Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Written Reviews - Security and Privacy
ESET Internet Security
Message
<blockquote data-quote="Zorro" data-source="post: 964554" data-attributes="member: 80312"><p>The confirmation I received now from Virustotal, where ESET designates this site as secure. It is all the more surprising why it blocks it on the local system. Perhaps ESET detects some individual scripts on the site or something else, but it completely blocks access to the site, and not to some of its separate parts, although the site itself is classified as safe (judging by its own detection on Virustotal). All information in the screenshot.</p><p></p><p>Although I have not previously used the ESET antivirus, however, I have been watching all the videos with antivirus testing on the COMSS website since 2013. ESET is being tested as well, and you can even look at the full selection of ESET tests, starting from 2013. The last test was two months ago. The version of Endpoint was tested </p><p>Internet Security version 14 was tested exactly one year ago, in November 2020. In this case, you can compare the work of HIPS 7-9 years ago and now. I noticed that earlier the work of HIPS was noticeable, the antivirus reacted to the launch of suspicious programs with a large number of HIPS alerts, but in the tests in recent years there was not a single HIPS reaction to the launch of a large number of suspicious programs. And this is noticed not only by me, but also by other users. Perhaps the developers decided that alerts would scare unprepared users, or that users may misunderstand and infect the system by clicking the Allow option, therefore, they reduced the number of preset rules in HIPS, at the same time making them unavailable for viewing by the user (so that especially curious users could not dig deeper, and inexperienced users could not harm themselves). But as a result, we see that HIPS practically stopped responding to anything. If I hadn't written the rules myself, I wouldn't have seen a single alert in a year.</p><p>In particular, one more point is not clear to me with HIPS. The developers themselves recommend writing several rules in HIPS to improve protection against ransomware. <a href="https://support.eset.com/en/kb6119-configure-hips-rules-for-eset-business-products-to-protect-against-ransomware" target="_blank">[KB6119] Configure HIPS rules for ESET business products to protect against ransomware (8.x)</a> Yes, this is recommended for business users. But don't home users suffer from ransomware? On the contrary, I think that home users suffer from ransomware no less than corporate users.</p><p>Here, on this forum, ESET was also tested. With and without recommended HIPS guidelines. And protection with prescribed rules is almost 100%, and without prescribed recommended rules - much lower.</p><p>Why can't developers make an option in HIPS in the form of a toggle that would activate the rules recommended by the developers themselves to protect against ransomware with one click of the user? Call it, for example, "Enhanced protection against ransomware" or something else <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /> Are the developers afraid that this will lead to problems for users? Of course, I cannot speak for all users, but for myself I can. I wrote these rules right away, and for a year there was not a single problem when installing any programs and other actions. However, I registered in the rules the action is not a Block, but a Question to the user. But there was not a single alert (except for alerts about other rules). If there are fears of blocking, then let there be an action - a question to the user. Let's admit this option, which activates this set of HIPS rules, will be inactive by default (disable rules), but when installing the antivirus, the user will be prompted to enable it, as it is suggested with the PUP detection option. And the user will decide whether he needs it or not. Is it technically impossible to do this?</p></blockquote><p></p>
[QUOTE="Zorro, post: 964554, member: 80312"] The confirmation I received now from Virustotal, where ESET designates this site as secure. It is all the more surprising why it blocks it on the local system. Perhaps ESET detects some individual scripts on the site or something else, but it completely blocks access to the site, and not to some of its separate parts, although the site itself is classified as safe (judging by its own detection on Virustotal). All information in the screenshot. Although I have not previously used the ESET antivirus, however, I have been watching all the videos with antivirus testing on the COMSS website since 2013. ESET is being tested as well, and you can even look at the full selection of ESET tests, starting from 2013. The last test was two months ago. The version of Endpoint was tested Internet Security version 14 was tested exactly one year ago, in November 2020. In this case, you can compare the work of HIPS 7-9 years ago and now. I noticed that earlier the work of HIPS was noticeable, the antivirus reacted to the launch of suspicious programs with a large number of HIPS alerts, but in the tests in recent years there was not a single HIPS reaction to the launch of a large number of suspicious programs. And this is noticed not only by me, but also by other users. Perhaps the developers decided that alerts would scare unprepared users, or that users may misunderstand and infect the system by clicking the Allow option, therefore, they reduced the number of preset rules in HIPS, at the same time making them unavailable for viewing by the user (so that especially curious users could not dig deeper, and inexperienced users could not harm themselves). But as a result, we see that HIPS practically stopped responding to anything. If I hadn't written the rules myself, I wouldn't have seen a single alert in a year. In particular, one more point is not clear to me with HIPS. The developers themselves recommend writing several rules in HIPS to improve protection against ransomware. [URL='https://support.eset.com/en/kb6119-configure-hips-rules-for-eset-business-products-to-protect-against-ransomware'][KB6119] Configure HIPS rules for ESET business products to protect against ransomware (8.x)[/URL] Yes, this is recommended for business users. But don't home users suffer from ransomware? On the contrary, I think that home users suffer from ransomware no less than corporate users. Here, on this forum, ESET was also tested. With and without recommended HIPS guidelines. And protection with prescribed rules is almost 100%, and without prescribed recommended rules - much lower. Why can't developers make an option in HIPS in the form of a toggle that would activate the rules recommended by the developers themselves to protect against ransomware with one click of the user? Call it, for example, "Enhanced protection against ransomware" or something else :) Are the developers afraid that this will lead to problems for users? Of course, I cannot speak for all users, but for myself I can. I wrote these rules right away, and for a year there was not a single problem when installing any programs and other actions. However, I registered in the rules the action is not a Block, but a Question to the user. But there was not a single alert (except for alerts about other rules). If there are fears of blocking, then let there be an action - a question to the user. Let's admit this option, which activates this set of HIPS rules, will be inactive by default (disable rules), but when installing the antivirus, the user will be prompted to enable it, as it is suggested with the PUP detection option. And the user will decide whether he needs it or not. Is it technically impossible to do this? [/QUOTE]
Insert quotes…
Verification
Post reply
Top
