Jump to content

MHRSFI

Members
  • Posts

    25
  • Joined

  • Last visited

Kudos

  1. Upvote
    MHRSFI gave kudos to itman in URL/Urlik.AAR Object - pastebin - virus?   
    Change the rule to the following;
    1 . In the Source applications window, delete C:\Windows\System32\cmd.exe. In the top window, select "All applications."
    2. In the Applications section, in the top window select "Specific applications." Then add C:\Windows\System32\cmd.exe and C:\Windows\SysWOW64\cmd.exe.
    This will show what is running cmd.exe. I suspect it will show svchost.exe which really tell us nothing since we need to know what service is being used.
    Post a screen shot of the Eset alert. I believe that might show the service being used.
  2. Upvote
    MHRSFI received kudos from MarcFL in PC Security Channel claims Ransomware Shield Doesn't work - Asks for Eset Comment   
    In my experience with multiple commercial products, I find ESET one of the most reliable and easy to use product (I don't mean its prefect at all) but I do think HIPS setting of the product it's a little bit confusing! For example, it's not clear what Smart/Auto filtering modes do differently!
    Or having a webpage for some manual rule to protect against ransomware! Shouldn't this be part of the options in product?
    https://support.eset.com/en/kb6119-configure-hips-rules-for-eset-business-products-to-protect-against-ransomware
    https://support.eset.com/en/kb6132-configure-firewall-rules-for-eset-endpoint-security-to-protect-against-ransomware
    Even in these 2 webpages, there isn't a lot of explanation why you should set these rules.
  3. Upvote
    MHRSFI gave kudos to itman in Firewall isn't available in Server Security   
    My guess is something is screwed up with the installer's validation of Eset Protect existence;
    https://help.eset.com/efsw/11.0/en-US/idh_config_epfw_basic_group.html
×
×
  • Create New...