Guide | How To ESET Smart Security for Max Protection

The associated guide may contain user-generated or external content.
D

Deleted member 178

Thread author
OK, since i have some request to how i set ESET for max protection; there the answer. (picture based with annotations)

QZdUqhF.jpg


Warning:

- This setting may have a negative impact on resources usage and responsiveness for low-end machines.
- This setting will generate more alerts than default setting and may hamper your browsing experience.

first of all, we go to Setup > Enter Advanced Setup


1- COMPUTER

A- Antivirus and Antispyware

YR6BEro.jpg

B- Real-Time System Protection

y6YRP6q.jpg

Tick all boxes, then enter setup:

-Object: tick all
-Options: Tick all

Code:
Advanced heuristics/DNA/Smart signatures – Advanced heuristics consist of a unique heuristic algorithm developed by ESET, optimized for detecting computer worms and trojan horses and written in high level programming languages. Thanks to advanced heuristics, the detection capabilities of the program are significantly higher. Signatures can reliably detect and identify viruses. Utilizing the automatic update system, new signatures are available within a few hours of a threat discovery. The disadvantage of signatures is that they only detect viruses they know (or their slightly modified versions).

-Cleaning: up to you, "No cleaning" will let you choose what action to take.
-Extensions tick "select all"
-Limit: let it to default
-Other: tick enable "Smart optimization"

Advanced Setup

mnlnAko.jpg

C- On-Demand Computer Scan

this is the manual scan settings, set them as you wish.

-ThreatSense Engine parameter setup : mostly repeat step 1-B; in "Other" also tick Scan alternate data streams (ADS)

Code:
 – Alternate data streams used by the NTFS file system are file and folder associations which are invisible by ordinary scanning techniques. Many infiltrations try to avoid detection by disguising themselves as alternate data streams.

D- Document Protection

Enable it

-ThreatSense Engine parameter setup: same as Step 1-B


E- Startup Scan

Same as step 1-B


F- Idle-State Scanning

Enable it if you need it, ThreatSense settings is same as Step 1-B


G- Exclusions

Set there any other security apps you have.

H- Removable Media

create rules for every USB/Ext-HDD/pendrives/mobile phones you own, so you will be protected from infections

rVfHsso.jpg


I- HIPS

The most complicated part, i suggest you to set it on "Learning Mode" for few hours, during this time, you will have to launch every softwares/windows tools you used to use and known to be safe (mostly those that don't need an internet connection to run).
After you will set the HIPS to "Interactive Mode".

U8CCHxL.jpg

-Advanced Setup: Tick all


2- NETWORK (under testing)

A- Personal Firewall

i found ESET Firewall quite good especially with its IDS feature, that block malwares at the network level), Set it to "Interactive"

Rule and Zone

i let it as default, you may change some rules later depending your system.

IDS and Advanced Options

my favorite firewall feature

Code:
The IDS and advanced options section allows you to configure advanced filtering options to detect several types of attacks that can be carried out against your computer.

hL5hAkM.jpg

HKKsjKb.jpg

Application modification detection

vKsYekl.jpg


System Integration

Nothing to change

B- Connection View

Tick all



3- WEB and EMAIL


A- Email Client Protection

i let it as default; just set ThreatSense as step 1-B

Email Clients

bO53gIA.jpg

Email Client Integration

Up to you

IMAP, IMAPS

As default

POP3, POP3S

As default


B- Antispam Protection

dms4aUR.jpg

Address Book

XCX2ufC.jpg


C- Web Access Protection

The powerful ESET web filter.

Threatsense: As 1-B

HTTP, HTTPS

rwMGP6a.jpg

Active mode: Select your browser and P2P clients
URL Adresses Management: Here you will block/allow websites.


D- Protocol Filtering

Enable it.

Excluded Applications: depend of you, i excluded my other AVs.
Excluded IP Adresses: depend if you trust some websites, i trust no websites ^^


SSL

gEr2hpp.jpg

i unticked "...exceptions based on certificates", since certificates can be stolen.

NOTE: With some non-popular websites, your browser will issue a warning.


Certificates

ceQuZXP.jpg

Anti-Phishing protection

of course, enable it.


OK IT'S FINISH !!

if i find out i did some mistakes or miss some elements, i will update the post accordingly.


I hope it helped you.

Thanks
 

McLovin

Level 76
Verified
Honorary Member
Malware Hunter
Apr 17, 2011
9,222
venustus said:
Thank you for the guide!:)

There was kinda no need to quote the whole first post :-/

Great guide. For those users who want the full potential out of ESET I'm sure this guide would help.
 
  • Like
Reactions: Kent

Venustus

Level 59
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Dec 30, 2012
4,809
McLovin said:
venustus said:
Thank you for the guide!:)

There was kinda no need to quote the whole first post :-/

Great guide. For those users who want the full potential out of ESET I'm sure this guide would help.

Yeah I know!:blush:
Sorry about that:)
 
  • Like
Reactions: Kent

havok

New Member
Verified
Mar 12, 2013
49
Thanks for this guide . Just a question: when I checked "Runtime packers" and Advanved heuristics\... I got message : "Enabling this...can cause performance issue on this computer. Do you want ....". Is that normal - just prevention for low powerful pc - or is something else?

One more thing : at the moment I'm running Emsisoft AW 7 with real-time together with ESS 6. Could you suggest the best settings for Emsi AW 7 according with ESS 6 ones ? I just applied the EAM settings you suggested in your post about EIS best settings - of course I'm not running Online Armor F. - . Is this configuration good for both ESS 6 and EAW 7 ?
BTW I,m running these on a win7 x32 2GB RAM. Could these go to be heavy on resources ? It looks like both app together got around the same use of resources of Kaspersky Internet Security..Till now no any problem
Thanks
 
D

Deleted member 178

Thread author
havok said:
Thanks for this guide . Just a question: when I checked "Runtime packers" and Advanved heuristics\... I got message : "Enabling this...can cause performance issue on this computer. Do you want ....". Is that normal - just prevention for low powerful pc - or is something else?

yes it is normal, it is for low-end PCs, mostly because ESET will have more stuff to monitor and so use more resources; you have a similar feature with Avast when you set it to scan all "Packers"; i also observed on it an higher resources usage.

One more thing : at the moment I'm running Emsisoft AW 7 with real-time together with ESS 6. Could you suggest the best settings for Emsi AW 7 according with ESS 6 ones ?

it depend if you want better resource usage of max protection too.

anyway check this guide: http://malwaretips.com/Thread-How-to-set-CIS-EAM-for-max-compatibility-security

just replace CIS processes by ESET ones
 
  • Like
Reactions: Kent

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Maybe a small warning that this guide will have a negative impact on low-end and older hardware?
 
  • Like
Reactions: Kent

havok

New Member
Verified
Mar 12, 2013
49
Umbra Corp. said:
havok said:
Thanks for this guide . Just a question: when I checked "Runtime packers" and Advanved heuristics\... I got message : "Enabling this...can cause performance issue on this computer. Do you want ....". Is that normal - just prevention for low powerful pc - or is something else?

yes it is normal, it is for low-end PCs, mostly because ESET will have more stuff to monitor and so use more resources; you have a similar feature with Avast when you set it to scan all "Packers"; i also observed on it an higher resources usage.

One more thing : at the moment I'm running Emsisoft AW 7 with real-time together with ESS 6. Could you suggest the best settings for Emsi AW 7 according with ESS 6 ones ?

it depend if you want better resource usage of max protection too.

anyway check this guide: http://malwaretips.com/Thread-How-to-set-CIS-EAM-for-max-compatibility-security

just replace CIS processes by ESET ones

Thanks again, much appreciated.
What I want is the best possible protection with a good (acceptable) use of resources- I'm running these on a win7 x32 2 GB Ram .
However on same PC I had been running KIS for several months with no any problem at all so I think it should be fine..
However I saw with these max compatibility configuration applied the use of resources by EAW is definitely reduced. Thanks
 
D

Deleted member 178

Thread author
havok said:
What I want is the best possible protection with a good (acceptable) use of resources- I'm running these on a win7 x32 2 GB Ram .
However on same PC I had been running KIS for several months with no any problem at all so I think it should be fine..

the way i set EAM as companion in my guide will give exactly what you asked for; you can do this in addition on EAM :

1- Configuration > general > untick "email scanning" (ESET do it already)
2- Configuration > general > untick "enable captcha..." (ESET will monitor EAM so a malware will probably not shutdown EAM)

the 2 ESET's processes to exclude in EAM are: "Ekrn.exe" (in folder x86) and "Egui.exe"

lCxRfpq.jpg
 
  • Like
Reactions: Kent

havok

New Member
Verified
Mar 12, 2013
49
Umbra Corp. said:
havok said:
What I want is the best possible protection with a good (acceptable) use of resources- I'm running these on a win7 x32 2 GB Ram .
However on same PC I had been running KIS for several months with no any problem at all so I think it should be fine..

the way i set EAM as companion in my guide will give exactly what you asked for; you can do this in addition on EAM :

1- Configuration > general > untick "email scanning" (ESET do it already)
2- Configuration > general > untick "enable captcha..." (ESET will monitor EAM so a malware will probably not shutdown EAM)

the 2 ESET's processes to exclude in EAM are: "Ekrn.exe" (in folder x86) and "Egui.exe"

lCxRfpq.jpg

Ya "email scanning" was already unchecked and ESS processes added in EAM exclusions. Not sure I understood about captcha : EAM is not self-protected ? If a malware can shutdown EAM that is nearly useless...
 

Nikos751

Level 20
Verified
Malware Tester
Feb 1, 2013
969
Thank you very much! It is very useful for people who want to maximize their protection using ESET. I am currently using Avast 8 but when I 'll find an 6 months promo (or more) of ESET I ll probably make the switch..
 
D

Deleted member 178

Thread author
havok said:
Ya "email scanning" was already unchecked and ESS processes added in EAM exclusions. Not sure I understood about captcha : EAM is not self-protected ? If a malware can shutdown EAM that is nearly useless...

EAM has self-protection, but sophisticated malwares (mostly rootkits) can disable it, also against an hacker that penetrate your system it will be useless.
 

havok

New Member
Verified
Mar 12, 2013
49
Umbra Corp. said:
havok said:
Ya "email scanning" was already unchecked and ESS processes added in EAM exclusions. Not sure I understood about captcha : EAM is not self-protected ? If a malware can shutdown EAM that is nearly useless...

EAM has self-protection, but sophisticated malwares (mostly rootkits) can disable it, also against an hacker that penetrate your system it will be useless.

Well of course EAM is just AV, no firewall. I wonder about ESS self-defense...Do you think that is good enough ?
Or could be better to run EAV + 3d party firewall? That is main problem with ESS, though I think ESS + EAM real time provide a good\great protection...
BTW I had to reset to defaul Web Access protection settings because browsing was nearly impossible...I guess because of SSL detection but not sure. Pale Moon was blocking access and asking for certificate on Google ?!??!?
 
D

Deleted member 178

Thread author
havok said:
Well of course EAM is just AV, no firewall. I wonder about ESS self-defense...Do you think that is good enough ?

ATM, yes


Or could be better to run EAV + 3d party firewall? That is main problem with ESS, though I think ESS + EAM real time provide a good\great protection...

you have Emsisoft Internet Security Pack (aka EAM + OAP) my previous solutions, the best one for me.

BTW I had to reset to defaul Web Access protection settings because browsing was nearly impossible...I guess because of SSL detection but not sure. Pale Moon was blocking access and asking for certificate on Google ?!??!?

yes it is because the "SSL scan", this issue happen with some Firefox-based browsers (Palemoon, Comodo Icedragon, etc...); so you have to disable it.
 

havok

New Member
Verified
Mar 12, 2013
49
Umbra Corp. said:
havok said:
Well of course EAM is just AV, no firewall. I wonder about ESS self-defense...Do you think that is good enough ?

ATM, yes


Or could be better to run EAV + 3d party firewall? That is main problem with ESS, though I think ESS + EAM real time provide a good\great protection...

you have Emsisoft Internet Security Pack (aka EAM + OAP) my previous solutions, the best one for me.

BTW I had to reset to defaul Web Access protection settings because browsing was nearly impossible...I guess because of SSL detection but not sure. Pale Moon was blocking access and asking for certificate on Google ?!??!?

yes it is because the "SSL scan", this issue happen with some Firefox-based browsers (Palemoon, Comodo Icedragon, etc...); so you have to disable it.

Do you mean running EAM +OAP firewall only? In that case I guess I should remove ESS. And I guess I should make some changes to EAM settings as well, right?
 
D

Deleted member 178

Thread author
havok said:
Do you mean running EAM +OAP firewall only? In that case I guess I should remove ESS. And I guess I should make some changes to EAM settings as well, right?

1- yes Emsisoft IS is more than enough (AV + FW + BB + HIPS + restriction-based sandbox)

2- Yes because you can't have 2 HIPS & Firewall at same time

3- yes, i have made a guide to set them for max protection.


Overkill said:
I'm assuming the same exact settings for NOD32 correct?

yes, except the FW part (obviously ^^)
 

havok

New Member
Verified
Mar 12, 2013
49
Umbra Corp. said:
havok said:
Do you mean running EAM +OAP firewall only? In that case I guess I should remove ESS. And I guess I should make some changes to EAM settings as well, right?

1- yes Emsisoft IS is more than enough (AV + FW + BB + HIPS + restriction-based sandbox)

2- Yes because you can't have 2 HIPS & Firewall at same time

3- yes, i have made a guide to set them for max protection.

Thanks.
I always liked Emsisoft so I'm really interested in that .
Just 1 question: what about Emsisoft IS resources usage ? Is it light (I don't think so), medium (could be good ) or heavy - I mean especially according to the settings you suggested ?
 
D

Deleted member 178

Thread author
Honestly it depends vastly upon each system configuration, what processes are ran, etc...

EIS has an impact on boot-time and during updates mostly, the rest of the time it sit around 20-40mb RAM and it is quite light (lighter than KIS on my system)

for ESS, if you allow the "...exception based on certificates" option; your issue may disappear.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top