LoneGeek810

Thank you very much!

ESET has recently started giving these alerts... 1/19/2015 10:06:58 PM ssl://v1.auc.avira.com Blocked by PUA blacklist C:\Program Files\Google\Chrome\Application\chrome.exe NT AUTHORITY\ANONYMOUS LOGON

Thanks

Can I delete that dat file? Will a new one be created? I unticked "log all blocked operations".

I was defragging my hdd, and noticed that the HIPS log was huge! I can't even view it because the hourglass won't go away. How do I fix this?

I saw this post at wilders and would like to know the opinions of the ESET staff?

I'm curious, will the HIPS be any different in the next version?

Great! ESET is the best running software I have on my pc...I can't remember ever having any issues atleast on my pc.

The update went smooth, are the existing settings affected whenever it's updated?

I would love to get an alert whenever policy mode blocks anything, i'd use it more, cause no matter how many rules I have it always seems to still block something and interactive mode is way to chatty.

I'm not seeing that, is it in the main settings or rule editor? Ok I found it but that's for rules that have been created, what happens if something is blocked that isn't in the rules editor?

Is there a possibility to create some sort of alert for the HIPS when policy based mode blocks something? It's very annoying to have to go check the log to see if anything has been blocked.

Does "clean" mean delete or quarantine?

I'm not sure if this has been mentioned but whenever I do a right click scan I would like to see options in that small scan window to remove, delete, exclude etc it's kind of annoying not having those options atleast to me.

Runtime packers are pretty much viruses that are compressed into zip packages or rars, or 7z, or whatever, and release when activated. There was big talks about this at Blackhat. Blogs on eset as well : hxxp://www.welivesecurity.com/2008/10/27/an-introduction-to-packers/ Why its not for default could have to do with system resources, ensuring weaker computer systems dont get bogged down and freeze up. Smart optimization kind of falls in a similar category, it basically speeds up the scans, which will help detect different sources of malware, but also might cause others to be skipped over, so they chose off by default. Long thorough scans are a more proven method in finding files, which scans every file on the drives & system, not just the high priority targets. Timestamp is an option to keep the original access time of scanned files instead of updating it , and is more or less for backups, and files that have been altered or zipped, or what have you .... Off by default because not everyone uses backup or similar and the files dont really change in size or format etc. Thanks for explaining all that, but how about the new features in the HIPS?

Thanks, what are some typical tweaks that I could make? also, why are the settings below not ticked in certain areas? hxxp://imgur.com/AhTSSKc

Can someone tell me what are the best settings for v7 and can someone explain the new features of HIPS? memory scanner and exploit blocker?

AHHHHH I see, well thanks for that info

EDIT: Wait, I only disabled HIPS not self-defense...is this what your referring to?

I wasn't aware of that! I'll change it to auto mode

Thanks, I have disabled ESET's HIPS cause the only mode that is worth anything imo is policy based mode, now everything other than the HIPS I love of ESET...I sure wish you guys would add some rules to auto mode and make interactive mode more user friendly and not near as talkitive cause it will drive most people nuts!

What are the best settings (on both programs) so they will get along without any conflict if possible?

Thanks guys, I may give it a try. If I have HIPS enabled it will stay around 80mb-to a little over 100 at times but if HIPS is disabled it can be around 10 mb sometimes. I guess that makes sense swex, my only beef with ESET's HIPS is auto mode don't do jack, interactive mode alerts will drive most people insane so the only mode I usually use is policy based but sometimes it interfere's with software and system changes

I am wondering, has there been any improvements to the HIPS? New rules in auto mode? is interactive mode just as talkitive? Also, how stable is the current beta? How possible is it to create an installer similar to avast where you have the option of installing certain modules?