hi Darts, With BPP I was meaning what @itman too posted: Eset Banking & Payment Protection. Does that help? In Dutch: Ik bedoelde met BPP : Eset Banking & Payment Protection. Helpt dat?
Alas, I don't know why it doesn't work for you. It does work for me for a long time, using IE11 on Win 7. For a long time I have now ING items in my BPP list; I've manually put them there in that list. There is a recent Eset Alert about a problem with Banking and Payment Protection : https://support.eset.com/alert7234/ I don't know whether that issue is related to your problem. I would advise to go to the Eset forum (as @itman suggested too) and/or get in contact with Eset NL.
There is currently an issue with FireFox which Eset is looking into. B&PP has always worked flawlessly with IE11. One suggestion for minimal B&PP issues is to set IE11 as your default browser. Then open manually from the desktop whatever browser/s you use. If you manually enter your banking web site in the B&PP list within the Eset GUI, Eset will auto open the site in an IE11 protected browser session from Chrome, Firefox, and even Edge. Note that B&PP always uses the Win specified default browser.
There is a particular "issue" related to ING. Since some time ING is strongly pushing users to use another browser and not IE11. The ING site still works with IE11 but, oh man, is it slow when you are using IE11.
