Guide | How To ESET Smart Security for Max Protection

[Deleted member 178]

OK, since i have some request to how i set ESET for max protection; there the answer. (picture based with annotations)

Warning:

- This setting may have a negative impact on resources usage and responsiveness for low-end machines.
- This setting will generate more alerts than default setting and may hamper your browsing experience.

first of all, we go to Setup > Enter Advanced Setup


1- COMPUTER

A- Antivirus and Antispyware

Spoiler

B- Real-Time System Protection

Spoiler

Tick all boxes, then enter setup:

-Object: tick all
-Options: Tick all

Advanced heuristics/DNA/Smart signatures – Advanced heuristics consist of a unique heuristic algorithm developed by ESET, optimized for detecting computer worms and trojan horses and written in high level programming languages. Thanks to advanced heuristics, the detection capabilities of the program are significantly higher. Signatures can reliably detect and identify viruses. Utilizing the automatic update system, new signatures are available within a few hours of a threat discovery. The disadvantage of signatures is that they only detect viruses they know (or their slightly modified versions).

-Cleaning: up to you, "No cleaning" will let you choose what action to take.
-Extensions tick "select all"
-Limit: let it to default
-Other: tick enable "Smart optimization"

Advanced Setup

Spoiler

C- On-Demand Computer Scan

this is the manual scan settings, set them as you wish.

-ThreatSense Engine parameter setup : mostly repeat step 1-B; in "Other" also tick Scan alternate data streams (ADS)

 – Alternate data streams used by the NTFS file system are file and folder associations which are invisible by ordinary scanning techniques. Many infiltrations try to avoid detection by disguising themselves as alternate data streams.

D- Document Protection

Enable it

-ThreatSense Engine parameter setup: same as Step 1-B


E- Startup Scan

Same as step 1-B


F- Idle-State Scanning

Enable it if you need it, ThreatSense settings is same as Step 1-B


G- Exclusions

Set there any other security apps you have.

H- Removable Media

create rules for every USB/Ext-HDD/pendrives/mobile phones you own, so you will be protected from infections

Spoiler

I- HIPS

The most complicated part, i suggest you to set it on "Learning Mode" for few hours, during this time, you will have to launch every softwares/windows tools you used to use and known to be safe (mostly those that don't need an internet connection to run).
After you will set the HIPS to "Interactive Mode".

Spoiler

-Advanced Setup: Tick all


2- NETWORK (under testing)

A- Personal Firewall

i found ESET Firewall quite good especially with its IDS feature, that block malwares at the network level), Set it to "Interactive"

Rule and Zone

i let it as default, you may change some rules later depending your system.

IDS and Advanced Options

my favorite firewall feature

The IDS and advanced options section allows you to configure advanced filtering options to detect several types of attacks that can be carried out against your computer.

Spoiler

Spoiler

Application modification detection

Spoiler

System Integration

Nothing to change

B- Connection View

Tick all



3- WEB and EMAIL


A- Email Client Protection

i let it as default; just set ThreatSense as step 1-B

Email Clients

Spoiler

Email Client Integration

Up to you

IMAP, IMAPS

As default

POP3, POP3S

As default


B- Antispam Protection

Spoiler

Address Book

Spoiler

C- Web Access Protection

The powerful ESET web filter.

Threatsense: As 1-B

HTTP, HTTPS

Spoiler

Active mode: Select your browser and P2P clients
URL Adresses Management: Here you will block/allow websites.


D- Protocol Filtering

Enable it.

Excluded Applications: depend of you, i excluded my other AVs.
Excluded IP Adresses: depend if you trust some websites, i trust no websites ^^


SSL

Spoiler

i unticked "...exceptions based on certificates", since certificates can be stolen.

NOTE: With some non-popular websites, your browser will issue a warning.


Certificates

Spoiler

Anti-Phishing protection

of course, enable it.


OK IT'S FINISH !!

if i find out i did some mistakes or miss some elements, i will update the post accordingly.


I hope it helped you.

Thanks

 

[Venustus]

Thank you for the guide!

 

[McLovin]

Thank you for the guide!

There was kinda no need to quote the whole first post :-/

Great guide. For those users who want the full potential out of ESET I'm sure this guide would help.

 

[Akash209]

Thank you bro!

 

[Venustus]

Thank you for the guide!

There was kinda no need to quote the whole first post :-/

Great guide. For those users who want the full potential out of ESET I'm sure this guide would help.

Yeah I know!:blush:
Sorry about that

 

[havok]

Thanks for this guide . Just a question: when I checked "Runtime packers" and Advanved heuristics\... I got message : "Enabling this...can cause performance issue on this computer. Do you want ....". Is that normal - just prevention for low powerful pc - or is something else?

One more thing : at the moment I'm running Emsisoft AW 7 with real-time together with ESS 6. Could you suggest the best settings for Emsi AW 7 according with ESS 6 ones ? I just applied the EAM settings you suggested in your post about EIS best settings - of course I'm not running Online Armor F. - . Is this configuration good for both ESS 6 and EAW 7 ?
BTW I,m running these on a win7 x32 2GB RAM. Could these go to be heavy on resources ? It looks like both app together got around the same use of resources of Kaspersky Internet Security..Till now no any problem
Thanks

 

[Deleted member 178]

Thanks for this guide . Just a question: when I checked "Runtime packers" and Advanved heuristics\... I got message : "Enabling this...can cause performance issue on this computer. Do you want ....". Is that normal - just prevention for low powerful pc - or is something else?

yes it is normal, it is for low-end PCs, mostly because ESET will have more stuff to monitor and so use more resources; you have a similar feature with Avast when you set it to scan all "Packers"; i also observed on it an higher resources usage.

One more thing : at the moment I'm running Emsisoft AW 7 with real-time together with ESS 6. Could you suggest the best settings for Emsi AW 7 according with ESS 6 ones ?

it depend if you want better resource usage of max protection too.

anyway check this guide: http://malwaretips.com/Thread-How-to-set-CIS-EAM-for-max-compatibility-security

just replace CIS processes by ESET ones

 

[Ink]

Maybe a small warning that this guide will have a negative impact on low-end and older hardware?

 

[havok]

Thanks for this guide . Just a question: when I checked "Runtime packers" and Advanved heuristics\... I got message : "Enabling this...can cause performance issue on this computer. Do you want ....". Is that normal - just prevention for low powerful pc - or is something else?

yes it is normal, it is for low-end PCs, mostly because ESET will have more stuff to monitor and so use more resources; you have a similar feature with Avast when you set it to scan all "Packers"; i also observed on it an higher resources usage.

One more thing : at the moment I'm running Emsisoft AW 7 with real-time together with ESS 6. Could you suggest the best settings for Emsi AW 7 according with ESS 6 ones ?

it depend if you want better resource usage of max protection too.

anyway check this guide: http://malwaretips.com/Thread-How-to-set-CIS-EAM-for-max-compatibility-security

just replace CIS processes by ESET ones

Thanks again, much appreciated.
What I want is the best possible protection with a good (acceptable) use of resources- I'm running these on a win7 x32 2 GB Ram .
However on same PC I had been running KIS for several months with no any problem at all so I think it should be fine..
However I saw with these max compatibility configuration applied the use of resources by EAW is definitely reduced. Thanks

 

[Deleted member 178]

What I want is the best possible protection with a good (acceptable) use of resources- I'm running these on a win7 x32 2 GB Ram .
However on same PC I had been running KIS for several months with no any problem at all so I think it should be fine..

the way i set EAM as companion in my guide will give exactly what you asked for; you can do this in addition on EAM :

1- Configuration > general > untick "email scanning" (ESET do it already)
2- Configuration > general > untick "enable captcha..." (ESET will monitor EAM so a malware will probably not shutdown EAM)

the 2 ESET's processes to exclude in EAM are: "Ekrn.exe" (in folder x86) and "Egui.exe"

 

[havok]

What I want is the best possible protection with a good (acceptable) use of resources- I'm running these on a win7 x32 2 GB Ram .
However on same PC I had been running KIS for several months with no any problem at all so I think it should be fine..

the way i set EAM as companion in my guide will give exactly what you asked for; you can do this in addition on EAM :

1- Configuration > general > untick "email scanning" (ESET do it already)
2- Configuration > general > untick "enable captcha..." (ESET will monitor EAM so a malware will probably not shutdown EAM)

the 2 ESET's processes to exclude in EAM are: "Ekrn.exe" (in folder x86) and "Egui.exe"

Ya "email scanning" was already unchecked and ESS processes added in EAM exclusions. Not sure I understood about captcha : EAM is not self-protected ? If a malware can shutdown EAM that is nearly useless...

 

[Nikos751]

Thank you very much! It is very useful for people who want to maximize their protection using ESET. I am currently using Avast 8 but when I 'll find an 6 months promo (or more) of ESET I ll probably make the switch..

 

[Deleted member 178]

Ya "email scanning" was already unchecked and ESS processes added in EAM exclusions. Not sure I understood about captcha : EAM is not self-protected ? If a malware can shutdown EAM that is nearly useless...

EAM has self-protection, but sophisticated malwares (mostly rootkits) can disable it, also against an hacker that penetrate your system it will be useless.

 

[havok]

Ya "email scanning" was already unchecked and ESS processes added in EAM exclusions. Not sure I understood about captcha : EAM is not self-protected ? If a malware can shutdown EAM that is nearly useless...

EAM has self-protection, but sophisticated malwares (mostly rootkits) can disable it, also against an hacker that penetrate your system it will be useless.

Well of course EAM is just AV, no firewall. I wonder about ESS self-defense...Do you think that is good enough ?
Or could be better to run EAV + 3d party firewall? That is main problem with ESS, though I think ESS + EAM real time provide a good\great protection...
BTW I had to reset to defaul Web Access protection settings because browsing was nearly impossible...I guess because of SSL detection but not sure. Pale Moon was blocking access and asking for certificate on Google ?!??!?

 

[Deleted member 178]

Well of course EAM is just AV, no firewall. I wonder about ESS self-defense...Do you think that is good enough ?

ATM, yes

Or could be better to run EAV + 3d party firewall? That is main problem with ESS, though I think ESS + EAM real time provide a good\great protection...

you have Emsisoft Internet Security Pack (aka EAM + OAP) my previous solutions, the best one for me.

BTW I had to reset to defaul Web Access protection settings because browsing was nearly impossible...I guess because of SSL detection but not sure. Pale Moon was blocking access and asking for certificate on Google ?!??!?

yes it is because the "SSL scan", this issue happen with some Firefox-based browsers (Palemoon, Comodo Icedragon, etc...); so you have to disable it.

 

[havok]

Well of course EAM is just AV, no firewall. I wonder about ESS self-defense...Do you think that is good enough ?

ATM, yes

Or could be better to run EAV + 3d party firewall? That is main problem with ESS, though I think ESS + EAM real time provide a good\great protection...

you have Emsisoft Internet Security Pack (aka EAM + OAP) my previous solutions, the best one for me.

BTW I had to reset to defaul Web Access protection settings because browsing was nearly impossible...I guess because of SSL detection but not sure. Pale Moon was blocking access and asking for certificate on Google ?!??!?

yes it is because the "SSL scan", this issue happen with some Firefox-based browsers (Palemoon, Comodo Icedragon, etc...); so you have to disable it.

Do you mean running EAM +OAP firewall only? In that case I guess I should remove ESS. And I guess I should make some changes to EAM settings as well, right?

 

[Overkill]

I'm assuming the same exact settings for NOD32 correct?

 

[Deleted member 178]

Do you mean running EAM +OAP firewall only? In that case I guess I should remove ESS. And I guess I should make some changes to EAM settings as well, right?

1- yes Emsisoft IS is more than enough (AV + FW + BB + HIPS + restriction-based sandbox)

2- Yes because you can't have 2 HIPS & Firewall at same time

3- yes, i have made a guide to set them for max protection.

I'm assuming the same exact settings for NOD32 correct?

yes, except the FW part (obviously ^^)

 

[havok]

Do you mean running EAM +OAP firewall only? In that case I guess I should remove ESS. And I guess I should make some changes to EAM settings as well, right?

1- yes Emsisoft IS is more than enough (AV + FW + BB + HIPS + restriction-based sandbox)

2- Yes because you can't have 2 HIPS & Firewall at same time

3- yes, i have made a guide to set them for max protection.

Thanks.
I always liked Emsisoft so I'm really interested in that .
Just 1 question: what about Emsisoft IS resources usage ? Is it light (I don't think so), medium (could be good ) or heavy - I mean especially according to the settings you suggested ?

 

[Deleted member 178]

Honestly it depends vastly upon each system configuration, what processes are ran, etc...

EIS has an impact on boot-time and during updates mostly, the rest of the time it sit around 20-40mb RAM and it is quite light (lighter than KIS on my system)

for ESS, if you allow the "...exception based on certificates" option; your issue may disappear.