Jump to content

Archived

This topic is now archived and is closed to further replies.

LoneGeek810

Beta 7

Recommended Posts

I am wondering, has there been any improvements to the HIPS? New rules in auto mode? is interactive mode just as talkitive?

Also, how stable is the current beta?

How possible is it to create an installer similar to avast where you have the option of installing certain modules?

Share this post


Link to post
Share on other sites

Hello,

The last big update to the HIPS module was v1087, which introduced preliminary support for Microsoft Windows 8.1. Subsequent module releases after that (1088-1090) have just contained internal fixes.

Regards,

Aryeh Goretsky

Share this post


Link to post
Share on other sites

How possible is it to create an installer similar to avast where you have the option of installing certain modules?

I hope ESET never goes that route, as having everything tightly integrated is one of ESET's stong parts if you ask me!

 

If you want to get the full power out of Avast including their web protection, http scanner, url blocker etc, and on-access protection, behavior blocker, you pretty much need to installed the whole product anyway, so having the modules separated like that becomes less useful. And it's much easier for users to end up with a product that doesn't protect them as well as they think if they leave out the wrong modules. Besides I don't think Avast recommends users to install just 2 modules out how many they now got, and leave the rest out. All you do when leaving some of the shields out is that you will end up with a crippled product.

 

Also, I don't think AV-C is testing Avast with just 2 "shields" and think "the rest of the shields is not important". They test the whole product as it is meant to be used. This turned into an Avast post, but it's not really about Avast, it's about that I don't like AV's that have their modules spread out all over the place. Or that you need to install a browser plugin to get web protection as some other vendors do, "the plugin is not compatible with that browser you will not get any web protection". Integrated is so much better in many ways, and that's a huge reason why I have stayed with ESET so many years. :wub:  And I guess that's why I always post  a long useless post like this when someone wants the modules to be separated. :) But if you actually like that, then all I can say is keep using Avast ;)

 

This is not a negative post about Avast and the level of protection they offer, it's way above average, its only that I am not a fan of their product design if you will.

 

It might be good to say something else regarding your Beta question. Yes, Beta build 104 is stable IMO.

Share this post


Link to post
Share on other sites

Eset is in the market of light weight.

Small system image, low on memory, you get the jist.

:)

Share this post


Link to post
Share on other sites

Eset is in the market of light weight.

Small system image, low on memory, you get the jist.

:)

Correction, ESET is not low on memory using about 100MB (i am not complaining, only informing.) because everything is loaded into the RAM to speed up the system performance, etc etc.... sorry I have explained this so many times it's time for an ESET KB article about this. lol  :D

 

Like this time: Ehh supposed to be a link to a post here but it doesn't stay in place after editing, ah what a shame   :huh:

Share this post


Link to post
Share on other sites

Hmmm not even in a new post can I include the link to a post I posted at this forum, so mods can delete this post as it serves no purpose  -_-

Share this post


Link to post
Share on other sites

Mine does not use that much.

Security or Av only?

I dont use security.

While scanning mine uses 5500KB Swex lol

Share this post


Link to post
Share on other sites

:)

 

Swex, i am now beginning to worry about your system :D

 

Do you have a memory leak ?

Is it Windows XP causing your statement of using 100MB ?

Or were you referring to storage space ?

 

Thanks

post-1101-0-76013000-1376467720_thumb.jpg

post-1101-0-69914500-1376467838_thumb.jpg

Share this post


Link to post
Share on other sites

Mine does not use that much.

Security or Av only?

I dont use security.

While scanning mine uses 5500KB Swex lol

That is literally impossible lol.

 

Well you need to look at the virtual mem usage too.

 

Looking in the task manager at this very moment ekrn.exe -> Mem usage 80MB, Virtual Mem usage 98MB 

Sometimes the Mem usage can show 28, 50, 35MB(or whatever), BUT the virtual mem usage always stays around 85-95 MB as it should. 

 

FYI. ESS or NOD32 AV only doesn't matter as the engine is the same in both.

Share this post


Link to post
Share on other sites

:)

 

Swex, i am now beginning to worry about your system :D

 

Do you have a memory leak ?

Is it Windows XP causing your statement of using 100MB ?

Or were you referring to storage space ?

 

Thanks

Haha, no it's by design, you should know about this being an ESET user for quite some time. :P

Share this post


Link to post
Share on other sites

Okay i wasnt looking at the engine, but gui

 

Thanks for clearing that up Swex, i still think 80mb is light and i run 6GB

:)

post-1101-0-66803800-1376471031_thumb.jpg

Share this post


Link to post
Share on other sites

 

:)

 

Swex, i am now beginning to worry about your system :D

 

Do you have a memory leak ?

Is it Windows XP causing your statement of using 100MB ?

Or were you referring to storage space ?

 

Thanks

Haha, no it's by designed, you should know about this being an ESET user for quite some time. :P

 

 

Yah ive been on eset since ver 4

I just recently started to familiarize myself with security more, and had not in the past. :)

 

Edit:

Ok i feel we have borderline hijacked this post although its all related, this is my last :)

Apologies Lonegeek810.

Share this post


Link to post
Share on other sites

Okay i wasnt looking at the engine, but gui

 

Thanks for clearing that up Swex, i still think 80mb is light and i run 6GB

:)

You're welcome. I agree and I surely don't complain! 

 

But you see, when people starts to compare Avast using 5-10MB or Webroot using 2-5MB. Then it's easy to say ESET is too "heavy" on my system it uses too much RAM. Well both you and I know that's not true. It's designed so everything engine, modules etc.. is loaded into the RAM to speed up the system performance (The RAM is faster than the HDD), and also to be low on CPU usage, and HDD I/O usage. So it doesn't use the disk as often as other AV's that might use less RAM but they can still cause a drag on the system because they reads/writes a lot more to/from the disk. I said I wouldn't explain this again but since I cannot copy links to my previous post I felt I needed to. So there you go :)

Share this post


Link to post
Share on other sites

Thanks guys, I may give it a try.

If I have HIPS enabled it will stay around 80mb-to a little over 100 at times but if HIPS is disabled it can be around 10 mb sometimes.

I guess that makes sense swex, my only beef with ESET's HIPS is auto mode don't do jack, interactive mode alerts will drive most people insane so the only mode I usually use is policy based but sometimes it interfere's with software and system changes

Share this post


Link to post
Share on other sites

 

 

:)

 

Swex, i am now beginning to worry about your system :D

 

Do you have a memory leak ?

Is it Windows XP causing your statement of using 100MB ?

Or were you referring to storage space ?

 

Thanks

Haha, no it's by designed, you should know about this being an ESET user for quite some time. :P

 

 

Yah ive been on eset since ver 4

I just recently started to familiarize myself with security more, and had not in the past. :)

 

Edit:

Ok i feel we have borderline hijacked this post although its all related, this is my last :)

Apologies Lonegeek810.

 

I see no problem, but now you know anyway :)

 

Hijacked or not, it was you that mentioned the "low on memory" so I just wanted to "correct" you on that and apparently ended up explaining a bit more about it  :D

Share this post


Link to post
Share on other sites

Also, compared with some of the other apps on my system....

Heck i have browsers and product suites, games, and other things still using twice that much :)

So... low on memory for me , yet high compared to other av products ?!? Maybe ?? Lol

Im trying to be half right lololol

Thanks again ;)

Share this post


Link to post
Share on other sites

Also, compared with some of the other apps on my system....

Heck i have browsers and product suites, games, and other things still using twice that much :)

So... low on memory for me , yet high compared to other av products ?!? Maybe ?? Lol

Im trying to be half right lololol

Thanks again ;)

According to some users yes, but they don't know the reason behinde the higher than average RAM usage. That's why I keep explaining the reason over and over lol.

 

IMO using the RAM is a good thing, not bad.

 

BTW. Read this useful post by Fabian W from Emsisoft and you will get more details: https://www.wilderssecurity.com/showpost.php?p=2257357&postcount=135

Share this post


Link to post
Share on other sites

Also, compared with some of the other apps on my system....

Heck i have browsers and product suites, games, and other things still using twice that much :)

So... low on memory for me , yet high compared to other av products ?!? Maybe ?? Lol

Im trying to be half right lololol

Thanks again ;)

According to some users yes, but they don't know the reason behinde the higher than average RAM usage. That's why I keep explaining the reason over and over lol.

 

IMO using the RAM is a good thing, not bad.

 

BTW. Read this useful post by Fabian W from Emsisoft and you will get more details: https://www.wilderssecurity.com/showpost.php?p=2257357&postcount=135

Good read, but you wanna know something funny. I run a revodrive lol

So if it wants to move from memory to disk thats fine, speed wont change much for me as my nand flash drive is sitting on my pci-ex.

LOL!!!

Thx again Swex

Share this post


Link to post
Share on other sites

 

 

Also, compared with some of the other apps on my system....

Heck i have browsers and product suites, games, and other things still using twice that much :)

So... low on memory for me , yet high compared to other av products ?!? Maybe ?? Lol

Im trying to be half right lololol

Thanks again ;)

According to some users yes, but they don't know the reason behinde the higher than average RAM usage. That's why I keep explaining the reason over and over lol.

 

IMO using the RAM is a good thing, not bad.

 

BTW. Read this useful post by Fabian W from Emsisoft and you will get more details: https://www.wilderssecurity.com/showpost.php?p=2257357&postcount=135

Good read, but you wanna know something funny. I run a revodrive lol

So if it wants to move from memory to disk thats fine, speed wont change much for me as my nand flash drive is sitting on my pci-ex.

LOL!!!

Thx again Swex

 

Do you wanna know something funny, That Link Worked too HAHA.  :D

 

I don't know what an "revodrive" is exactly, but I guess it's like an ramdisk or something like that ?

 

Well having 6GB like you, or 16GB like Fabian. I got 512MB :lol:  (not worth upgrading as the whole PC is 9Yrs old) and even having as little as 512MB I still don't understand people complaining on the RAM usage. It's there to be used, and if it makes the performance better then use it.  B)

 

 You're welcome again :)

Share this post


Link to post
Share on other sites

Thanks guys, I may give it a try.

If I have HIPS enabled it will stay around 80mb-to a little over 100 at times but if HIPS is disabled it can be around 10 mb sometimes.

I guess that makes sense swex, my only beef with ESET's HIPS is auto mode don't do jack, interactive mode alerts will drive most people insane so the only mode I usually use is policy based but sometimes it interfere's with software and system changes

I could be wrong about this, but I believe the HIPS auto mode is there to protect the ESET product itself from infection/being disabled/hijacking/etc as well as some critical windows components. ESET depends on its detection systems to defend everything else.

Share this post


Link to post
Share on other sites

Yes, some quotes from the ESET KB site. Note, it mentions V5, but afaik it applies for later versions too.

 

 

ESET's Host-based Intrusion Prevention System (HIPS) is included in ESET NOD32 Antivirus and ESET Smart Security 5. HIPS monitors system activity and uses a pre-defined set of rules to recognize suspicious system behavior. When this type of activity is identified, the HIPS self-defense mechanism stops the offending program or process from carrying out potentially harmful activity.

 

 

 

Filtering Mode: Here you can select which of four modes HIPS uses to filter system activity. The modes are:

  • Automatic mode with rules: This is the default setting. In this mode operations are enabled except when they violate the pre-defined rule set included with ESET Smart Security and ESET NOD32 Antivirus 5. 
     
  • Interactive mode: Interactive mode will disable the default rule set and is only recommended for advanced users. In interactive mode HIPS will prompt you to Allow or Deny each operation detected. Select the Create rule check box to save your response as the rule for a given operation. Selecting the check box next to Temporarily remember this action for this process will cause the action (Allow/Deny) to be remembered until HIPS rules are changed, the HIPS filtering mode is changed, the HIPS module is updated or your computer is restarted. 
     
  • Policy-based mode: Operations not defined by a rule can be blocked. 
  • Learning mode: In Learning mode, operations are enabled and a rule is created after each operation. Rules created in this mode can be viewed in the Rule editor, but their priority is lower than the priority of rules created manually or rules used in automatic mode.

 

 

 

 

By default, HIPS evaluates only locations (files or Windows registry database) that are predefined as important by ESET. When Allow changes to the application part of the registry when there's no rule defined or Allow changes to data files for which there is no rule defined is disabled, HIPS will evaluate all changes to locations and apply respective rules defined in product. These options (enabled by default) allow you to deny writing to target locations. HIPS will only take these actions when operating in Policy-based mode.

 

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...