Administrators Marcos 5,267 Posted June 19 Administrators Share Posted June 19 We would need advanced logs mentioned earlier in this thread that would include data from the time of creation of the file until it runs undetected. I can't seem to run the Phobos file undetected: Quote Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 19 Share Posted June 19 5 minutes ago, Marcos said: I can't seem to run the Phobos file undetected: Same here. Hence my question to the OP if he somehow inadvertently blocked Eset real-time scanning of it. If he did so, the file would've executed unimpeded. You could test likewise and see if the Ransomware Shield stops the encryption. Quote Link to comment Share on other sites More sharing options...
itman 1,746 Posted June 20 Share Posted June 20 (edited) To date. I have never seen a forum posting in regards to a Ransomware Shield detection as noted below; Quote ESET Ransomware Shield ESET Ransomware Shield monitors and evaluates executed applications using behavioral heuristics It is designed to detect and block behavior that resembles ransomware The technology is activated by default If ESET Ransomware Shield is triggered by a suspicious action, then the user will be prompted to approve/deny a blocking action. Furthermore, the dialog window allows the user to submit the suspicious application for analysis – or exclude it from future detection. https://www.eset.com/fileadmin/ESET/INT/Docs/Others/eset-vs-crypto-ransomware.PDF Edited June 20 by itman Quote Link to comment Share on other sites More sharing options...
QuickSilverST250 0 Posted July 9 Author Share Posted July 9 Hi, when doing testing there are no exclusions made for testing. We will be doing new test with latest samples so if anything, interesting happens i will let you guys know. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.