Status
Not open for further replies.

HarborFront

Level 53
Verified
Content Creator
Just for the hell of it, I just came across a couple of websites talking positively about Kaspersky Anti-Ransomware for Business which individuals can download as well.

I disabled the Eset IS Ransomware Shield, and am running this tool alongside it. No conflicts so far or slow down. At

Everything else I tweaked with Roboman's configuration file posted above. Might be a good combo.
Hi

I downloaded Roboman's xml configuration file but when opened it shows gibberish. You use what to open/view that file?
 

SearchLight

Level 9
Verified
Hi

I downloaded Roboman's xml configuration file but when opened it shows gibberish. You use what to open/view that file?
When you open the eset gui, and see status, on the bottom lower right, you will see option to import export XML file. Click on it, and you will be able to load Roboman config file.

Attached is a screenshot. Click on "Setup" and it will take you to the menu.
 

Attachments

Last edited:

Nightwalker

Level 20
Verified
Trusted
Content Creator
Just for the hell of it, I just came across a couple of websites talking positively about Kaspersky Anti-Ransomware for Business which individuals can download as well.

I disabled the Eset IS Ransomware Shield, and am running this tool alongside it. No conflicts so far or slow down. At

Everything else I tweaked with Roboman's configuration file posted above. Might be a good combo.
Dont do that, please keep Ransomware Shield enabled and remove Kaspersky Anti Ransomware.

KAR is a good piece of software but it isnt necessary to have along ESET, the latter has all the tools to protect your machine, no need to add complexity and conflict risks.

You can use the settings that I posted above or you can just install NoVirus Thanks OSArmor.
 

SearchLight

Level 9
Verified
Dont do that, please keep Ransomware Shield enabled and remove Kaspersky Anti Ransomware.

KAR is a good piece of software but it isnt necessary to have along ESET, the latter has all the tools to protect your machine, no need to add complexity and conflict risks.

You can use the settings that I posted above or you can just install NoVirus Thanks OSArmor.
Took your advice.

Removed Kaspersky, and installed OSArmor alongside EIS with no configuration, using as is. I re-enabled Eset's Ransomware Shield again.

Anything that OSA alerts me to that I recognize, I just click on Exclusion. (The only thing I observed is sometimes the OSA Alert appears low in the system tray, hiding the Exclusion button before it times out. Had to retry a few times to prevent OSA from blocking a recognized program because of this.)

I think with Roboman's config file, and the addition of OSArmor, I should be good to go.

Thanks.
 

RoboMan

Level 30
Verified
Content Creator
Malware Tester
Your quote


If none is perfect then how can a well-configured HIPS outplay ANY ransomware module?
Because of the way it works mate. Starting by the premise that nothing is perfect on the IT field, since there are thousands of cybercriminals studying and creating ways to bypass it. Nevertheless, an anti ransomware module, at least the ones I've seen, work by either creating a safe space to guard your documents (which advanced ransomware can skip and infect) or studying processes and behaviour on your system to detect any changes or weird movements. Some of them will even detect the first file encryption, stop the ransomware and rollback the single encrypted file. This, despite may work, is not useful for all ransomware types. Meanwhile, while HIPS isn't "perfect" as well, will be studying and monitoring every single movement on your system, not just the typical ransomware ones. So, if such case occurs, and ransomware use new techniques that anti ransomware modules can't catch, a well configured HIPS may be able to stop it and notify you. Let me quote this specific Umbra's post:
You have an HIPS , it is stronger than any anti-exe (or similar) like OSA because it covers more areas. Just create the proper rules in the HIPS.
Peace! :)
 
Status
Not open for further replies.
Top