Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
ESET
Configure ESET Antivirus for Maximum Security (by RoboMan)
Message
<blockquote data-quote="RoboMan" data-source="post: 760727" data-attributes="member: 53544"><p><em><span style="font-size: 12px">Last update: November 2021</span></em></p><p></p><p>If you're here you may probably have been delighted already by the majestic features of ESET <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /> Maybe the signatures convinced you? Great static detection for sure. In this thread I will guide you a bit on how to configure your ESET product for maximum security without compromising performance.</p><p></p><p>[SPOILER="FAQ's"]</p><ul> <li data-xf-list-type="ul"><strong>Why ESET?</strong></li> </ul><p>ESET's great with signatures, being one of the fastest to add them to their database. It also provides an amazing web filters and phishing protection. As for dynamic protection (real time execution of files) it can be either weak or really smart if configured correctly.</p><ul> <li data-xf-list-type="ul"><strong>Where does this configuration point to?</strong></li> </ul><p>Of course, security. It will prioritize the maximum lockdown to avoid infection (which may happen if you don't acquire safe habits!). Still, we will make sure it's as light as possible.</p><ul> <li data-xf-list-type="ul"><strong>Is ESET a heavy product?</strong></li> </ul><p>On the contrary, it's one of the lighter if not the lightest. Almost unnoticable system impact.</p><ul> <li data-xf-list-type="ul"><strong>Should I use it paired with other software?</strong></li> </ul><p>If necessary, but evaluate which product. For example, OSArmor or VoodooShield can pair up really great, but some extra anti-malware products with real time protection (like HMP.A) may interfere with its features.</p><ul> <li data-xf-list-type="ul"><strong>Can I disable firewall to enable a 3rd party one?</strong></li> </ul><p>Strongly recommended against. Do not disable any of the components that are not disabled in this configuration. A product works on its whole as a standalone solution, meaning firewall could be connected to real time protection in order to work fully.</p><ul> <li data-xf-list-type="ul"><strong>How does the thing that motivate the world function?</strong></li> </ul><p>Cannot tell yet. May have that answer on my next firmware upgrade: Roboman 3.51b (beta testing through <a href="http://www.robomanAI.com/betatesting" target="_blank">www.robomanAI.com/betatesting</a>).[/SPOILER]</p><p>---------------------------------</p><p><strong>CONFIGURATION</strong></p><p></p><p>The following configuration setup is intended for maximum protection and interactive user approval. This means, you will be consulted about almost everything, in order for you to have full knowledge and control over your system. If you want an install and forget setup, this is not your thread. And probably not your AV lol.</p><p></p><p>We will start from the premise you just installed ESET, let it update and restarted the machine. Through the installation process you may have found out you're asked if you want to enable two options:</p><p></p><p>[ATTACH]196836[/ATTACH]</p><p></p><p>Just click YES on both.</p><p></p><p><strong>If a section is skipped here on the thread it means you should leave it default. Only change what it's specifically told here. Compare the pictures with your configuration and enable/disable.</strong></p><p></p><p>1. Right click ESET---Advanced setup</p><p></p><p>[ATTACH]196837[/ATTACH]</p><p></p><p>[SPOILER="DETECTION ENGINE"]</p><p></p><p><strong>[ATTACH]196838[/ATTACH]</strong></p><p><strong></strong></p><p><strong>Real-time system protection</strong></p><p><strong></strong></p><p><strong>[ATTACH]196839[/ATTACH][ATTACH]196840[/ATTACH][ATTACH]196841[/ATTACH]</strong></p><p><strong></strong></p><p><strong>Cloud based protection</strong></p><p><strong></strong></p><p><strong>[ATTACH]196842[/ATTACH]</strong></p><p><strong></strong></p><p><strong>Malware scans</strong></p><p></p><p>1. Select "smart scan" and apply the following configuration</p><p></p><p>[ATTACH]196843[/ATTACH][ATTACH]196844[/ATTACH][ATTACH]196845[/ATTACH]</p><p>[ATTACH]196846[/ATTACH][ATTACH]196847[/ATTACH][ATTACH]196848[/ATTACH][ATTACH]196849[/ATTACH][ATTACH]196850[/ATTACH][ATTACH]196851[/ATTACH][ATTACH]196852[/ATTACH]</p><p></p><p><strong>HIPS</strong></p><p><strong></strong></p><p><strong>[ATTACH]196853[/ATTACH][ATTACH]196854[/ATTACH]</strong>[/SPOILER]</p><p>[SPOILER="NETWORK PROTECTION"]</p><p></p><p><strong>Firewall</strong></p><p><strong>Recommendation: set on learning mode for a week so all Windows and used software connections are learned, then switch to interactive to be notified about every connections.</strong></p><p></p><p>[ATTACH]196855[/ATTACH][ATTACH]196856[/ATTACH][ATTACH]196857[/ATTACH]</p><p></p><p><strong>Network attack protection</strong></p><p></p><p>[ATTACH]196858[/ATTACH][ATTACH]196859[/ATTACH][/SPOILER]</p><p>[SPOILER="DEVICE CONTROL"][ATTACH]196860[/ATTACH][/SPOILER]</p><p>[SPOILER="TOOLS"][ATTACH]196861[/ATTACH][/SPOILER]</p><p>[SPOILER="HIPS"]</p><p>Here I've added:</p><ul> <li data-xf-list-type="ul"><strong>Ransomware Protection</strong> rules: as per <a href="https://support.eset.com/en/kb6119-configure-hips-rules-for-eset-business-products-to-protect-against-ransomware#" target="_blank">[KB6119] Configure HIPS rules for ESET business products to protect against ransomware (8.x)</a>)</li> <li data-xf-list-type="ul"><strong>Registry Protection </strong>rules:</li> </ul><p></p><ul> <li data-xf-list-type="ul"><strong>Hosts file Protection</strong> rules</li> </ul><p>To add these 3 (three) groups of HIPS rules, just use my configuration file and import it into the product: <a href="https://www.upload.ee/files/13665475/ESET_NOD32_November_2021.xml.html" target="_blank">UPLOAD.EE - https://www.upload.ee/files/13687257/ESET_NOD32_December_2021.xml.html</a></p><p>[/SPOILER]</p><p>---------------------------------</p><p><strong><span style="color: rgb(184, 49, 47)"><span style="font-size: 15px">WAIT, ROBO!</span> </span>I'm too lazy! Can't I just import your configuration file to my ESET product? </strong></p><p>Well sir, yes you can. Download it from here:</p><p></p><p>[URL unfurl="true"]https://www.upload.ee/files/13687257/ESET_NOD32_December_2021.xml.html[/URL]</p><p></p><p>This link includes all the modules configuration, and HIPS rules for:</p><ul> <li data-xf-list-type="ul"><strong>Ransomware Protection</strong> rules</li> <li data-xf-list-type="ul"><strong>Registry Protection </strong>rules</li> <li data-xf-list-type="ul"><strong>Hosts file Protection</strong> rules</li> <li data-xf-list-type="ul"><strong><strong>Protected Folders</strong></strong></li> </ul><p>For instructions on successfully settings up the <strong>Protected Folders</strong> rules, check this post#60</p><p> <a href="https://malwaretips.com/threads/configure-eset-antivirus-for-maximum-security-by-roboman.86348/page-3#post-967053" target="_blank">Q&A - Configure ESET Antivirus for Maximum Security (by RoboMan)</a></p></blockquote><p></p>
[QUOTE="RoboMan, post: 760727, member: 53544"] [I][SIZE=3]Last update: November 2021[/SIZE][/I] If you're here you may probably have been delighted already by the majestic features of ESET :) Maybe the signatures convinced you? Great static detection for sure. In this thread I will guide you a bit on how to configure your ESET product for maximum security without compromising performance. [SPOILER="FAQ's"] [LIST] [*][B]Why ESET?[/B] [/LIST] ESET's great with signatures, being one of the fastest to add them to their database. It also provides an amazing web filters and phishing protection. As for dynamic protection (real time execution of files) it can be either weak or really smart if configured correctly. [LIST] [*][B]Where does this configuration point to?[/B] [/LIST] Of course, security. It will prioritize the maximum lockdown to avoid infection (which may happen if you don't acquire safe habits!). Still, we will make sure it's as light as possible. [LIST] [*][B]Is ESET a heavy product?[/B] [/LIST] On the contrary, it's one of the lighter if not the lightest. Almost unnoticable system impact. [LIST] [*][B]Should I use it paired with other software?[/B] [/LIST] If necessary, but evaluate which product. For example, OSArmor or VoodooShield can pair up really great, but some extra anti-malware products with real time protection (like HMP.A) may interfere with its features. [LIST] [*][B]Can I disable firewall to enable a 3rd party one?[/B] [/LIST] Strongly recommended against. Do not disable any of the components that are not disabled in this configuration. A product works on its whole as a standalone solution, meaning firewall could be connected to real time protection in order to work fully. [LIST] [*][B]How does the thing that motivate the world function?[/B] [/LIST] Cannot tell yet. May have that answer on my next firmware upgrade: Roboman 3.51b (beta testing through [URL='http://www.robomanAI.com/betatesting']www.robomanAI.com/betatesting[/URL]).[/SPOILER] --------------------------------- [B]CONFIGURATION[/B] The following configuration setup is intended for maximum protection and interactive user approval. This means, you will be consulted about almost everything, in order for you to have full knowledge and control over your system. If you want an install and forget setup, this is not your thread. And probably not your AV lol. We will start from the premise you just installed ESET, let it update and restarted the machine. Through the installation process you may have found out you're asked if you want to enable two options: [ATTACH alt="2018-08-29 13_17_56-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196836[/ATTACH] Just click YES on both. [B]If a section is skipped here on the thread it means you should leave it default. Only change what it's specifically told here. Compare the pictures with your configuration and enable/disable.[/B] 1. Right click ESET---Advanced setup [ATTACH alt="2018-08-29 13_32_07-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196837[/ATTACH] [SPOILER="DETECTION ENGINE"] [B][ATTACH alt="2018-08-29 13_32_53-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196838[/ATTACH] Real-time system protection [ATTACH alt="2018-08-29 13_33_15-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196839[/ATTACH][ATTACH alt="2018-08-29 13_34_00-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196840[/ATTACH][ATTACH alt="2018-08-29 13_34_20-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196841[/ATTACH] Cloud based protection [ATTACH alt="2018-08-29 13_34_50-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196842[/ATTACH] Malware scans[/B] 1. Select "smart scan" and apply the following configuration [ATTACH alt="2018-08-29 13_36_18-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196843[/ATTACH][ATTACH alt="2018-08-29 13_36_31-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196844[/ATTACH][ATTACH alt="2018-08-29 13_36_39-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196845[/ATTACH] [ATTACH alt="2018-08-29 13_37_18-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196846[/ATTACH][ATTACH alt="2018-08-29 13_37_43-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196847[/ATTACH][ATTACH alt="2018-08-29 13_38_13-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196848[/ATTACH][ATTACH alt="2018-08-29 13_38_31-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196849[/ATTACH][ATTACH alt="2018-08-29 13_38_42-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196850[/ATTACH][ATTACH alt="2018-08-29 13_38_56-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196851[/ATTACH][ATTACH alt="2018-08-29 13_39_17-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196852[/ATTACH] [B]HIPS [ATTACH alt="2018-08-29 13_39_34-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196853[/ATTACH][ATTACH alt="2018-08-29 13_40_11-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196854[/ATTACH][/B][/SPOILER] [SPOILER="NETWORK PROTECTION"] [B]Firewall Recommendation: set on learning mode for a week so all Windows and used software connections are learned, then switch to interactive to be notified about every connections.[/B] [ATTACH alt="2018-08-29 13_40_34-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196855[/ATTACH][ATTACH alt="2018-08-29 13_41_06-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196856[/ATTACH][ATTACH alt="2018-08-29 13_41_22-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196857[/ATTACH] [B]Network attack protection[/B] [ATTACH alt="2018-08-29 13_41_37-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196858[/ATTACH][ATTACH alt="2018-08-29 13_41_54-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196859[/ATTACH][/SPOILER] [SPOILER="DEVICE CONTROL"][ATTACH alt="2018-08-29 13_43_03-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196860[/ATTACH][/SPOILER] [SPOILER="TOOLS"][ATTACH alt="2018-08-29 13_43_24-Lab (no av + tools) [Corriendo] - Oracle VM VirtualBox.png"]196861[/ATTACH][/SPOILER] [SPOILER="HIPS"] Here I've added: [LIST] [*][B]Ransomware Protection[/B] rules: as per [URL='https://support.eset.com/en/kb6119-configure-hips-rules-for-eset-business-products-to-protect-against-ransomware#'][KB6119] Configure HIPS rules for ESET business products to protect against ransomware (8.x)[/URL]) [*][B]Registry Protection [/B]rules: [/LIST] [LIST] [*][B]Hosts file Protection[/B] rules [/LIST] To add these 3 (three) groups of HIPS rules, just use my configuration file and import it into the product: [URL='https://www.upload.ee/files/13665475/ESET_NOD32_November_2021.xml.html']UPLOAD.EE - https://www.upload.ee/files/13687257/ESET_NOD32_December_2021.xml.html[/URL] [/SPOILER] --------------------------------- [B][COLOR=rgb(184, 49, 47)][SIZE=4]WAIT, ROBO![/SIZE] [/COLOR]I'm too lazy! Can't I just import your configuration file to my ESET product? [/B] Well sir, yes you can. Download it from here: [URL unfurl="true"]https://www.upload.ee/files/13687257/ESET_NOD32_December_2021.xml.html[/URL] This link includes all the modules configuration, and HIPS rules for: [LIST] [*][B]Ransomware Protection[/B] rules [*][B]Registry Protection [/B]rules [*][B]Hosts file Protection[/B] rules [*][B][B]Protected Folders[/B][/B] [/LIST] For instructions on successfully settings up the [B]Protected Folders[/B] rules, check this post#60 [URL='https://malwaretips.com/threads/configure-eset-antivirus-for-maximum-security-by-roboman.86348/page-3#post-967053']Q&A - Configure ESET Antivirus for Maximum Security (by RoboMan)[/URL] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
