persian-boy

Any feedback on this? is it there ? or no? I just want to know. cowboy, what do you think about this feature?

Some Suggestion about HIPS: 1- Add protection for direct keyboard access. 2- What about a purge button for not exist rules? I asked this before -.- From Eset website: interactive mode: In interactive mode HIPS will prompt you to Allow or Deny each operation detected. This is not true! I got different alerts when I set the ask rules for some applications.I mean the ask rule is better than interactive mode!interactive mode doesn't cover all operations.so I have to use int mode plus some custom ask rules. Thanks for the info Itman! but where that malware come from?I use sandboxie+srp+hips+eset av+some grp policy tweaks and some other tweaks like disabling useless services by AnVir Task Manager. so there is no malware to create an infected service! I didn't know about it! Eset pls listen to what Itman say:D I want the maximum protection(99%).

HI, Example: There is a command line like ipconfig /all which launch by OpenVPN.exe(my software) When it's trying to read the config file and connect to the VPN service. Some tools need to use cmd(like Nvidia) ! and the user wants to know what is happening! I achieved this protection with Rehips. Rehips let me whitelist the commands for every process(or an ask rule) That read restriction is a good idea! btw I don't know anything about wildcard and don't like the concept - _ - too complicated for my poor brain haha.average users don't want to use wildcard -.-

There is no av to redirect you to VT(why are you using av if you want to see the vt detection ?:D) if you are searching for such thing then vs would be good! not av) ! and about the hash, you can earn it with default deny software, not av! It's already there!You can earn it with Eset hips.

@senna Why do you care about this ugly testing methods?Eset can block phishing pages! doesn't matter if it dont blocks that page!

Would be good if I could whitelist the certain cmd command for specific application in HIPS - _ -

I didn't like it - _ - because i though it's a weak product(due to wrong information and testing methodology in a security forum). But since I met the Hips in Eset products I start loving it! light and effective AV with a lot of security features!! Now I ♥ it! Do I trust ESET? Ye! Do i trust the company? Ye!why not? I don't see any telemetry from av to Eset! there are some but you can disable it! Pure product! I don't believe u.s gov stories!!I have trust on Kaspersky. although I'm not using it :-)

Malwarebytes cant helps you because it is not strong.You can try Hitman pro or NPE but if they also cant detect it then nothing can.you can also right-click the file and check for the reputation! maybe its already in Eset database.

Failed because There are more advanced miners than a simple .js script and you cant solve them with no script/ no coin extension!or enabling PUA in Eset!also, it's not legitimate since they use the CPU without the user knowledge:P No coin or PUA in Eset cant help you with this:Researchers at IBM have found a more sophisticated class of surreptitious mining software that penetrates your system. These are delivered through infected image files or by clicking on links leading to a malicious site. Such attacks tend to target enterprise networks.... https://qz.com/1085171/how-to-tell-if-your-computer-is-secretly-mining-cryptocurrency-and-what-to-do-about-it/

Ok, there is only one way to make sure that we are safe: disable the java+use browser sandboxed. Avs failed against Blackhat coders :-)

Because Eset is not responsible for your fault!I'm sure you installed smth infected or did smth wrong( like Opened an infected Microsoft office or email attachment? or probably the SDD was already infected?Avs are not responsible for flash and SDD) personally I never see such thing in my life! Get the Hash of those files and search the google for it. or try to ask for some help in bleeping computer forums. The best way is to wipe your Hard drive!otherwise, you have to waste a lot of time...

Eset made by Paranoid and smart ppl I knew such thing is already covered:D

listen to what our dear friend Itman said.also, reset the MBR and flush the Bios(if you want to make sure everything is ok!).

You can force remove every folder, file and reg key with a tool call PC Hunter. BTW since you have such thing with Chinese name I'm thinking that maybe your windows is infected! Did you install the Chinese version of windows?!the picture show they are system files!

What about the dynamic detection?

Today I Noticed you added this feature! Many thanks.I didn't know!

Updated to the last build and this issue doesn't exist anymore!keep up the good work Marcos.would be good if you fix other bugs(Hips problems) as well<3

Eset don't you want to release a changelog for these micro updates?I can see the hips module got some updates! no idea what are these changes? same for other modules.

I'm waiting to see such feature in Esset!xd I just like these stuff!

It's just saying how strong Rehips is!but there is no anything about the homeland award!or smth that show approved by homeland. no this is not true! you can ask others such as umbra ...! Rehips don't rely on SRP and Gr!using own mechanic(program list and sandbox)the SRP bypasses are not related to Rehips.. https://forum.rehips.com/index.php?topic=2032.690 Just for your information Cowboy!also that malware your mentioned(Dis sign)will not hit me. also, I always have my safe dig signed list! so having dig sign is necessary for every Hips.

Well, APPGuard is an expensive product and I cant try it(also don't need it)!I will stick with Andy tool which has SRP plus a lot of tweaks( a lot for real):-) worth it for free. From what I know Rehips didn't Approve by homeland?!! consider its still in development but has a great future. Rehips is not using SRP and GRP policy(using inbuilt methods) !also its good for average users!very easy to learn! I'm using the free version of Rehips and you don't need to pay it! the free version has all features!!but the sandbox has a limit(10 processes can run at the same time in the sandbox so you cant run chrome sandboxed )which I don't want a sandbox anymore.if you don't need a sandbox then you can use the free version freely. Also, before you could buy Rehips for a low price ..smth like 15$? There is no dig sign list and hash In Eset! -.- also Eset has no sandbox!you can simply use the free version of Rehips+Eset

Nah I said Rehips! not comodo https://rehips.com/en/

If someone read this topic then he will find many ways to bypass this Hips :-) I'm just saying fix the Weakness.

That's why Eset need to create a dig sing list for me.Eset pls don't do this to me:-( My Rehips works by Hash and also location nothing can bypass it:D also it works great alongside with Eset! so I have dig sign list+Hash+Cmd watcher.i just want Eset to improve but seems they don't want to improve IN this way(Hips stuff)

Hips should work in this way: Whitelist the files by location and also Hash! otherwise broken! If the hash changed so the file got change!and an alert must ask the user: 1-Allow? or block? 2-Do you want to replace the hash?or no?