persian-boy

Many thanks for the prompt reply.i also found a bug in this new version! you cant exclude smth from Eset real-time protection and the exclude option is gray out.

Tonight I Updated Eset to 11.1.40.0. Is there Any changelog available for this new version?

Ok, thanks.But I didn't get any alert for untrusted certificates.

Hi, I tried what you said and disabled the internet connection for Egui. But the question is why Egui contact a malicious domain? Eset don't you want to do some investigation?isn't important for you?AV processes are all protected and should only contact Eset domains or perhaps I'm wrong -.- What if smth hijacked the Egui? What I tried: Flashed bios, changed the windows iso! even installed the N version also wiped the hard disk and rested router! the problem is still there. These Connections are related to Symantec and Comodo. Symantec is malware by nature! same for Comodo.i would not trust anything that is signed by Symantec or Comodo.

Today I noticed an unusual network traffic for Egui! Any idea what is it? ocsp.comodoca.com! https://www.virustotal.com/#/url/e6674907a57c0e7216ade8897deb3726e600af5041a06341ab2a6a2a20774025/detection https://isc.sans.edu/forums/diary/ocspcomodocacom+blacklisted+by+comodo+itself/13606/ Since 2 months ago all my applications(include windows services/process) resolve some strange IPs! comodoca is one of those domains! I flashed Bios also DBANed harddisk but nothing changed. I think this is about windows certificates! I can fix the problem by removing some certificates but cant browse web anymore.

You nee to disable the guest account from group policy.

Hi, Is there any conflict between Eset exploit protection and Hitman pro alert?can I use both at the same time?

Thanks but still we don't know what got change.the changelog is necessary for every av!

Any changelog for the new version(11.0.159.9)? Eset don't you want to provide a changelog for these changes? I can see the Hips got some updates in recent weeks but no idea what are these changes:/

You will not get any alert for hosts cuz you are changing it manully! if smth want to modify the hosts then hips will show you an alert!(Itman showed you)

Doesn't work for me!Anyway, I'm using Easy filer locker that does the job better than Eset!

Action: block source application: all application file operation: all operation specific files: C:\desktop\Example..RTFI can easily delete the file and hips won't bother me! why is that?! HIPS blocked me from writing to that RTF file! but didn't bother when I removed it!

Have the same problem if i enable the Https scanner!

Honestly, i only worked with the smart mode for 1 day! it didn't give me even one alert.interactive mode alert for everything! even if you open the control panel or group policy you have an alert for that! like it!

Smar mode is broken!You have to use it in interactive mode if you want some protection.

No, I'm not that smart!But I'm using SUA acc with UAC max plus SRP and a lot of group policy tweaks! I have no problem with this config. But if I want to install smth then alerts come(painful)! you have to choose between security or usability( you know that)how that malware ran when I have Srp?!magically?so I don't need to be a smart boy I just need to turn on SRP and fix the problem from the beginning.even without the SRP where that hidden malware come from?the user needs to run it(Exe.bath files or...)i meant you need to click on smth! Btw Eset needs to fix the bug you found.

But Hips in interactive mode can catch everything! the only problem is that Buggy auto allow.

1-He didn't tweak the Antivurs which is necessary! 2-Detection of the potential unsafe program is disabled. 3- Advanced heuristics/DNA is also disabled by default 4-firewall should set in interactive mode otherwise it will allow every connection. Btw Eset has a Hips to protect your files from write, delete, copy! why don't you place your important files under the protection of Hips?It's not Eset fault if you don't know how to work with your Av!the protection is there but seems that tester is blind:D He just tested the Eset cloud! what about other security layers?!

Eset system cleaner doesn't show 20 changes for me! it only shows 3 changes.Itman Spyshelter is a safe application!IDC about those changes.Its solid protection:/why would I stay away from it? btw I removed it because I cant handle 2 HIPS(a lot of pain lol)

Suggestion: Add an option to disable listening ports through firewall!

Thanks!

Does Eset anti-exploit module work with windows Defender inbuilt Anti-exploit?orDo I have to disable one of them?! I noticed that you improved the interactive mode! keep up the good work. had some problems with interactive mode but they don't exist anymore.

Itman you can use it forever its free.Datpol updates the free version in silent, this is the free version of SpyShelter so it cants block your hacks! the paid version will block all your hacks haha(As you know The free version doesn't support kernel mode driver)!also you need To run it in ask mode and without trust the digitally signed for the maximum protection. I'm wondering when Eset will put such features on HIPS! Anyway I'm here to tell Macros the Hips in interactive Mode has a conflict with Osarmor!also found some conflicts between Hips and SUA acc with UAC max! the alerts come with delay (like 1 min for every alert )and windows go freeze! windows 10 build 1709. Try this: Put a password in your admin acc then create an SUA acc with UAC max! run hips in interactive and....!

I installed SpyShelter Free Anti-Keylogger because Eset cant protect me :-)the free version also alert for loading drivers.Itman if you want DW it from filehippo as fast as possible because they will remove the DW link soon. https://filehippo.com/download_spyshelter_free/

Eset HIPS only protect Folder/Files from Deleting them or writing to them. would be Good if Eset add Access/Read protection as well.