- Apr 1, 2019
- 2,868
Thanks! In my search I clearly missed this.
Please provide comments and solutions that are helpful to the author of this topic.
Hi RoboThe whole configuration file (including these HIPS rules and the mentioned rules in Q&A - Configure ESET Antivirus for Maximum Security (by RoboMan) can be downloaded here: UPLOAD.EE - eset_19.xml - Download
My friend, I can't seem to find this particular file among my folders. I did find NOD32 one, with the ransomware rules included. Give it a try, if it doesn't work, I'll make a new one for tonight.Hi Robo
It looks like the xml file is gone, is it possible you can upload it? THANKS.
My friend, I can't seem to find this particular file among my folders. I did find NOD32 one, with the ransomware rules included. Give it a try, if it doesn't work, I'll make a new one for tonight.
You should! Add it to the testing queue. You should call it "ESET test with the amazing configuration of the great RoboMan, leader of all robots, first of his name, breaker of chains and mother of dragons".Good job!
I will use it if I have to test Eset
you'll figure it out just do more research about it.Unfortunately after reading all this topic from the great and greatest robot of all times @RoboMan I found out that I always used ESET the wrong way (install and forget) I need to study more about all ESET modes (interactive, intelligent among others) and also more deeply about HIPS however I have a little difficulty because I find the documentation on ESET's website a little complicated to read
Unfortunately after reading all this topic from the great and greatest robot of all times @RoboMan I found out that I always used ESET the wrong way (install and forget) I need to study more about all ESET modes (interactive, intelligent among others) and also more deeply about HIPS however I have a little difficulty because I find the documentation on ESET's website a little complicated to read
I am using Bitdefender, but I will do that soon. I was curious to find out how powerful the HIPS feature is (which I have always used in automatic mode for lack of knowledge and exploration).you'll figure it out just do more research about it.
Yes, that's the way I always used it. I just made some adjustments to the ThreadSense parameters like "Clear and Delete" to make it more "automatic" and it always worked for me. I used ESET for 3 years straight and never got infected in that time.There is no wrong way, ESET at default settings is more than enough ("install and forget"), it is a balanced combination of performance x detection and low false positive rate/low user interaction.
That's right, usually two weeks in learning mode will cover up mostly everything. Then switch to interactive. You need to make sure your system is malware-free before switching to learning in any module. The aforementioned setup configuration + the ransomware rules can be imported with my configuration fileFrom what I understand, people leave HIPS in "Learning" mode for a few days, after that time HIPS they turn on "Interactive" mode because most of the rules have already been created and the ones that haven't will be asked to decide what action to take.
Took me a while to write all those rules (from eset kb) but they're exactly what a pc needs to be protected from ransomware. I'm wondering if @Shadowra could test this setup against different ransomware variants.Yes, that's the way I always used it. I just made some adjustments to the ThreadSense parameters like "Clear and Delete" to make it more "automatic" and it always worked for me. I used ESET for 3 years straight and never got infected in that time.
The rules I use in HIPS are these:
Once I here already advised to add these registry keys under the protection of HIPS. This was advised to me by one user on the Russian forum.Yes, that's the way I always used it. I just made some adjustments to the ThreadSense parameters like "Clear and Delete" to make it more "automatic" and it always worked for me. I used ESET for 3 years straight and never got infected in that time.
The rules I use in HIPS are these:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\*
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\*
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\*
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\*
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\*
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\*
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\*
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\*
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\*
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\*
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DatabasePath
My friend, have in mind this is my personal opinion, and defines the answer as the way I see home security.My noble robo master @RoboMan, it may seem like a totally random and meaningless question, but in your opinion if I use ESET with all these rules is the protection better than Bitdefender's protection, equal or still inferior to Bitdefender?
My question is due to the fact that I keep wondering, how much do these rules make ESET an AV with better protection than other software in the market?
This is a good question to try to be answered, especially for undecided people like me who own 215151511929 AV software licenses and keep switching between them (as long as they don't find themselves in one of them for the positive/negative points).
Perfectly said! +1000My friend, have in mind this is my personal opinion, and defines the answer as the way I see home security.
I believe BitDefender is a great standalone product, that's made to install and forget, since it's extremely automatic. Regarding its protection capabilities, it's a top notch product.
On the other hand, ESET offers a different type of security. With this configuration, ESET is the total opposite of "install and forget". This product has the advantage that it can be configured to the way you want to sense security. This thread aims at a user-dependant type of product. This setup will not look to be smart and decide for you, it will prompt you whenever something's not right, because you gave it rules to do so.
Aside from that, the automatic mode from ESET is very smart and its signatures are rather good.
So it's more of a: what am I looking for? Rather than what's best.
If you don't wanna get involved in your security, BitDefender is your choice.
If you want to know everything that's going on within your system, ESET is your choice.
PS: but you must be careful and study your product, because modules such as a HIPS can be extremely smart and secure, but will definitely break your system if you fail to understand how it works.
Exactly my case!!Especially for undecided people like me who own 215151511929 AV software licenses and keep switching between them (as long as they don't find themselves in one of them for the positive/negative points).