Nightowl

I notice when I set the HIPS to log everything blocked , I see that HIPS is blocking lot of processes related to Windows , is that fine? like these two svchost WmiPrvSE I did run the Learning Mode for few hours and switched back Smart Mode , and it did create few rules as Allowed , and both of these blocked are among the allowed rules They get blocked as "Self Defense - Do not allow modifications to system processes" While svchost and WmiPrvSE are system processes , I do wonder why they are getting blocked and does that do anything bad to the servers? Even though that Wmiprvse tries to get access to ekrn , ESET blocks it and drops it as it is trying to protect itself.

Are you sure , you are able to close the ESET Service and not the GUI?

It's crazy that people still use Vista and XP , I could understand people using Windows 7 but those other 2 are obsolete at the moment.

The telnet that ESET is talking about is not among Windows features , you need to login in into your router and check the Telnet settings or disable it if you are not using it. If you are using your modem in Bridge Mode then the firewall does get turned off because it's in Bridged Mode , so there should be a router connected to the modem which is in Bridge Mode , the router should be with a firewall , so your devices won't be without a firewall. Connecting direct to the internet without any firewall is kind of risky.

Ok I understand , thank you both Marcos and ITman

But isn't that detection the ScriptInject is coming from a hijacked router/website/browser ?

Switch to Linux if you can , you won't regret it But even in Windows 10 , you can disable all of the Cortana features and also the location and so on.

uBlock Origin should be better and run more light , better than the Adblock versions when you add uMatrix , a lot of things will stop working in websites or websites will start looking broken , like even in this forum , if you use it , all of the things that do use Javascript will be stopped unless you allow them. It helps because if you visit a dodgy website it won't be able to throw all of the malicious JS at you.

But even though that it's on limited support , I do believe it's a bit risky to use Windows XP for any kind of usage.

I don't know what you have bought , but looks like for me a cd-key , depending for which product it is for , you should download the product from ESET website and then activate the cd-key that you have bought.

Try to add uBlock Origin to your browser and most of these should be blocked from the adblocker(uBlock) because it would prevent them from loading in the first place If you are really paranoid about Javascript in websites and want to prevent them from loading unless you instruct your browser to load them then add also uMatrix.

I've stopped using it since the accident that happened to them when they moved to Avast.

It blocked the install because CCleaner installer was doing some 'suspicious' activity to the Registry

I could see by testing installing of CCleaner , that HIPS does prompt for action to allow or block.

https://www.eset.com/us/about/contact/

I am assuming that you do use Android , have you tried to format the device using the recovery mode?

You are welcome , Glad you solved it.

Can you update using Google Play?

Thank you itman :), I will give a try and see if there is any difference.

Hello , I have a question regarding the settings of HIPS , I can't decide whether the HIPS should be set as Automatic Mode or Smart Mode (And no Learning Mode didn't run before) I am just trying to know the best practices for the settings.

I don't believe that ESET do offer DNS Services but you could take a look at OpenDNS which operated by Cisco https://www.opendns.com/ , there are also few other DNS services that offer security/privacy or protection against malicious links.

If the File Server is set as Terminal then no GUI would be presented , only if launched with admin rights , the GUI would show up. You could integrate Document Protection by enabling it in settings. You could set File Server to be at strict cleaning level where it wouldn't ask about cleaning depending on your settings , it will ask only if the detected file is a system related file , enabling the PUA setting is also good if the users aren't aware of what they are doing HIPS which is available in FileServer should be able to protect from Ransomware as it does have Ransomware-Shield. If you could be more detailed about what you are looking for I could provide with more help.

You are welcome

You shouldn't allow the URL because it might infect your machines or cause some damage to you incase ESET didn't detect it , you shouldn't turn off the protection , it's trying to protect you from malicious codes You should inform the people who are responsible for this website that their website redirects to a malicious website.

It might be some kind of ad in the website that redirects to that url , or the page is infected with malicious code.