LoneGeek810
-
Posts
24 -
Joined
-
Last visited
Posts posted by LoneGeek810
-
-
ESET has recently started giving these alerts...
1/19/2015 10:06:58 PM ssl://v1.auc.avira.com Blocked by PUA blacklist C:\Program Files\Google\Chrome\Application\chrome.exe NT AUTHORITY\ANONYMOUS LOGON
-
Thanks
-
Can I delete that dat file? Will a new one be created? I unticked "log all blocked operations".
-
I was defragging my hdd, and noticed that the HIPS log was huge! I can't even view it because the hourglass won't go away.
How do I fix this?
-
-
I'm curious, will the HIPS be any different in the next version?
-
Great! ESET is the best running software I have on my pc...I can't remember ever having any issues atleast on my pc.
-
The update went smooth, are the existing settings affected whenever it's updated?
-
I would love to get an alert whenever policy mode blocks anything, i'd use it more, cause no matter how many rules I have it always seems to still block something and interactive mode is way to chatty.
-
I'm not seeing that, is it in the main settings or rule editor?Ok I found it but that's for rules that have been created, what happens if something is blocked that isn't in the rules editor?
-
Is there a possibility to create some sort of alert for the HIPS when policy based mode blocks something? It's very annoying to have to go check the log to see if anything has been blocked.
-
-
I'm not sure if this has been mentioned but whenever I do a right click scan I would like to see options in that small scan window to remove, delete, exclude etc it's kind of annoying not having those options atleast to me.
-
Thanks, what are some typical tweaks that I could make?
also, why are the settings below not ticked in certain areas?
Runtime packers are pretty much viruses that are compressed into zip packages or rars, or 7z, or whatever, and release when activated.
There was big talks about this at Blackhat.
Blogs on eset as well : hxxp://www.welivesecurity.com/2008/10/27/an-introduction-to-packers/
Why its not for default could have to do with system resources, ensuring weaker computer systems dont get bogged down and freeze up.
Smart optimization kind of falls in a similar category, it basically speeds up the scans, which will help detect different sources of malware, but also might cause others to be skipped over, so they chose off by default.
Long thorough scans are a more proven method in finding files, which scans every file on the drives & system, not just the high priority targets.
Timestamp is an option to keep the original access time of scanned files instead of updating it , and is more or less for backups, and files that have been altered or zipped, or what have you ....
Off by default because not everyone uses backup or similar and the files dont really change in size or format etc.
Thanks for explaining all that, but how about the new features in the HIPS?
-
Thanks, what are some typical tweaks that I could make?
also, why are the settings below not ticked in certain areas?
-
Can someone tell me what are the best settings for v7 and can someone explain the new features of HIPS? memory scanner and exploit blocker?
-
AHHHHH I see, well thanks for that info
-
I wasn't aware of that! I'll change it to auto mode
EDIT: Wait, I only disabled HIPS not self-defense...is this what your referring to?
-
I wasn't aware of that! I'll change it to auto mode
-
Hello,
I have not tried running both programs together—nor do I recommend running multiple anti-malware programs together—but if you are going to try this, I would suggest the following:
- Disabling all of the realtime file scanning components of one of the programs.
- Disabling all of the realtime network scanning components of one of the programs.
- Disabling all of the HIPS components of one of the programs.
- Create exclusion rules in both programs for the other programs' directories (or files in Windows directories) to prevent them from being scanned
- Verify neither program performs a scheduled scan within the same time periods.
That may work, or it may require some additional fine-tuning. Keep in mind, though, that as anti-malware programs' behaviors and functionalities can change on a daily basis, what works one day may stop working all of a sudden the next day.
Regards,
Aryeh Goretsky
Thanks, I have disabled ESET's HIPS cause the only mode that is worth anything imo is policy based mode, now everything other than the HIPS I love of ESET...I sure wish you guys would add some rules to auto mode and make interactive mode more user friendly and not near as talkitive cause it will drive most people nuts!
-
What are the best settings (on both programs) so they will get along without any conflict if possible?
-
Thanks guys, I may give it a try.
If I have HIPS enabled it will stay around 80mb-to a little over 100 at times but if HIPS is disabled it can be around 10 mb sometimes.
I guess that makes sense swex, my only beef with ESET's HIPS is auto mode don't do jack, interactive mode alerts will drive most people insane so the only mode I usually use is policy based but sometimes it interfere's with software and system changes
-
I am wondering, has there been any improvements to the HIPS? New rules in auto mode? is interactive mode just as talkitive?
Also, how stable is the current beta?
How possible is it to create an installer similar to avast where you have the option of installing certain modules?
EAV blocking Avira Browser Safety extension
in ESET NOD32 Antivirus
Posted
Thank you very much!