Jump to content

Recommended Posts

  • Administrators
Posted

We would need advanced logs mentioned earlier in this thread that would include data from the time of creation of the file until it runs undetected. I can't seem to run the Phobos file undetected:

image.png

Posted
5 minutes ago, Marcos said:

I can't seem to run the Phobos file undetected:

Same here. Hence my question to the OP if he somehow inadvertently blocked Eset real-time scanning of it. If he did so, the file would've executed unimpeded.

You could test likewise and see if the Ransomware Shield stops the encryption.

Posted (edited)

To date. I have never seen a forum posting in regards to a Ransomware Shield detection as noted below;

Quote

ESET Ransomware Shield

ESET Ransomware Shield monitors and evaluates executed applications using behavioral heuristics It is designed to detect and block behavior that resembles ransomware The technology is activated by default If ESET Ransomware Shield is triggered by a suspicious action, then the user will be prompted to approve/deny a blocking action.

Eset_Ransomware.png.dedc7a09ca11b61f8d610415a06eba80.png

Furthermore, the dialog window allows the user to submit the suspicious application for analysis – or exclude it from future detection.

https://www.eset.com/fileadmin/ESET/INT/Docs/Others/eset-vs-crypto-ransomware.PDF

Edited by itman
  • 3 weeks later...
Posted

Hi, when doing testing there are no exclusions made for testing. We will be doing new test with latest samples so if anything, interesting happens i will let you guys know.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...