Jump to content

claudiu

Members
  • Content count

    59
  • Joined

  • Last visited

Profile Information

  • Location
    Canada

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. I do not understand "Not really". In the situation mentioned by you, the user would have 2 identical files (by name); one sanitized , in the original location and one "original" placed in quarantine, BOTH OF THEM WITH THE SAME NAME. So why "not really"????
  2. If the file was "cleaned", will exists in 2 places : in quarantine,( the original infected one) and in original place (the cleaned one). Both of them will have the same name. Very difficult to figure out what happened.
  3. claudiu

    Ransomware Simulator

    Yes , you could! But I rather prefer ESET to detect even this (RAR encryption) and to let me know that "RAR is trying to encrypt" YES or NO. At this point , ESET had ZERO reactions to any test run.
  4. claudiu

    Ransomware Simulator

    I wouldn't so sure: see the detection of Malwarebytes (everything disabled . only Antiransomware protection active ) This is the purpose of "Test Files" : to test a capability . An answer as " we know that is a test file , that's why we did not detect it" is an insult to a paying user.
  5. claudiu

    Ransomware Simulator

    This is the convenient answer , to justify failure. The Antiransomware protection on ESET is based on HIPS , which cannot distinguish between a simulator an a real threat (unless the simulator is on a white list) See here a test with Eicar, another "simulator" Yet, ESET will detect it as a normal threat.
  6. claudiu

    Ransomware Simulator

    Just run a ransomware simulator (RanSim) from here : https://www.knowbe4.com/ransomware-simulator On a win7 /64 with NOD32, the result is --->see attachment. Any comments????
  7. claudiu

    OK, let me ask again!

    My selected profile is "In-depth scan" with Threatsense parameter "No cleaning" ; yet the threat is cleaned automatically. However, if I select "Context menu scan" with Threatsense parameter "No cleaning", the threat is not cleaned automatically, waiting for my decision. In all honesty, why do we need to set "threthsense" in so many places? Is not like someone would want a certain action when scan on demand and a totally different action in a different situation.
  8. claudiu

    OK, let me ask again!

    If threatsense parameters are set to "no cleaning" in all 100 required places, why when I scan a folder , the threat is cleaned automatically??? See picture.
  9. claudiu

    Why I can "Ignore"...

    Yes, but if it is an actual threat why I can still "ignore it"??? And what if the "actual threat" is a FP and I want to exclude it from detection??? And what about second question???
  10. claudiu

    Why I can "Ignore"...

    ...threat but I cannot exclude from detection (grey -out)? And one more: I setup Threatsense Parameters to "no cleaning" (all of them) however if I scan an infected folder I get "All threats cleaned" Why is that?
  11. claudiu

    Log File page...

    In my first attachment, you see there is no "square" in the top right corner , to maximize the window, only "_" and "x" With window minimized, I could resize the columns left and right, but still in minimized mode. In new version 11.2.49 , I can expand the window to the whole screen. Is worth mentioning that I installed first ESET internet security and I downgraded to NOD32 antivirus; maybe is related somehow.
  12. claudiu

    Log File page...

    The solution was to manually update to the next version (v11.2.49) In the previous version, whatever you described it is not possible; the window had a fixed size.
  13. claudiu

    Log File page...

    ...is way too small and not expandable. I have to go line by line to expand it left or right in order to be able to read. See attachment.
×