Smart Security 8 Question

[itman 1,659]

I just want to use the firewall plus web and e-mail protections of this software. If I disable real-time file system protection and it's auto start feature, will web filtering and e-mail protection still 100% effective using the ThreatSense engine?

Edited April 10, 2015 by itman

[rugk 397]

You can't disable the autostart feature. And if you could (or do it in a not-suggested "bad" way) then ESET couldn't be execute any ESET feature.

However you can of course disable the real-time protection and the other things will remain completely active and working.

 

However why don't you want to use the antivirus features?

If you want install another antivirus then it surely wouldn't work as there are still drivers from ESET and other things using some real-time components.

Edited April 12, 2015 by rugk

[itman 1,659]

I will be using Emsisoft Antimalware as my real-time protection. I don't want to use SS 8's HIPS since it conflicts with my multi-boot configuration.

 

Again, I just want ThreatScan protection for web filtering and client e-mail.

Edited April 10, 2015 by itman

[rugk 397]

HIPS conflicts with your multiboot configuration? Really?

Can you give more details. Normally HIPS isn't active that early so it shouldn't cause any problems.

 

As I said in the way you want to do it may cause many conflicts. It's nearly the same as if you want to run two AVs at the same time.

However you can try it of course. At your own risk.

 

BTW HIPS and real-time-protection are two different things. So you can active one while deactivating the other.

[itman 1,659]

HIPS conflicts with your multiboot configuration? Really?

Can you give more details. Normally HIPS isn't active that early so it shouldn't cause any problems.

 

As I said in the way you want to do it may cause many conflicts. It's nearly the same as if you want to run two AVs at the same time.

However you can try it of course. At your own risk.

 

BTW HIPS and real-time-protection are two different things. So you can active one while deactivating the other.

See my posting here on the multi-boot issue: https://forum.eset.com/topic/4424-smart-security-8-trashed-my-pc/ .

[Marcos 5,072]

Disabling HIPS and real-time protection will also disable Advanced memory scanner and Exploit blocker, all of which are crucial protection layers that are aimed to detect and block malware that slips through web and email protection which is the primary layer of defense when it comes to Interner-borne threats. Doing so will change the protection status to red.

[itman 1,659]

Disabling HIPS and real-time protection will also disable Advanced memory scanner and Exploit blocker, all of which are crucial protection layers that are aimed to detect and block malware that slips through web and email protection which is the primary layer of defense when it comes to Interner-borne threats. Doing so will change the protection status to red.

Emsisoft Antimalware has an excellent behavior blocker. I use EMET for exploit protection. Based on latest tests PCSL/Malware Research Group ran for exploit protection, I am far better off using EMET than anything Eset has.

 

Actually, all I really need is the firewall. Based on the user manual for Smart Security 8, most of the protocol, web, and e-mail filtering features are disabled anyway to conform to Windows Filtering Platform.

 

Is there anyway I can just install the firewall portion of SS 8?

Edited April 11, 2015 by itman

[SweX 871]

 

Disabling HIPS and real-time protection will also disable Advanced memory scanner and Exploit blocker, all of which are crucial protection layers that are aimed to detect and block malware that slips through web and email protection which is the primary layer of defense when it comes to Interner-borne threats. Doing so will change the protection status to red.

 

Is there anyway I can just install the firewall portion of SS 8?

 

No, it is not possible to install separate "components" of  NOD32/ESS. Everything is tightly integrated, and has been for many years.

 

But why would you want to install a "suite" product and only use one feature ? ESS is not really meant to be used like that. You'd be better off by using some other stand-alone software firewall.

 

Based on the user manual for Smart Security 8, most of the protocol, web, and e-mail filtering features are disabled anyway to conform to Windows Filtering Platform.

 

 

Disabled ?

 

First you said:   "I just want to use the firewall plus web and e-mail protections of this software."

 

But now you only want the firewall, did you change your mind ?

 

Personally, if I only wanted a software firewall I wouldn't pick ESS only for its firewall. It would be like using the most bloated "firewall" in the world. Not sure what you are trying to achieve here.

Edited April 12, 2015 by SweX

[Fred Singh 1]

EAM will happily co-exist with ESS if you so choose,

I used this combination quite recently, but did not see any real benefit in doing so.

Curious to know why also

[rugk 397]

Based on the user manual for Smart Security 8, most of the protocol, web, and e-mail filtering features are disabled anyway to conform to Windows Filtering Platform.

Just to clarify this...

No there you misunderstood something. ESS uses the Windows Filtering Platform. It integrates in these.

Edited April 12, 2015 by rugk

[itman 1,659]

EAM will happily co-exist with ESS if you so choose,

I used this combination quite recently, but did not see any real benefit in doing so.

Curious to know why also

Could you give me a bit more info.

 

Did you set exclusions for each? If so, what were they? Did you set Eset's real-time AV to scan on one event and EAM a different one? Addition config. info, etc.

[itman 1,659]

I re-installed SS 8 with all options active. I did total shutdown Emsisoft Anti-Malware when I did this. I then set exceptions in the real-time scanner and web protection for EAM's start, guard, and service apps.

 

Then I started up EAM and likewise set exceptions for Eset's main apps; equi, ekrn, SysInspector, and one or two more - can't remember their names. I also reset EAM's real-time protection to "balanced" which only scans files on modification.

 

Debating whether I should set Eset's real-time scanner check for file creation to "off" since I have EAM's set to do the same thing?

 

Also, I believe my original Eset's installation might have be "hosed." For that one I use the online installer. This time, I downloaded the full .msi installer. Definitely seemed like this installation took a lot longer than the original online installation did.

 

I also did a re-boot after the initial Eset SS 8 full scan completed. So far, so good. Time will tell. My Win 7 boot files did not get corrupted until two cold boots after the initial Eset installation.

 

Note: I did not set any exceptions in Eset for EMET 5.2. Should I?

Edited April 12, 2015 by itman

[Marcos 5,072]

1, We don't recommend installing ESET with any other security solution that uses drivers for the same purpose (real-time protection, HIPS, firewall,etc.).

2, Disabling any of the protection options as well as defining exclusions lowers protection capabilities of ESET. In the end, you could get infected with ESET partially disabled and the other AV fully enabled. On the other hand, with only ESET installed and fully protecting your pc, the infection could be prevented.

[rugk 397]

Note: I did not set any exceptions in Eset for EMET 5.2. Should I?

That's your experiment - I can't give it a better name. Maybe it works, maybe not.

You have to know what you do. You're acting at your own risk.

 

BTW did you also told of the thing you're doing in the Emsisoft forum?

Edited April 13, 2015 by rugk