HIPS

[MrExplorer]

It means the scan will kick in the moment you access the folder containing the file.

Same method used by Comodo Antivirus.

now i get it this feature of ESET is good i think that this featture is not in EAM.

sir i want to check the condition of my HDD any suggestions

 

[maaster]

The ESET 6 RC Memory leak problem is not happening to everyone. Sadly , I keep having that bug whether I like it or not but on my other laptop it doesn't happen.

That aside, version 6 HIPS are not fully operational at least for me.

There is hardly any changes from 5 to 6 so you can use version 5.

Version 6 mainly adds idle scan, Identity Theft (which will solely be available in Smart Security upon launch) and some bits and pieces.

Scanning engine, signatures and behavior of the program remains the same.

regarding the memory leak problem,I refered in wilderssecurity forum that those who have memory leak problem should send a PM to the moderator Marcos!

update rollback is also a new feature!

 

[MrExplorer]

update rollback is also a new feature!

i also forget that feature

 

[Overkill]

If i'm understanding this right, shouldn't it block on failure?

 

[Plexx]

If i'm understanding this right, shouldn't it block on failure?

Looks like I am not the one of the few who has seen that.

It should but unfortunately it is also flawed.

 

[Overkill]

The HIPS doesn't make sense! I've been watching some reviews of ESET...the only setting that does anything (without screwing something up within the system) is interactive mode and it's a pita unless you have it on learning mode long enough to shut it up a bit lol.
AUTO allows malware to get by and policy based could possibly block legit process's...I tried to turn up my volume and the HIPS wouldn't let me until I allowed it, that should be allowed automatically.

 

[Plexx]

The HIPS doesn't make sense! I've been watching some reviews of ESET...the only setting that does anything (without screwing something up within the system) is interactive mode and it's a pita unless you have it on learning mode long enough to shut it up a bit lol.
AUTO allows malware to get by and policy based could possibly block legit process's...I tried to turn up my volume and the HIPS wouldn't let me until I allowed it, that should be allowed automatically.

This is the main reason many consider ESET's HIPS as the new kid on the block.

You will possibly stumble upon another issue: From Learning mode to Interactive or Policy based, when doing something that there should be a rule already created by Learning mode, which there is, it will either trigger alerts in Interactive mode (making you creating a new rule for the same exact action but this time in Inter mode) or get nowhere if you on Policy based since it does not recognize the rule.

Your best bet and it will require A LOT of patience is switch to Interactive mode, do EVERYTHING possible with your system from: update windows to delete folders, restore and what not and then keep in Interactive or Policy based.

Now you understand why I had HIPS disabled for so long until I was bored and decided to configure each rule via Interactive mode.

PS: Do not attempt creating rules manually via the rules editor. It is far from being simple and no documentation/guides fully covered that are available.

Edit: When disabling HIPS, ESET's Self Protection is disabled too, but then again is it worth the hassle of having SP on when the Zeroday component causes headaches?