novice 20 Posted February 9, 2017 Share Posted February 9, 2017 Hi, I found this article: "Configure HIPS rules for ESET business products to protect against ransomware" hxxp://support.eset.com/kb6119/ Can I get ransomware protection on NOD32 v.8 if I create the same HIPS rules? Thanks! Link to comment Share on other sites More sharing options...
Administrators Marcos 4,720 Posted February 9, 2017 Administrators Share Posted February 9, 2017 Yes, it should work. However, since the rules block also legitimate operations, you may encounter issues when attempting to run legitimate scripts for instance. I'd strongly recommend upgrading to v10 which includes ransomware protection for monitoring process behavior and detect potential ransomware. Link to comment Share on other sites More sharing options...
novice 20 Posted February 9, 2017 Author Share Posted February 9, 2017 (edited) Can you clarify, please? Is YES or NO? Edited February 9, 2017 by novice Link to comment Share on other sites More sharing options...
itman 1,543 Posted February 10, 2017 Share Posted February 10, 2017 26 minutes ago, novice said: Can you clarify, please? Script-Based Attack Protection Detects attacks by malicious scripts that try to exploit Windows PowerShell. You can specify rules for system registry, active processes and programs to fine-tune your security plan. For more information including compatible browsers and other system requirements, see the Script-Based Attacks Protection topic. Ref.: http://support.eset.com/kb3753/#ScriptProtection Ransomware can be delivered using packed and obfuscated Powershell scripts that uncloak and execute in memory. If you are using Win 10, Eset version 10 can detect and examine such scripts for malicious behavior. Additionally, Eset version 10 running on Win 10 employs an early launch antimalware driver(ELAM) that enables it to launch at boot time prior to other processes. This allows it to not only to protect its own kernel process but to examine other processes for malicious behavior as they load. Link to comment Share on other sites More sharing options...
Recommended Posts