Whats New In EQSecure 3.41

Thanks aigle

I just pulled the d/l of it and going to test it myself after i fish thru the aquarium of EQ's settings again to see if theres something we can change maybe to prevent that.

OtherWise i guess time to add an Anti-Keylogger besides snoopfree, btw, does snoopfree fail it too?

 

No tried and I will not suggest SF. It,s old, not updated and might give rise to conflicts. Besides there are no keyloggers on my system and I don,t need a die-hard anti-keylogger protection.

 

Yes, u can if u can rewrite/ modify the code of it.

 

Well, i run the new version 2 keylogger test and EQS passed all the tests except the last one, the journal screen capture, it took a nice screenshot and set it on the desktop.

But taking a screenshot or even some program making a screenshot on your PC is one thing, getting that screenshot to go outbound with that picture is another.

Still, EQSecure is done a remarkable job so far with this HIPS, and i say this with no reservation because it is IMO extremely light-weight and i have set it to monitor quite an array in each of those 3 groups in addition to the defaults and then opened up Task Manager and theres no significant rise in either memory or CPU to even speak of.

Anyone else with a verdict or concern? This HIPS deserves some serious looking at on all positive notes.

 

No, It doesn,t intercept GetKeyBoardStat.

 

Thanks, i stand corrected on my first assertion, EQS does indeed allow keystrokes. When i tested this yesterday i was looking for a Notify Prompt instead of actually typing to see if the letters were showing in the box.

Cool Beans, another hurdle to overcome

 

Hi All

Apologies for this request, but can anyone tell me where to download the ENGLISH version of EQsecure 3.41

The one I downloaded has a Chinese GUI The language file has 2 zip files in it en.zip and tw.zip

Any help gratefully received?

Thank you

Terry

 

I am not sure. I used this link:

http://www.eqspywatch.com/bbs/read.php?tid=7649&fpage=0&toread=&page=1

I translated it via bable fish.Then used the upper download link( arrowed).

On next page, clicked the link as shwon. U must get an .exe not a .rar file. I was having previous version in english. I uninstalled it. Reinstalled 3.41 and it was all in english.

Solcroft might help you better.

 

Hi Aigle

Thanks for the info

Now downloaded and running

Terry

 

Ok, that,s nice. Let,s know ur opinion about it. Remember its file protection is nice but keeep it limited and liberal otherwise this feature will prove to be a pain.

 

Without a doubt.

For example under File Protect options, Global Rules i got TEMP folders covered nicely by EQS alerting to anything that might enter, change, or delete any file in these Hot Spots.
But i made a brief mistake by going over to Applications Rules/Other Options and setting Explorer.exe to "Search Global Rules"

Needless to say i got to see plenty of alerts untill removing that rule, but it was nice to watch for awhile and see what all activity explorer was doing behind the scenes during activity, which is a lot.

 

Explorer.exe, svchost.exe and all such applications who have a lot of file activity should enver be tied under file protection control of EQS. It will be a horror. I give full access to all such applications, infact I give full file access to any application that is not related to internet and gives me more than few popups.

Also it,s not wise at all to monitor temp folders, these are one of the most active folders as far as file creation/ modification/ deletion is concerned, so you will be in trouble. I can,t even think of doing it.

Acc to my observation, mostly malware create/ modify files itself( rather than through system processes by exploiting them) so even with a lot leberal file protection rules, u are very well protected.

 

I let EQS cover TEMP folders because those are hot spots a lot of times for drive-by downloads when i am malware hunting. Although i've got a lot of droppers pass thru IE straight into the C:\ folder too.

EQS "is" solid as they come and it's so very configurable it's a snap to cover about anything but just takes some time to set up, thats all.

Like any security program there is some limitations, but whatever is not yet implimented in it's coverage other security programs can fill in the gap untill they do, if they do. I do wish they would address a couple things though, one being the keylogger test miss and the other is sone feature to protect individual programs from termination like SSM.

 

Termination protection is there for all applications by default.

 

Well then, thats good enough, wasn't fully aware they already made that available.

So what's left to add in EQSecure that would fairly well cover all the bases because it appears nearly there enough now.

 

Hi All

Thanks to Aigle I was able to download an English version of EQSystemSecure which is now up and running. I need some help here since I am not a technocrat.

In setting it up (V3.41) I used learning mode and spent an hour going through every program on my machine opening closing, updating etc. Then I went into normal mode, ie removed learning mode. Since that point EQSecure has been very "quiet" No popups and yes everything is enabled.

The online help is in Chinese so the only help I can get is from a previous use of ProSecurity since it is similar.

Question

1) Is adequate protection derived from EQSecure with all modules activated after the learning mode described above.

2) Where can I get a translation of the help file if there is one

3) If (1) above is inadequate what more can I do, and how do I do it?

Thank you for your help

Terry

ps I like EQSecure it has a nice clean interface, uncluttered

 

It should give adequate protection. It has advanced parent/ child rules like SSM,s paranoid mode, so I will not sorry about protection. It,s more than needed I think. I will only worry to avoid popups.

For anyone who wants less chatty HIPS with simpler rules( no complex-parent relationship), NG is a good choice.

Not sure about help file.

 

Hi Aigle

Thanks for your reply.

As far as Neoava Guard (NG) in your reply. In thought I had read somewhere that the developer has suspended work on it?

Curious how different people view different software? I always found NG a bit complicated and a bit daunting to set up!

Regards

Terry

 

U r right. Work on NG has been suspended.

 

Opinion Needed:

Would a user of EQSecure 3.41 benefit in any way by also running OnlineArmor (Free) or is there opinion that running 2 such programs might instead make space for overlap.

I ask this because i have run Cyberhawk & SSM before and oddly enough they BOTH complimented each other in my runs and never clashed although the overlap occasionally made itself evident in the alerts, although one (CyberHawk) always was first up to issue a notice.

 

I notice a lot is made of NG in EQS discussion threads. I assume it compliments EQS when teamed together or is it suggested as a reliable alternative when users feel EQS is just too complex to fine-tune?