Need Advice Configure ESET Antivirus for Maximum Security (by RoboMan)

Please provide comments and solutions that are helpful to the author of this topic.


Level 3
Dec 3, 2021
My friend, have in mind this is my personal opinion, and defines the answer as the way I see home security.

I believe BitDefender is a great standalone product, that's made to install and forget, since it's extremely automatic. Regarding its protection capabilities, it's a top notch product.

On the other hand, ESET offers a different type of security. With this configuration, ESET is the total opposite of "install and forget". This product has the advantage that it can be configured to the way you want to sense security. This thread aims at a user-dependant type of product. This setup will not look to be smart and decide for you, it will prompt you whenever something's not right, because you gave it rules to do so.

Aside from that, the automatic mode from ESET is very smart and its signatures are rather good.

So it's more of a: what am I looking for? Rather than what's best.

If you don't wanna get involved in your security, BitDefender is your choice.
If you want to know everything that's going on within your system, ESET is your choice.

PS: but you must be careful and study your product, because modules such as a HIPS can be extremely smart and secure, but will definitely break your system if you fail to understand how it works.
To compare BitDefender and ESET. I understand that this thread is for people who want to understand things and set up AV to suit themselves. I see it as questionable whether ESET also takes it that way. Looking at ESET's corporate communications, I see the message everywhere: The important thing is the perfect balance.
Security solutions that install in minutes. You simply set them up and then you can leave them to work independently and seamlessly in the background. So install and worry no more. The concept of Balance also implies, in my opinion, a certain caution in the "aggressiveness" of the various default settings, as ESET sees it as better to miss something occasionally than to deal with FP more often. This can be seen in the Default settings of the firewall (everything "out" open), HIPS (almost no blocking) and even the AV engine itself (PUA disabled). ˇProtection effectiveness in various tests should be (and is mostly measured) just in the most user-friendly Default settings.
I also think that AV should work "autonomously" without user interaction. He is working on the PC, not "fighting" with malware. :unsure:

Translated with (free version)


Level 8
Jun 11, 2019
The list of keys to supplement the protection of the registry (some of the keys from this list I have already written here and they have already been added). Register these keys in hips at your own peril and risk. The action for hips is to ask the user.

Startup keys (individual custom)
HKCU\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run (only on 64-bit systems)
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Run
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce (runs the program/command only once, clears it as soon as it is run)
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx (runs the program/command only once, clears it as soon as execution completes)

Startup Keys (all users)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run (only on 64-bit systems)
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce (runs the program/command only once, clears it as soon as it is run)
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx (runs the program/command only once, clears it as soon as execution completes)

Active Setup - To run the command once for each user at login.
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components



Keys indicate drivers that are loaded at startup
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32

Startup Miscellaneous
KLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
HKCU\Control Panel\Desktop\Scrnsave.exe

Group Policy Editor

Shell entries related to startup, such as items displayed when you right-click on files or folders.
Last edited:


Level 3
Dec 3, 2021
What about keys that are listed as recommended but are not on the registry? Could it be that the HIPS rule protects them from being created by malware?
  • Like
Reactions: Sorrento


Level 3
Dec 3, 2021
Maybe here's a better thread on the topic: User Feedback Eset Smart Security Premium HIPS problem

It seems that due to a work method/error (?) it is actually non-functional to protect files from being changed in the "protected" folder. Implementation instructions here:
Implement Protected Folders via HIPS

Just rename the directory and the protection is broken.

The moderator says that a separate protection rule needs to be created for each parent folder.
You cannot use \* at the end of the path. That's why I wrote:

You must create another similar rule for the folder itself, with the target path set exactly to

ESET's "official" instructions (2/2020) for creating a HIPS rule to protect a folder: hips-configuration

Can anyone verify this? How is it then? :unsure:

carl fish

Level 7
Mar 6, 2012
Last update: November 2021

If you're here you may probably have been delighted already by the majestic features of ESET :) Maybe the signatures convinced you? Great static detection for sure. In this thread I will guide you a bit on how to configure your ESET product for maximum security without compromising performance.

  • Why ESET?
ESET's great with signatures, being one of the fastest to add them to their database. It also provides an amazing web filters and phishing protection. As for dynamic protection (real time execution of files) it can be either weak or really smart if configured correctly.
  • Where does this configuration point to?
Of course, security. It will prioritize the maximum lockdown to avoid infection (which may happen if you don't acquire safe habits!). Still, we will make sure it's as light as possible.
  • Is ESET a heavy product?
On the contrary, it's one of the lighter if not the lightest. Almost unnoticable system impact.
  • Should I use it paired with other software?
If necessary, but evaluate which product. For example, OSArmor or VoodooShield can pair up really great, but some extra anti-malware products with real time protection (like HMP.A) may interfere with its features.
  • Can I disable firewall to enable a 3rd party one?
Strongly recommended against. Do not disable any of the components that are not disabled in this configuration. A product works on its whole as a standalone solution, meaning firewall could be connected to real time protection in order to work fully.
  • How does the thing that motivate the world function?
Cannot tell yet. May have that answer on my next firmware upgrade: Roboman 3.51b (beta testing through

The following configuration setup is intended for maximum protection and interactive user approval. This means, you will be consulted about almost everything, in order for you to have full knowledge and control over your system. If you want an install and forget setup, this is not your thread. And probably not your AV lol.

We will start from the premise you just installed ESET, let it update and restarted the machine. Through the installation process you may have found out you're asked if you want to enable two options:

View attachment 196836

Just click YES on both.

If a section is skipped here on the thread it means you should leave it default. Only change what it's specifically told here. Compare the pictures with your configuration and enable/disable.

1. Right click ESET---Advanced setup

View attachment 196837

Recommendation: set on learning mode for a week so all Windows and used software connections are learned, then switch to interactive to be notified about every connections.

View attachment 196855View attachment 196856View attachment 196857

Network attack protection

View attachment 196858View attachment 196859
Here I've added:

  • Hosts file Protection rules
To add these 3 (three) groups of HIPS rules, just use my configuration file and import it into the product: UPLOAD.EE -
WAIT, ROBO! I'm too lazy! Can't I just import your configuration file to my ESET product?
Well sir, yes you can. Download it from here:

This link includes all the modules configuration, and HIPS rules for:
  • Ransomware Protection rules
  • Registry Protection rules
  • Hosts file Protection rules
  • Protected Folders
For instructions on successfully settings up the Protected Folders rules, check this post#60
Q&A - Configure ESET Antivirus for Maximum Security (by RoboMan)
is it ok to use this file in the current version, I have eset premium?


Level 3
Dec 3, 2021
If I see correctly, this is an Antivirus only configuration.
It doesn't include all the options of the Premium version, mainly the firewall and others.
And similarly, I would prefer not to import the settings for an older version, lest unexpected problems arise.
A better way is to set things up manually according to the instructions (even with firewall) and other things.


Level 23
Dec 19, 2012
Hi how is eset for protection and performance?.
I see on here eset firewall and hips gives some major problems to win 10 or 11.
I see the latest av test does not give it as recommended.
Can endpoint av work the same has eset nod32 av?


Level 10
Apr 7, 2016
Hi how is eset for protection and performance?.
I see on here eset firewall and hips gives some major problems to win 10 or 11.
I see the latest av test does not give it as recommended.
Can endpoint av work the same has eset nod32 av?
Good. It's one of the lightest brands regarding performance. It's protection is also in the good end. I use it myself. Our house antivirus expert use it too (at the moment.)
It's the same antivirus engine in both endpoint and nod32.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.