Jump to content

Search the Community

Showing results for tags 'HIPS'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • ESET General Forums
    • ESET Announcements
    • General Discussion
    • Forum FAQ's and Rules
    • Submit a virus, website or potential false positive sample to the ESET lab
    • Quick questions by guests (registration not required)
    • WeLiveSecurity.com
  • ESET Home User Products
    • ESET Internet Security & ESET Smart Security Premium
    • ESET NOD32 Antivirus
    • ESET Cyber Security (for Mac)
    • ESET Cyber Security Pro (for Mac)
    • ESET NOD32 Antivirus for Linux Desktop
    • ESET Products for Mobile Devices
    • Web portals
  • Malware Detection and Cleaning
    • Malware Finding and Cleaning
    • ESET Standalone Malware Removal Tools
  • ESET Business User Products
    • ESET Cloud solutions
    • ESET Endpoint Products
    • ESET Products for Windows Servers
    • ESET Products for Linux Servers
    • ESET Products for Mobile Devices
    • Remote Management
    • ESET Enterprise Inspector (EDR)
    • ESET Products for Virtualized Environments
    • Encryption
    • ESET Licensing for Business
    • Other ESET business products
  • ESET Beta Products
    • ESET Beta Products for Home Users
    • ESET Beta Products for Business Users
  • Slovak and Czech forums
    • ESET NOD32 Antivirus, ESET Internet Security a ESET Smart Security Premium
    • Produkty pre mobilné zariadenia
    • Vírusy a iné hrozby
    • Ostatné

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Interests

Found 25 results

  1. Hi guys, I have ESET ERA 6.5. I was reinstall ESET Endpoint Antivirus 5 to Endpoint Security 6.5. Process reinstall was ok, but in status on host I have this error: Host Intrusion Prevention System (HIPS) is disabled Firewall rule is set to enable and is applicated. How I can resolve this issue? Thank you
  2. I'm trying to run a scanning software "document capture pro" on my epson w-4630 with the older versions of eset it worked fine as I gave the scanning software all the rights to run in HIPS Now with the newer version it does not work anymore. The software cannot communicate with the printer anymore. It's blocked like a malware. I tried the eset learning set up with no success. Interesting it works from the printer side, one can save the document on the pc, which does not make sense at all. Anyone any idea how to approach this problem. For me the scanning is quite important as I scan many times documents as pdf's. thank for a hint
  3. I receive this message from time to time :- "Communication with driver HPS failed is inactive". Could you please help in solving this problem?. Thank you.
  4. Hello, I upgraded to ESET 9.x a couple of months ago. I immediately found that the new interface presents some serious usability issues, but I waited patiently for following updates to fiss this mess. Unfortunately, in recent Software updates, nothing changed on this front, so I decided to create a user account for this forum to ask whether it is planned to fix at least the most annoying issues, or if this is the "new course" ESET is willing to pursue, in which case I will decide on my next renewal accordingly. The issues - mainly tied just to (very poor) UI design - are the following 1) the Interactive Mode popup is mostly useless: - there is no longer the possibility to "Create a custom rule" from said popup: you only decide to create an Allow or Deny "Create a rule and remember permanently" with the selected options - the "Remember until application quits" option when HIPS popups show up is utterly useless: especially during windows updates, the SAME executable spawns tens of popups one after the other, even if the options selected along with the "Remember until application quits" should basically whitelist that executable for anything it could attempt until it closes (and no, I do not want to create a permanent rule for an executable which will only run ONCE, as my rule list would get incredibly long and cluttered for no good reason) 2) the Rules editor in the Personal Firewall advanced setup has suffered a heavy blow in the last edition of the UI: while I can understand (and appreciate) the possibility of showing rules in order of execution, I permanently lost the possibility to group rules by application, and - even more shocking - there is no way to display the list of rules ordered by any other column! Why on Earth can't I just click on the "Application" or the "Protocol" column to change the order the rules are displayed (not executed) is beyond me... This makes it very difficult (and incredibly annoying) to manage different rules for the same application, especially if those rules were created at different times and end up being all over the place... (yes, I know there is a very cumbersome filter funcion on the top-right, but it's nowhere near as useful as it should be) The previous UI was working way, way, way better, and (even if this is subjective) it was also clearer to read... this one, with its ample white spaces and its low-contrast grays, and the general lack of icons, hinders way more than it helps, and this is clearly a sign something is seriously wrong with it... If this is the new look you want ESET applications to have, I can adapt, but at least don't strip away functionalities when you make these changes (especially if there is no good reason to do that). Thank you.
  5. hi can eset 10 block Ransomware and Recent Variants mbr with the hips ? in short there is a better hips in v10 that can avoid mbr inflected ? and is there another program to use with eset to block Ransomware and Recent Variants
  6. Hello. I'm new to the forum and also to using an ESET product. Please be gentle... Also, apologies if this has been discussed elsewhere before. I attempted to search and only found one thread from 2014 (Smart Security Version 7) and it wasn't quite the same problem. I am using ESET Smart Security 9.0.377.0. My computer specs are in the attached dxdiag.txt file. Problem: With HIPS activated, I launch Google Chrome, no chrome window pops up, but Windows Error Reporting comes up asking to send information to Microsoft while Google Chrome alerts that it has crashed. Both windows eventually close and that's it. I can see chrome.exe pop up in Task Manager, but half a second later disappear, alerts that it has crashed, and then no other instance of chrome.exe stays. How I know it's ESS HIPS: When I turn HIPS off and restart, chrome will work. When I turn it on, chrome will crash. Chrome will work up to the point until when I merely turn the switch on and click OK, then it will crash. Definitely crashes when I enable HIPS and restart. Pertinent notes: Other browsers work flawlessly. I have everything enabled in the “Basics” section other than Advanced Memory Scanner. Filtering mode is set to “Learning mode.” In Event Viewer, this is some of the information that is shown { Log Name: Application Source: Application Error Date: 5/11/2016 12:44:22 Event ID: 1000 Task Category: (100) Level: Error Keywords: Classic User: N/A Computer: Michael-THINK Description: Faulting application name: chrome.exe, version: 51.0.2704.36, time stamp: 0x57294d97 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x000000000007009c Faulting process id: 0x24ec Faulting application start time: 0x01d1ab58c7646ae5 Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Faulting module path: unknown Report Id: 2cbe82b2-174c-11e6-ae24-e006e6b7659e } A full copy of the details in text is in the attached Event Viewer Data.txt file. Attempts at a Solution: I've tried uninstalling and installing chrome. I even removed the “User” folder in chrome’s application data folder so to start the program from scratch. I tried opening it regularly and incognito. { I’ve created a rule in the “Basics” section where the Action is set to “Allow” with Operations affecting Files, Applications, and Registry entries. Enabled, Log, and Notify User is also checked. Source applications is set to chrome.exe. It is further set/check-enabled to the settings All file operations, all files, All application operations, All applications, All registry operations, and All entries. If you must know how I set the “Advanced Setup” section, let me know and I will post that information. } I have uninstalled SSE and reinstalled it. Right-click on chrome icon, and select “Run as Administrator.” I would really love to take advantage of the security that enabling HIPS offers and would hate that the program always showing an alert that HIPS is disabled. Please, anyone, help me! If anything, to be pointed in the right direction and/or directed to the right people to try and get this resolved. Thank you so much in advanced. DxDiag.txt Event Viewer Data.txt
  7. Hi, upgraded to eSet SS 9 however on restarting Chrome error messages started appearing saying the extension had crashed. Chrome would open but none of the tabs would display anything. Turned off HIPS and restarted and everything was fine.
  8. Im afraid of have a virus and i purchase NOD32. Finishing the installation several problems show off
  9. Dear Support, I am facing issues with cisco ISE client configuration ,with ESET endpoint security 6.3 with HIPS and firewall enabled cisco ISE is not able to identify it as a valid antivirus software and doesnt allow the network access as per the rules. Please advise if there is any particular documentation about this integration. shaik
  10. Hello all, I am posting in these forums because for years I have been using ESS security software, since my XP Machine and the days when it was called NOD32. I loved it and never had any problems with any version of ESS up until now v9. All the previous versions worked flawlessly on my computers. Now here is the thing. I waited and waited and finally updated my system to Windows 10 TH2 OS Build 10586.71 in November. Now this is a clean install. I realize I did a stupid thing by removing ESS v9 before making this post so I could be able to send some logs but the freezing was driving me insane that I had to remove it. So basically my problem is that with ESS v9 on some occasions when I boot up the computer it just freezes right at startup after I login. The system becomes unresponsive. The only way I can get back into the system is by holding down the power key and power down and then restart. Sometimes after the 2nd try I get in. Now the reason I am thinking that ESET is the culprit because this is my 3rd install on this machine. Clean format install. First I thought it was a drivers issue, then I blamed and diagnosed the hardware. After doing these steps for the last 2 months and up until today I did another format and descovered that my ESS v9 is the culprit. Now how do I know this? Well this format around, I installed nothing. I did a complete clean install from the USB ISO created by Microsoft installer. Then once I installed I added 3 programs, Firefox, Chrome and Winrar. Also added Flash for Firefox, let Windows update install all the rest by itself, drivers and etc. This laptop is a Lenovo ThinkPad x220 series laptop. So the hardware is decent. i5-2520M CPU, 4GB RAM, 256GB SSD, Intel HD Graphics 3000. All drivers and everything are WHQL signed and work just fine, no problems in display manager. So, I installed ESS v9, completed setup, activated trial license 30 days, reboot working OK, reboot again, working fine. Shut down, leave for a few hours, startup. Boom, frozen at desktop with the ESS logo on the desktop, system completely unresponsive. Had to hard shut-down the computer via power button. Now this had been happening for the last 2 months and I was troubleshooting the out of the laptop, thinking its a driver error, Windows 10 error, some other software, nothing. I am not a n00b when it comes to computers so I couldn't believe it was ESS v9, it was my last resort. Anyways, I uninstalled ESS v9 and low-and-behold!!! The system doesn't lockup anymore!!! All is back to normal. So, there is something in ESS v9 that is causing my W10 machine to freeze at boot for no apparent reason. As I make this post I am going to install ESS v8.0.319 and activate a trial license and see how the system responds. I never had any problems with ESS v8, it always worked just fine. I went to v9 because I figured new Windows (w10) I should update the software to ESS v9 for Windows 10 because its probably made for it. So I am going to keep this thread active and see how it goes. As it stands now, ESS v9 has been removed from my system, I have no A/V and the computer is not freezing at all. I am booting up, shutting down, restarting, everything, no freezes. This is now my 4th clean format and quite frankly I am sick of formatting the computer trying to troubleshoot it, thinking it was something else. I will monitor this for 24h and proceed to install ESS v8 and see what happens to my system. As far as I stand ESS v9 is locking up my computer because as soon as I removed it, the freezing stopped. This is an official release of Windows 10 PRO v1511, no insider editions nothing. And no other software or drivers have been installed. I have left this as basic as possible, to see what is causing the freezing at boot. So far no ESET, no freeze, so its starting to make me really wonder about ESS v9 and W10 compatibility. I don't think ESS v9 is W10 ready yet IMO. Also ESS v9 kept on asking for operating system updates to W10, that were non-existent. It would suggest 20 or so critical updates (mostly hardware) but when clicked to update, the notification would just disappear and Windows Update would come back saying no new updates are available. So this is a bug in v9 for W10 machines. I hope an ESS Tech Support team/agent will take a look into this and follow up with me. So far as I type this ESS v9 has been removed. I'm sorry I didn't keep it for log purposes but if you need me to reinstall it, I will to find out what is causing these errors. So far I want to monitor the computer and abuse it, see if there are any lockups at boot without ESS v9 installed so I can 100% rule out that it is the cause of my system lockups. Thanks.
  11. I have ESET Antivirus 7 on MY HOME PC Win 8.1 I have problem updating the Antivirus to version 8, it almost came to 99% and then is a error. I have the same problem with the Virus Definitions, I then disabled HIPS and try like 3 times turning off HTTP Proxy on the update settings and I could update the definitions. With HIPS turne on I still have problems with any browser downloading anything, cclener, try NVIDIA drivers, almost all downloads stucks at 99% or the download is interrupted, these all happens with any browser, I tried uninstalling ESET Antivirus like 4 times, tried with ESET SMART SECURITY, tried with ESET ENDPOINT, I even TRIED reinstall Win 8.1 with keeping my apps, files, and folder, so the registry will be clean, and the problems is still there. I used on others laptops and PC ESET antivirus and never have a problem. The problem is on MY PC from HOME. When I uninstall ESET and activates Windows Defender everything works perfect, can download anything and works OK. What can I DO? I don't want to USE Windows Defender, because I love how ESET protects the PC. By the way the endpoint 6 the desing is beautiful. Cheers! I turned the HIPS LOGS to see if something wrong and here are the results: 5/22/2015 12:30:17 AM C:\Windows\System32\svchost.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application,Modify state of another application 5/22/2015 12:30:17 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:26:18 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:26:17 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:26:15 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:26:14 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:26:12 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:26:12 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:26:11 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:26:10 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:26:09 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:26:08 AM C:\Program Files\Logitech\Gaming Software\LWEMon.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application,Modify state of another application 5/22/2015 12:26:08 AM C:\Program Files\Logitech\Gaming Software\LWEMon.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application,Modify state of another application 5/22/2015 12:26:07 AM C:\Program Files\Logitech\Gaming Software\LWEMon.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application,Modify state of another application 5/22/2015 12:26:07 AM C:\Program Files\Logitech\Gaming Software\LWEMon.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application,Modify state of another application 5/22/2015 12:26:06 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:26:03 AM C:\Windows\System32\svchost.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Modify state of another application 5/22/2015 12:25:58 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:24 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:20 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\csrss.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 5/22/2015 12:20:19 AM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\winlogon.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/22/2015 12:20:19 AM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\winlogon.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/22/2015 12:20:19 AM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\winlogon.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 11:10:04 PM C:\Windows\System32\svchost.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application,Modify state of another application 5/21/2015 9:45:46 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:45:45 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:45:44 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:45:42 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:45:29 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:45:18 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:45:09 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:45:06 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:45:03 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:40:05 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:40:00 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:39:58 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:36:43 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:36:42 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:34:46 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:34:43 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:32:18 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:31:55 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:31:54 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:31:38 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:31:37 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:31:23 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:31:10 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:29:54 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:28:49 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:28:47 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:28:45 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:28:43 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:28:41 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:28:40 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:28:40 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:28:39 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:28:37 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:48 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:36 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:24 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:22 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:21 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:20 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:19 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:18 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:18 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:15 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:15 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:14 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:12 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:10 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:09 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:08 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:07 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:06 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:05 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:04 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:04 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:03 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:22:02 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:21:59 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 5/21/2015 9:21:54 PM C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\csrss.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application
  12. Hi, I've seen that Kaspersky has a protection module to tell you if your webcam is been used. This would be a great feature to add to Eset, because some people like me get a bit paranoid if my webcam is on. Can you please consider this suggestion. Thank You
  13. Hi, We use a windows based softphone called 3CX Phone for Windows at the office. I've recently changed malware protection on a Windows 8.1 laptop to Eset Smart Security V8. Since doing so the 3CX Phone program can no longer communicate with the 3CX phone system. To date I have tried the following: 1. Added the program's folder to the Realtime scanning exclusion list 2. Turned off/disabled every single Eset module in its Setup section. This had no effect, even after a reboot. 3. Uninstalled Eset. After doing so and performing a reboot the 3CX Phone program worked fine. I reinstalled Eset, and now the problem is back. Does anyone know what needs doing to the Eset security suite to resolve this issue? Thanks, Adriaan
  14. After the recent manual ESET v8 update, I started getting a HiPS driver failed pop up error notification. I've searched the ESET Forum and though there's a few things that came up with similar issues a couple of years ago, nothing recent or relevant to my exact recent issue or the actual fix. The usually responses were to just reboot the OS, but that did nothing for me and the problem was still persisted. Trying to disable the HiPS in the ESET SS Advance setup, then reboot with it whilst HiPS is disabled and re-enable after a reboot did not work either. Image can also be seen in full here: plus.google.com/photos/+FazZKhedoo/albums/6146326102544238305 I'm not exactly sure how to test if the HiPS safely, as it's possible it's working? ESET SS's main screen shows HiPS Disabled, but within the Advance setup it shows Enabled (Box ticked). This is actually my first issue with ESET in the many years I've been actively using ESET (including setups I've built for over fifty family and friends), so my apologises for the lack of other information you might require to diagnose this problem, but feel free to ask/explain what else is needed if anything. Thanks for your time and hope you/someone can help
  15. Hi, guys, I got some notices on HIPS when my windows 7 ultimate startup. It looks like ESS HIPS block some processes, the HIPS is set as smart mode. logs: 2015/2/26 21:44:08 C:\Windows\System32\svchost.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application,Modify state of another application 2015/2/26 21:44:06 C:\Windows\System32\svchost.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application,Modify state of another application 2015/2/26 21:42:41 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:41 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:40 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:39 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:39 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:39 C:\Windows\System32\svchost.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Modify state of another application 2015/2/26 21:42:38 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:36 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:35 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:35 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:35 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:35 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:34 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:32 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:31 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:31 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:31 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\csrss.exe Get access to another application D:\Program Files\ESET\ESET Smart Security\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application 2015/2/26 21:42:30 C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\winlogon.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 2015/2/26 21:42:30 C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\winlogon.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application 2015/2/26 21:42:30 C:\Windows\System32\svchost.exe Get access to another application C:\Windows\System32\winlogon.exe some access blocked Self-Defense: Do not allow modification of system processes Modify state of another application so I scan the windows, it is clean. I switch HIPS to learning mode and restart computer , problem still here . what I should do ? can any one help me ?
  16. I am using ESS 7.0.302.26 on a Windows 7 machine. I've just noticed the HIPS log file has grown to almost 7GB and growing. Yes, the "Log all blocked operations" option was set. If I try to display the HIPS log, ESS has a long think about it, and then displays nothing. I can't find any option to delete or reset this file, and the "Optimize (log files) now" process doesn't achieve anything in this regard. In hindsight, probably having the log all block operations selected permanently has led to this situation, but I prefer to be able to check the details of protection operations. How can I clear this log file? -- thanks for any assistance
  17. Hello, I have tried all I know to do before seeking help. My HIPS log contains the following: 8/12/2014 9:55:34 PM C:\Windows\System32\services.exe Modify startup settings HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrustedInstaller\Start allowed Automatic mode 8/12/2014 10:03:36 PM C:\Windows\System32\services.exe Modify startup settings HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\efavdrv\Start allowed Automatic mode 8/12/2014 10:40:08 PM C:\Windows\System32\services.exe Modify startup settings HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MBAMSwissArmy\Start allowed Automatic mode You get the idea I'm sure. ANY help greatly appreciated! Just direct me as to what I need to do on my end. Thanks in advance
  18. Few month ago when I was last using HIPS in interactive mode I usually got a prompt when application was run for first time. If I used Learning mode appropriate rule was created automatically. Now things got changed. If Explorer.exe runs an application I get no prompt. No rule is created in Learning mode also. If I run new application from let's say Total Commander I get prompt and also rule is created if in Learning mode. So my question is this: is this normal way how HIPS works now? Why is explorer.exe exempt from being monitored when executing other applications? If non-detected virus executable was run by Explorer.exe HIPS wouldn't ask for my permission and would let the virus run. Might be something wrong with my rules that would enable explorer.exe launching new apps without prompt? My specs: Windows Pro 8.1.u.1 x64 ESET Smart Security 7.0.302.26 HIPS module: 1124 (20140331)
  19. Hi Team, After several days (weeks?) of testing "ESET HIPS against CryptoLocker" I can confirm that I sure would recommend it, at least regarding the part that it does not interfere with legitimate applications. This is the resulting page when "something" (an .EXE) tries to execute itself from %AppData%: (see attached image 01) So, HIPS will ask customer for action, and also an "automatic" exception rule can be added from within alert window (as this example for some Java's module): (see attached image 02) The original rule (named "CryptoLocker") looks like this: (see attached image 03) Rule asks me whenever an EXE tries to execute. At the start, I was not sure whether subfolders will be included in rule, but this proves they are. The only "problem" is that I did not manage to create generic rule (using %AppData% variabla) – I had to enter full path. So, from my point of view – I will give this rule a go :-) Tomo
  20. First I wish Happy New Year to all of you! I have a problem with multiplication of default HIPS rule. I have set ESS HIPS to Learning mode. The rules that are created I manually sort and combine into my own rules (first three rules on attached picture). Over the time when I created necessary rules, default rule named "Allow registry access and driver loading required for successful boot" started to duplicate. First there was only one rule, then three, now I have four already. I checked all four of them and they are EXACTLY THE SAME. So now to my question: how can I remove redundant default rules? If I delete three redundant rules they are not deleted - when I commit changes with OK, they reappear. It seems as there is no way to remove them. Or am I missing something? Thank you for your help! My specs: OS: Windows 7 Ultimate X64 SP1 with all updates installed ESS: 7.0.302.26 HIPS Support module:1106B (20131210) Please tell if any additional info is required.
  21. I found this thread hxxp://www.wilderssecurity.com/showthread.php?t=343237&goto=nextoldest which looks like it's shutdown. I'm experiencing this exact issue. I bought my Windows 8 computer 10 months ago and after loading everything on it I noticed it would take up to 10 minutes to shut down. I thought it was because of the super slow HDD it had in it. But, just this afternoon I installed a new SSD. Fresh Windows 8 install with nothing but Nod32 installed and my shutdown times went from 4-5 seconds to several minutes. Needless to say I was very disappointed. So I googled it and couldn't find an answer except on that forum link above. I disabled HIPS and real-time protection and it resolved the issue. But, that's rendering Nod32 practically useless. I just renewed my license for 2 years no knowing that Nod32 was the culprit. Hopefully there is something else I can try? I have already updated all of my drivers; which was another suggestion on that post. Please help!
  22. I'm having some issues with the HIPS component of NOD32 (both v6 & v7): when enabled, it keeps a disk cloning application I use for backup from completing successfully and causes MS Office 2013 applications (in particular Outlook, OneNote, Word) to repeatedly crash, numerous times a day. I know these problems are caused by HIPS, as when it is disabled the cloning application completes successfully and the MS Office apps don't crash. I did create a HIPS rule to allow the cloning app to conduct all operations, and it does complete successfully with this rule, but the HIPS logs show "some access allowed" for many of the operations when I expected all access to be allowed. I also see in the HIPS logs that many operations for other programs and OS components are blocked or partially blocked, which concerns me as there isn't malware on my machine and I'm assuming these operations should be allowed (as they would be if it weren't for HIPS). My ultimate concern is that HIPS is interfering with applications silently, i.e. they're failing and I'm not aware of it. A few questions: - Is it really that unwise to use NOD32 with HIPS disabled? - I've read mixed thoughts on using Learning Mode: could doing so allay my fears? As it is now, I'm unsure it would, as even with an explicit rule for my cloning app, not all access is allowed. Any thoughts or advice would be greatly appreciated!
  23. This past week I upgraded two Win7 Ultimate x64 systems from NOD32 Antivirus from 6.0.316 to 7.0.302. On both systems, I uninstalled 6.0 first (via add/remove programs). And on both systems, version 7 installed fine ... no issues. However, I have two questions: 1) On both systems, prior to upgrading under version 6, the Real-time file system protection module had been at version 1009 (I believe with a March 2013 date). Now, on version 7 the version for the module is 1006 (dated September 2011) on both systems. All the other modules are from 2013. What version should the real-time module be? Current modules (as of October 19 at 9:45 p.m. Eastern): Virus signature database: 8939 (20131019) Update module: 1044 (20130708) Antivirus and antispyware scanner module: 1411 (20131004) Advanced heuristics module: 1143 (20130909) Archive support module: 1180 (20130930) Cleaner module: 1078 (20131003) Anti-Stealth support module: 1053 (20130906) ESET SysInspector module: 1237 (20130701) * Real-time file system protection module: 1006 (20110921) * Translation support module: 1122 (20130911) HIPS support module: 1097B (20130927) Internet protection module: 1085 (20131011) Database module: 1040 (20130822) ... also, any thoughts on why the HIPS module is 1097B (what is the "B"?). On both systems, the modules are exactly the same -- and "regular updates" are selected. 2) All of my email accounts are Gmail (using IMAP) and I access mainly using Outlook 2013. In order for the email scanning at the "port level" to work properly, do I need to enable SSL scanning so that port 993 is scanned?
  24. With HIPS activated , Stardock's Windowblinds program fails to load correctly, leaving the program useless. Apparently others know of this issue and think it is a DLL that is causing the problem . I have just submitted a ticket to Stardock , but was curious if anyone else had this issue. If you disable HIPS , Windowblinds loads correctly. If I knew which DLL was the issue , I would try creating a rule in HIPS to ignore it , but no information is being logged by HIPS even saying it is blocking it ( I enabled full logging in HIPS ).
  25. Hello, I don't know how to upload a compressed file here.So I use G-drive instead.The file is password "virus" protected. hXXps://docs.google.com/file/d/0Bx1hbbDESmtPYTlPb1VDVHFHT2M/edit The HIPS cannot detect the code injection behavior in all-manual mode.I don't know if you can get what I am trying to say here. Regards, Jason Lee
×
×
  • Create New...