I

illumination

What about bouncer list? an ask/block rule for these processes/places:
https://excubits.com/content/files/blacklist.txt
I don't know much about registry!there are registry keys that we need to protect them! which one? i don't know:D
Any time you use restriction policies, you need to be careful what you are adding. It is a trial and error with each different system and its applications.
I spent months in a VM with a copy of Eset learning it. I fully advise anyone wanting to learn it, to do the same before modifying their main Host.
I disagree with "set up for testing guides" because all these accomplish is showing user what to tick and what not to, they do not learn about the product and what the changes they are making to the default set up are actually doing with their systems.

A point has been made here though, that there are very few in this forum that actually understand how to fully utilize Eset, and instead of just admitting this, bash it.
 

Sunshine-boy

Level 27
Verified
I don't use policy mode because I believe it generates errors and crashes(learning mode is also broken cuz it auto allow everything for a process).I prefer interactive mode which is much better than policy mode.but there is a bug in Eset hips that auto allows the operation if you don't answer the alert fast(around 45 sec).they also don't want to change the way it works!Btw Eset Hips can work as an Anti-Exe (or other executable formats).There were a lot of bugs in this hips but they fixed it and still fixing.
Eset hips is very powerfull:D
 
I

illumination

I don't use policy mode because I believe it generates errors and crashes(learning mode is also broken cuz it auto allow everything for a process).I prefer interactive mode which is much better than policy mode.but there is a bug in Eset hips that auto allows the operation if you don't answer the alert fast(around 45 sec).they also don't want to change the way it works!Btw Eset Hips can work as an Anti-Exe (or other executable formats).There were a lot of bugs in this hips but they fixed it and still fixing.
Eset hips is very powerfull:D
I do not use Policy mode either, as I am on a shared system. It is the only system we have and maintain. Even if this was not a shared system, I would like you, use interactive mode for the same reasons. I was merely pointing out that interactive mode is not the strongest HIPS setting, and that you could seriously limit what is crawling around on your machine with it.

As for our home system, I actually use Smart Mode for HIPS and supplement with Appguard Business, as it was easier to teach my significant other how to re-enable a service such as "cmd" when an operation that is legit requires it by opening Appguard, clicking "customize" and going to the "guarded apps" tab, and ticking it, hitting apply to enable it, then unticking and hitting apply to block it again as opposed to teaching her how to respond to HIPS alerts. ;)

You are quite correct, Eset HIPS is very strong.
 

jackuars

Level 23
Verified
Unless you are testing malware on your system for the heck of it, any of these antivirus products will be good for you and has 99.9% chance of protecting you under any given condition in a real-world scenario.

If the tests tell that a product scored 70-90% against malware samples, it's still not a bad score at all, because it was specifically asking for trouble when it was testing the malware samples on their system.

Forget what reviews say, just stick to the one you like. All these BB, System Watcher, Signatures, Heuristics, Dynamic tests etc are to be taken with a grain of salt if you practice safe browsing habits.