Jump to content

Peter2150

Member
  • Posts

    591
  • Joined

  • Last visited

  • Days Won

    18

Everything posted by Peter2150

  1. Arthur I am going assume you were tired when you wrote that. Other wise it is beyond lame. I block one or two windows processes and also two Quickbooks processes. By that logic I shoudn't run them? But here's the real problem, and I will test this weekend. If the new beta BB isn't blocking based on the always block rule that is catastrophic. If that rule doesn't work how can I trust the BB at all?
  2. Well I am going to retract my statement that this update was smooth. Far from it. Last night when I saw the initial updates, I noticed one app in particular generated BB alerts. What wasn't right was that clicking on allow always didn't stop the alerts. In case of the desktop it took almost 5 attempts and then finally it took. This morning I let the work machine update, and saw the same thing except I couldn't get it to stop alerting, so finally I rolled that machine back to stable. I've noticed this evening some funny stuff on the machine still having the beta one it, and I've just noticed some flaky behavior. I won't have time to do logs or do any trouble shooting, until I get past my Jury duty stuff. In fact I've rolled back the machine to stable. Just can't afford issues while I might be gone. When I am by this Jury duty thing I'll get back at and get some logs.
  3. One VM and one desktop updated today. Both updates went fine. So far so good.
  4. Guys a couple of important points. 1. THIS IS A BIGGIE. That zip file is live malware. If you don't know what you are doing. DON'T MESS WITH IT. 2. In terms of dealing with this malware a couple of things. The BB may not be perfect, and the File Guard may not be perfect but together they can be a formidable defense. When I tested this file upon extracting them all 4 pieces of malware were immediately quarantined by the File Guard. So you were protected. But there is also a third thing you can do and it totally nails the coffin. Most users have no use for powershell other than potentially getting infected so do this: 1 Go to the Protection tab>Application Rules. You are going to create 4 new rules as follows. a) select c:\windows\system32\WindowsPowershell\v1.0\Powershell.exe set it to always block b) Do the same thing for powershell_ise.exe Then repeat a and b but with c:\windowss\syswow64\windowspowershell\v1.0 and the same two exe's Then you can relax about powershell
  5. I just tested with my VPN which is NordVPN. I live in Wash DC so I first tested on a local server. Updated no problem. THen I switched and connected to a server in Brazil and waited a bit. Did another update and it went fine. My conclusion is there no inherent problem
  6. All of my machines updated to the latests beta with no issues. Tested this beta against Goldeneye. EIS handled it very well.
  7. Curiosity Question. What happens if instead of putting the computer to sleep, you turn shut it down and turn off power. I've never found putting a computer saved me much time. Pete
  8. Thanks Frank. Clearly last night I was typing impaired
  9. Both Desktops auto updated. So far so good
  10. Does adguard use the WFP firewall driver? If so that could be the issue
  11. You might want to remove 709/710 and try the new 603 beta. I ran into a strange conflict with the 700 series not at all related to EIS, but a backup program. 603 is fine.
  12. Just so folks know it's pretty darn good protection. In my malware testing, to test other products I generally have to disable EAM/EIS or the malware is stopped cold first.
  13. Occasionally conflicts have cropped up, but between you and the SBIE folks they have been resolved. People feel very strongly about SBIE. I know if I install a product and there is a conflict and clearly it is the product and not SBIE, that product is gone. SBIE is unique!!
  14. Hi Arthur I've been running both Sandboxie and ShadowDefender since long before Emsisoft. Never had the slightest issue. Both on Win 7 and Win 10 CU Pete
  15. Two machines just auto updated to this new buiid No issues at this point.
  16. Hi Jeremy Good assumption. I test a lot of malware and I keep that totally in a VM. It's snapshot ability is a joy to work with. Only way you can even format a drive and restore a snapshot and you are back. And yes you are right about SD. It just removes all traces of what was done, and yet gives you the ability to keep something if you really need to. Pete
  17. It does a fantastic job. I was asked to confirm a Ransware leak on another program and couldn't do it in a VM, so I Shadowed all 3 of my internal drives with Shadow Defender, and let this nasty go. It encrypted a lot of stuff on all 3 drives. I exited it out with a reboot, and bingo, a clean system. I've even tested Goldeneye against it. SD protects the mbr, so when it ran, once Golden Eye forced a reboot it should have been game over. In stead the reboot took SD out of Shadow Mode and bingo clean system.
  18. Hi Jeremy Don't feel bad, we've all done that. It was obvious to me as I was looking for the answer. Pete
  19. You are going to laugh. Go to the top of this page and you will see blog. Click on that.
  20. I'd also like to know assuming it hasn't already been done. Never mind. The whole question is discussed in the blog. cma6 you are covered. Pete
  21. I"ve never seen this either whether I shadow just c: or all the drives.
  22. Yep, I have modified my setup to take that into account. Dropped MBAM 3. Also I am familiar with those typo gremlins. Seems our fingers betray us at time.
  23. Hi Kevin It may not be compatible with other similiar security suites, But for sure EIS is compatible with quite a bit of other security software
  24. Nope. When I checked the other computer the desktop was normal and it had the latest update. On this computer i was working in the VM and that once ERP asked me to allow the new version, but when I checked the desktop on the host it was there.
×
×
  • Create New...