Hello,
Who has the best solution in terms of performance and protection against phishing and malware?
Who has the best solution in terms of performance and protection against phishing and malware?
As it seems not everybody needs a BB, and there are people that can configure Eset to their needs. I never had a problem with it and never got infected.Hips that don't work, everyone knows that, ESET is weak in behavior. Yes, antivirus needs behavior module.
I have extensively tested Hips and it works.Hips that don't work, everyone knows that, ESET is weak in behavior. Yes, antivirus needs behavior module.
I would use Eset in this case, it is very good at blocking adware and websites that offer adware. You might want to enable the PUA blocking feature in the settings, but even on default it has really good protection against dodgy websitesI looking for protection for website. I watch a lot of movies on internet and some websites have very agressive ad systems with porn, hazard and more. (potencionaly phising or malware?)
I have monthly subscription on Hbo go and Netflix, but a lot of movies, what I want see isn't available on this services.
Thread cleaned up from misinformation. Some posts have been removed due to the cleanup.
One thing to note: Different solutions rely on several layers of protections.
Common to misconception: One solution that has Behaviour Blocker does not mean it does not use additional layers of protection. The same for solutions that include HIPS.
ESET has HIPS as already stated, plus signatures between ESET and Avira are not much different, they both high quality.It is not recommended to use antivirus without behavior blocker, Eset has no behavioral blocker, depends mostly on signatures, Avira has better signatures than ESET, it has always been like this, F Secure uses avira engine, however it has a very bad behavior blocker and cannot remove threaten properly. Emsisoft has a strong behavior blocker, which is no different from Bitdefender, which can generate false positives.
Yes ESET don't have a typical behavior bkocker but results shows that they don't need it as much as some users may think. ESET does a lot with their signatures and can detect most new threats better than most other AVs with their smart signatures.Eset has no behavioral blocker, depends mostly on signatures, Avira has better signatures than ESET
Could you elaborate on what sets off the HIPS? In the past I’ve tried writing some naive attempts at ransomware or startup annoyance ware and they tend to set off Kaspersky, Norton, F-Secure, etc but ESET didn’t react, at least not until someone complained on their forums and got a signature written for them. I figure the module does something, I just couldn’t figure out through experimentation.I have extensively tested Hips and it works.
Smart mode works fine.
If you are paranoid, learning then policy based or annoying interactive mode.
The default setting is questionable but still works.
Clearly you are not familiar with ESET and how it works. perhaps you would like to try in a VM and also read the user documentation/KB
I wrote some rules in the past but the easiest way was the following:Could you elaborate on what sets off the HIPS? In the past I’ve tried writing some naive attempts at ransomware or startup annoyance ware and they tend to set off Kaspersky, Norton, F-Secure, etc but ESET didn’t react, at least not until someone complained on their forums and got a signature written for them. I figure the module does something, I just couldn’t figure out through experimentation.
Thank you sir. I definitely can see the protection value of learning mode and manual rules but I was wondering if the default Smart mode without any training would stop zero day attacks and in my experience it was not generalized like that. Perhaps they did program in rules for very specific malware activities that are unique to a family of real malware but it did not respond at all to the more general example of an unsigned EXE that loops through your documents and replaces them with encrypted copies (a pattern that most behavior blockers react to in the naive form, and many behavior blockers can even protect against in trickier forms)I wrote some rules in the past but the easiest way was the following:
Knowing that your system is clean, set to learning mode for a couple of days max - perform most of your actions: launch often use programs, etc.
then switch to interactive mode for a few more days, you might have some pop ups or not. Then go Policy Based mode. Alternatively keep interactive mode since most rules should be populated by now anyway. Smart mode is the extremely lazy mode but I still recommend some rules before using smart mode.
Taken directly from KB:
HIPS settings
Filtering Mode—There are five filtering modes you can select to change how HIPS filters system activity. The modes are:
.
- Automatic mode: This is the default setting. In this mode, operations are enabled except for those that are blocked by pre-defined rules that protect your system.
- Smart mode: You will only receive notifications about suspicious system events.
- Interactive mode: Only recommended for advanced users. You will receive notifications that prompt you to Allow or Deny each operation detected. Select the Create rule check box to save your response as the rule for a given operation. Selecting the check box next to Temporarily remember this action for this process will cause the action (Allow/Deny) to be remembered until HIPS rules are changed, the HIPS filtering mode is changed, the HIPS module is updated or your computer is restarted.
- Policy-based mode: Operations not defined by a rule are blocked. See HIPS—Advanced setup for more details.
- Learning mode: In Learning mode, operations are enabled and a rule is created after each operation. Rules created in this mode can be viewed in the Rule editor, but their priority is lower than the priority of rules created manually or rules used in automatic mode.
- Selecting Learning mode enables the Learning mode will end at option. Once the specific time period passes, Learning mode is disabled. The maximum time period is 14 days. After this time period has passed, you will be prompted to edit the rules and select a different filtering mode.
Ill point you to Page 1 post #17Although Eset. it has tools, like a great heuristic, a great number of signatures and of course the HIPS.
BUT, HIPS is not for all users, it is annoying for a user who does not know how to respond to the alerts it generates. Like the Comodo suite that also comes with HIPS.
I think that for a non-advanced user a behavior detector is preferable, like the one that Emsisoft or F Secure have
Although Eset. it has tools, like a great heuristic, a great number of signatures and of course the HIPS.
BUT, HIPS is not for all users, it is annoying for a user who does not know how to respond to the alerts it generates. Like the Comodo suite that also comes with HIPS.
I think that for a non-advanced user a behavior detector is preferable, like the one that Emsisoft or F Secure have
Avira does have better signatures than ESET, so much so that it always does better in tests.Yes ESET don't have a typical behavior bkocker but results shows that they don't need it as much as some users may think. ESET does a lot with their signatures and can detect most new threats better than most other AVs with their smart signatures.
And no, Avira don't have better signatures than ESET. Avira is far worse. It's very good against exe based malwares but awful against scripts. Also, I'm not sure why you're saying F-Secure has a bad behavior blocker. It's very good actually. But I agree with you on the removal part. F-Secure's malware removal is very bad indeed. Kaspersky, Bitdefender, Norton, Microsoft Defender are your best bet if you want an AV with good malware removal ability. F-Secure would be near the bottom if not at the bottom in this category.
Btw, in case of ESET, I have tested ESET for almost a year here on the malware hub. You can check the results to get an idea about how ESET performs. (Spoiler: Extremely good results overall).
P.S. Personally opinion: Behavior blockers are overrated for home users. I never needed an AV to save me with its behavior blocker. If the AV has good and fast signatures, a user would almost never see the behavior blocker in action.
Yea, but that remains the only thing in which it is better in my opinion. Eset is way lighter, provides more options and security functions.Avira does have better signatures than ESET, so much so that it always does better in tests.
never, Avira is much lighter than ESET, but just like ESET does not have a good behavior module.Yea, but that remains the only thing in which it is better in my opinion. Eset is way lighter, provides more options and security functions.
Good if it is lighter for you, but i had a better experience with Eset so far.never, Avira is much lighter than ESET, but just like ESET does not have a good behavior module.