Erik 0 Posted June 29, 2017 Share Posted June 29, 2017 (edited) Hello! I doubt it has gone under anyones radar that there's a huge problem with ransom ware in the world today, and being a home user with a plenthora of private photographs i have done my backupsbut i want to try and tighten down my PC a bit. Doing some reading i got the suggestion to use HIPS to deny any running of executables from the %APPDATA% directory (My home directory). Is this possibly to accomplish in Windows 10 x 64 Home Edition, using NOD32 antivirus / HIPS functionality, and if so - how? With regards, Erik Edit: I posted the topic yesterday, and taking this t ime for a paid service to even process the thread to become publically available is seriously bad practice. I'm off to free AV's again. Edited June 30, 2017 by Erik Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted July 3, 2017 Administrators Share Posted July 3, 2017 Yes, it can be accomplished using HIPS. Please refer to this KB for some examples: http://support.eset.com/kb6119 Quote I posted the topic yesterday, and taking this t ime for a paid service to even process the thread to become publically available is seriously bad practice. I'm off to free AV's again. Access to this forum is not paid and is free to everyone. Approving the first post of a user is an effective measure how to prevent spam flooding the forum and since it was weekend, it could take some time to get your post approved. Link to comment Share on other sites More sharing options...
novice 20 Posted July 3, 2017 Share Posted July 3, 2017 9 hours ago, Marcos said: Yes, it can be accomplished using HIPS. Please refer to this KB for some examples: hxxp://support.eset.com/kb6119 Now question: If is that simple, why we did not implement this on ESET v8 , rather than developing V10 with a dedicated antiransomware module???? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted July 3, 2017 Administrators Share Posted July 3, 2017 55 minutes ago, MSE said: Now question: If is that simple, why we did not implement this on ESET v8 , rather than developing V10 with a dedicated antiransomware module???? It's like asking why we didn't implement it in NOD32 v1 and waited until v10 Or why Windows 10 couldn't look and work like it does since v1. Every software is developed over time and reacts to current needs. Even cars or other things were not like they currently are at the time they were invented and things as well as software and even we humans continue to develop. Link to comment Share on other sites More sharing options...
novice 20 Posted July 3, 2017 Share Posted July 3, 2017 Sorry, I may not be clear enough. I fighting against ransomwares can be accomplished simply by creating a set of rules in HIPS, why we did not create the rules in v8 , which was a perfect version of ESET (NOD), rather than going through the pain of releasing a totally new version (v9, v10) with a dedicated antiransomware module, which , so far did not prove to be extremely efficient. Moreover, as long as v8 is still supported , why not update automatically HIPS with that specific set of rules, so users still using v8 would get antiransomware protection? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted July 4, 2017 Administrators Share Posted July 4, 2017 It's not true. HIPS rules alone would cause a lot of problems. If one wants, we have a document with hints as to what rules can be added to mitigate ransomware. However, the user must know how and what to fix if issues stemming from the rules occur. The Anti-ransomware feature is not simply HIPS rules that have been added. It's a sophisticated system for evaluation of process behavior which is an extension of HIPS. Adding brand new features to old versions with limited support is not a practice of software or operating system vendors. Link to comment Share on other sites More sharing options...
Recommended Posts