|
|
#1
June 13th, 2011, 11:20 AM
|
||||
|
||||
Why not eset self protection protect these..?
Hi'
I can easily delete files in these folders or even folders by just pressing delete. I can even delete HIPS Rules. Why don't eset self protection protect these files also  "C:\Program Files\ESET\ESET NOD32 Antivirus\Drivers" "C:\ProgramData\ESET\ESET NOD32 Antivirus" In my opinion ESET should protect all files in the following folders "C:\Program Files\ESET\ESET NOD32 Antivirus" and "C:\ProgramData\ESET\ESET NOD32 Antivirus" I have to check registry entries for working of self protection. I think thats why malware are able to disable ESET and remove. Regards Ashish Singh |
|
#2
June 13th, 2011, 11:30 AM
|
||||
|
||||
Re: Why not eset self protection protect these..?
Self defense is not active until the user reboot the system
__________________
Pentium M| 512 RAM ESET NOD32 Antivirus 5 ESET Smart Security 6 RC |
|
#3
June 13th, 2011, 11:37 AM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
HIPS rules can not be removed
__________________
ESET Smart Security 5 - The next generation of NOD32 Technology. ESET - Essential Security against Evolving Threats Windows 7 x64 SP1. Moscow Last edited by ESS3 : June 13th, 2011 at 11:47 AM. |
|
#4
June 13th, 2011, 09:29 PM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
Well I can delete all these files
|
|
#5
June 13th, 2011, 09:34 PM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
You can't delete anything in ProgramData without admin escalation. What exactly are you reporting?
__________________
OpenDNS with DNSCrypt SSD: Windows 8 Pro x64 | IE10 (Enhanced Protected Mode) & Fanboy's TPLs HDD: Xubuntu 12.04 LTS (x64) | Firefox: ABP(Fanboy's list) & HTTPS Everywhere |
|
#6
June 13th, 2011, 09:35 PM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
I can even delete the installer contained in it
|
|
#7
June 13th, 2011, 09:37 PM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
Look I am using Outpost Firewall Pro 7.5 with nod32. Whenever I try to delete any file from outpost folder it gives me an error that it can't be done because of self protection. Why don't eset protect its files from deletion?
|
|
#8
June 13th, 2011, 09:50 PM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
In my case i cannot delete those files because of self defense
__________________
Pentium M| 512 RAM ESET NOD32 Antivirus 5 ESET Smart Security 6 RC |
|
#9
June 14th, 2011, 11:36 AM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
Today with ESET RC version installed from scratch I tried deleting this file
C:\ProgramData\ESET\ESET NOD32 Antivirus\Installer And I could easily delete it Also I can delete HIPS Rules .dat as well .xml file is it normal ? Or these files are useless? NOTE: I am using ESET Nod32 Antivirus 5 RC |
|
#10
June 14th, 2011, 12:00 PM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
I cannot reproduce that, eset denied me access to those files
__________________
Pentium M| 512 RAM ESET NOD32 Antivirus 5 ESET Smart Security 6 RC |
|
#11
June 14th, 2011, 02:27 PM
|
|||
|
|||
|
Re: Why not eset self protection protect these..?
Quote:
|
|
#12
June 14th, 2011, 10:33 PM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
Yes of course. Most of the files are protected but not all...
|
|
#13
June 15th, 2011, 12:51 AM
|
|||
|
|||
|
Re: Why not eset self protection protect these..?
Quote:
|
|
#14
June 15th, 2011, 08:31 AM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
"Msi is merely the installer, it has no effect on security".
Why ?? It is needed for repair of eset. Ok leave it I can delete all the files(only outside the folders) in the following folder "C:\ProgramData\ESET\ESET NOD32 Antivirus" File names are EpfwUser.dat HipsRules.dat HipsRules.xml httpblk.dat local (database file)
__________________
ESET NOD32 Antivirus 5 Outpost Firewall Pro 7.5 Windows 7 Ultimate 32bits |
|
#15
June 15th, 2011, 08:34 AM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
Also all files in this folder
"C:\ProgramData\ESET\ESET NOD32 Antivirus\Stats" "C:\ProgramData\ESET\ESET NOD32 Antivirus\Charon" "C:\ProgramData\ESET\ESET NOD32 Antivirus\Logs" "C:\ProgramData\ESET\ESET NOD32 Antivirus\Stats" AND MOST IMPORTANT "C:\ProgramData\ESET\ESET NOD32 Antivirus\Updfiles" Regards Ashish
__________________
ESET NOD32 Antivirus 5 Outpost Firewall Pro 7.5 Windows 7 Ultimate 32bits |
|
#16
June 15th, 2011, 09:15 AM
|
|||
|
|||
|
Re: Why not eset self protection protect these..?
None of the above are critical files. They are merely statistics, logs or update files that are downloaded during every update so amending them has no effect on program's functionality.
|
|
#17
June 15th, 2011, 12:23 PM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
Quote:
This files (HipsRules.*) seems to need Self-Defense protection.
__________________
Pentium M| 512 RAM ESET NOD32 Antivirus 5 ESET Smart Security 6 RC Last edited by toxinon12345 : June 15th, 2011 at 12:40 PM. |
|
#18
June 15th, 2011, 12:27 PM
|
|||
|
|||
|
Re: Why not eset self protection protect these..?
Quote:
I have never seen any HipsRules.dat  |
|
#19
June 17th, 2011, 03:09 AM
|
||||
|
||||
|
Re: Why not eset self protection protect these..?
Quote:
Maybe you can try to change your HIPS to interactive or learning mode?
__________________
Intel Core i5 processor 3450/ 3GB DDR3 RAM/Windows 7 Premium 64-bit/Avast Free Antivirus/Secunia PSI/Hitman Pro/Panda USB Vaccine |
|
#20
June 17th, 2011, 06:08 AM
|
||||
|
||||
Re: Why not eset self protection protect these..?
Quote:
__________________
Never argue with fools - first, they'll try to get you down to their level and then defeat you with experience. |
| « Previous Thread | Next Thread » |
| Thread Tools | Search this Thread |
|
|
