Jump to content

Maniak2000

Member
  • Content Count

    8
  • Joined

  • Last visited

Community Reputation

1 Neutral

About Maniak2000

  • Rank
    New Member

Contact Methods

  • ICQ
    62822741
  • Skype
    maniak2000

Profile Information

  • Gender
    Male

Recent Profile Visitors

1941 profile views
  1. 1) As I understand, anti-malware network is a reputation \ analysis system that identifies unknown files as safe or not safe, is this correct? 2) If an unknown file is detected by EIS, do I need to send it somewhere, or is it sent automatically? 3) How much time is needed usually \ at most to analyze an unknown file (For example, usually it takes few hours, but rarely takes more then 2 days)?
  2. Why do I have a bunch of programs with "Behaviour Blocker = All allowed, Firewall in = custom, Firewall out = All alllowed" rule set? Are they trusted programs? If so, why are they in the list (aren't they supposed to be hidden from the list)? If they aren't trusted, why "Behaviour Blocker = All allowed" rule is there? It's a bit confusing.
  3. On default settings 1) For unknown programs rule "Behaviour Blocker = custom, Firewall in = custom, Firewall out = All alllowed" is created, and for trusted programs rule "Behaviour Blocker = All alllowed, Firewall in = All alllowed, Firewall out = All alllowed" is created, is that correct? 2) Are application rules self-clean (meaning rule is deleted if the program doesn't exist anymore)? If not, wouldn't large amount of "dead" rules slow things down? 3) If the unknown program is started (and rule for unknown programs is created) but after a while the program is declared
  4. Yes, most programmers probably know what "Register a debugger in the system" is, but I assume most of your user base are not programmers, and throwing this terminology without some sort of description is confusing. I'm not asking to explain how EXACTLY it works, I understand that detailed explanations will probably help malware creators, but I ask you to provide some sort of info on these alerts. I mean these descriptions you gave me are pretty good, at least now I have a general idea of what these 2 alerts mean, why not include descriptions like that in the program? If they'r
  5. Can I use ip and \ or port ranges in firewall \ application rules? If yes, how exactly? Will this work: ip 192.168.1.6 - 192.168.1.20 and port 12547 - 12560? If no, will this feature be added?
  6. As to not create another topic, I'll ask here. What behavior alerts mean exactly? I mean some of them pretty self explanitory, like "Backdoor related activity", "Spyware related activity", others not so much like "Access disk seсtors directly" "Register a debugger in the system". I mean if I get an alert "Access disk seсtors directly" what should I do? Do programs usually do that? or Not? Also some alerts are yellow and some red, I assume red ones are almost certainly malware, while yellow ones might be ok? Is there a detailed explanation of these alerts somewhere
  7. Hello, I'm currently using trial version of Emsisoft internet security, and I'm liking it so far, but I would like some help with behavior blocker, and I also have some questions. So, I have this game on steam (actually it's more like 3 games in 1) and it uses launcher to let people choose which part to start. When I select any part, behavior blocker comes up with an alert "Program is attempting to manipulate another process" (red). Now since it is legit steam game, I select "Allow always", but this raises several questions \ possible suggestions. 1) Alert window (more
  8. Hello. I would like to get a bit more details about some alerts mamutu shows, can it be done? For example: Application is trying to inject code to other applications - What other application(s) exactly (path)? Program is editing (patching) other executable files - (again) what other executables exactly? Program is installing something invisibly - what exactly is it installing? (list of files?) Installation of services and drives - What services \ drivers are being installed exactly? Mofifying startup areas - What start-up area is being modified and what entry exactly is be
×
×
  • Create New...