Jump to content

Wolf Igmc4

Members
  • Posts

    29
  • Joined

  • Last visited

Posts posted by Wolf Igmc4

  1. 17 minutes ago, persian-boy said:

    What about a sandbox? I guess it is much important than Anti-Theft-_- I'm still waiting to see a purge button for not existing Rules in both Hips and firewall.
    Also showing the command line when Hips alert for cmd!and provide a way to submit the FP from the Gui, not email :|
    Also an option to let us sort the rules based on the directory.

     

    ESET have sandbox, but we just can't access it. But I agree with you, I want to manage apps in a sandbox.

  2. 19 minutes ago, Marcos said:

    You can exclude potentially unwanted and unsafe applications from detection by name.

    No, for example: A threat has been detected (MSIL/blabla) when X tried to access X.

    I just want to block the popup of the specific ´MSIL/blabla´.

    If for example another threat is detected (for example, MSIL/Blabla25) is detected, it´s popup will appear.

     

    I don´t know if you understand me :/

  3. Download Process explorer (https://docs.microsoft.com/en-us/sysinternals/downloads/process-explorer), run It as admin, in options click on virus total and allow terms and conditions. Then, in the tabs, you will see "Virustotal", click It and find a program with detections that you dont know his origin. Suspend It. Go to his Path, and try deleting It. If you cant, remember the path and run Windows in safe mode, go to the path and delete the files.Then, reboot.

    If the malware persist, download Autoruns (https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns), another Microsoft essentials program. In options allow Virustotal terms, then find an entry with derections, make sure it's not an important entry or a program you installed, and delete It. You can try finding the name of the entry, just go to the path where the malware is alocated, copy it's name and find it on Autoruns.

     

    Edit: You can also try using second opinion scans first, I recommend Hitman Pro, Zemana and Malwarebytes.

     

    If you are not able to kill the virus, run win in safe mode, hit Windows key and R, and write Rstrui.exe, and select a copy where the virus wasnt in ur pc.

    If any important file is deleted, download shadow Explorer and find in the backups your files (you can find tutorials in YT).

  4. 26 minutes ago, Marcos said:

    A behavior blocker would cause quite a lot of false positives or would bother the user to make a decision him/herself every while and then. Our aim is to keep ESET install-and-forget, without asking the users for an action. The more questions, the higher probability of wrong decisions and subsequent infection. ESET leverages a handful of advanced technologies explained at https://www.eset.com/int/about/technology/ to achieve maximum protection without nagging the user or causing false positives.

    Eset Live Grid know lot of programs to avoid false positives, so a behavior blocker isn´t a bad idea...

×
×
  • Create New...