HIPS. Target files

Discussion in 'ESET NOD32 Antivirus/Smart Security Beta' started by ESS3, Jun 6, 2011.

Thread Status:
Not open for further replies.
  1. ESS3

    ESS3 Registered Member

    Joined:
    Dec 11, 2007
    Posts:
    112
    I want to protect windows x64!!! :)

    Support:

    Operations – The rule will be used only for this type of operation and for the selected Target. Select the checkboxes to select operations, or you can use the User for all operations option.

    Description of the important operations:

    Target files

    · Raw memory access – Access to the raw memory image (raw memory dumps).

    · Raw partition access – Access to the file system (partition) on the disk image level, which can be used, for example, to create a raw partition dump.

    · Raw disk access – Access to the data on the hard drive on the binary level (higher than the file system level), or access to the MBR (Master Boot Record) partition.

    · Set windows hook ex – Calling the SetWindowsHookEx function from the MSDN library by the application.

    · System load and call image – Calling the SystemLoadAndCallImage function, which is used to read the system files. It is useful if you want to capture the behavior of a Rootkit.

    · Changing image – ...

    · NT Load driver – Installation and the use of a driver in the system.
     

    Attached Files:

  2. Habakuck

    Habakuck Registered Member

    Joined:
    May 24, 2009
    Posts:
    544
    Hm, i do not understand what you try to tell us.!. :D
     
  3. ESS3

    ESS3 Registered Member

    Joined:
    Dec 11, 2007
    Posts:
    112
    at Target files are no:
    · Raw memory access
    · Raw partition access
    · Raw disk access
    :D
     
Thread Status:
Not open for further replies.