Jump to content

eternalromance

Members
  • Content Count

    9
  • Joined

  • Last visited

Posts posted by eternalromance

  1. I have firewall rules for some services that use scvhost.exe (for example wuauserv) but after upgrading to Windows 10 Build 1709 and Internet Security 10.1.235.0 these rules are no longer used. Now the firewall only reports that scvhost is trying to connect outside but is not able to determine which is the service using scvhost.exe (as it was able to do before).

     

    Is this a known issue?

    rules.PNG

  2. Description: Add option to show more details about the threats detected by real-time scan

    Detail: Please an option to show more details about the threats detected by real-time scan including:

    • Show full path to malicious/infected file or registry key (Where the malware is?)
    • Show file hashes (SHA-256; SHA-1; MD5) with link to Virus Total (Which mutation is this?)
    • Show detection name with link to detection report in Virus Radar (To which malware family it belongs to?)
    • Show if the process that tried to access the malicious/infected file or registry key was running in user or system space (Has the user tried to access the sample?)

    There are detection names that cover hundreds of samples and some times it is necessary to know which is the particular sample that has been found (for example to help to determine the origin of the infection)

     

    eicar.png

×
×
  • Create New...