fax

Member
  • Content count

    50
  • Joined

  • Last visited

  • Days Won

    1

fax last won the day on November 26 2015

fax had the most liked content!

Community Reputation

1 Neutral

About fax

  • Rank
    Active Member

Profile Information

  • Gender
    Not Telling
  1. Thanks GT500, make sense. I see that ZAfree installers cointain indeed PUP code (fusioncore). So, you can't simply whitelist as it will be across all signed applications. A pity as all the ZA/Checkpoint retail packages don't have that code included. I will feedback the checkpoint developers about it but I guess this is more the fault of marketing people than the developers.
  2. Yes, it digitally signed, See screenshot. This must be due to the non specific logging which does not distinguish between user actions and EAM actions (Auto resolve). May be development could think of refine the logging capability to allow separating the two as this could be a common scenario, Thanks, Fax
  3. Go to Protection --> Surf Protection --> Malware Hosts .... and choose the desired behaviour (e.g. Block silently)
  4. Any chance to find a more permanent solution to EAM trying to kill checkpoint anti-ransomware (luckily the anti tampering in checkpoint blocks the attempts)? Whitelisting by digital certificate? 07/10/2017 14:36:28 1912 C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe Allowed by rule Behavior.TrojanDownloader 07/10/2017 13:01:25 8332 C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe Quarantined by user Behavior.HiddenInstallation The file is digitally signed by Checkpoint Security. As it updates often the only way I found is to add it to the exclusion list. I have contacted support in the past to whitelist but at every new version the problem re-appear. Thanks, Fax
  5. Explained here: https://www.wilderssecurity.com/threads/zonealarm-firewall-release-is-15-159-17147.392124/#post-2655799 Main difference with ZAPRO: With ZAfree you can't open specific ports or create ad-hoc rules for apps.
  6. Possibly just due to Emsisoft updating to a new version. Normally this is just few seconds. Can you check if you still see Emsisoft tray icon in the taskbar. You may need to go in the taskbar to show it.
  7. Offline mode

    In simple terms you cut off any internet/network connections. From the help file:
  8. Open EIS main GUI. Go to "Protection" tab and then: File Guard --> PUP Detection --> choose your preferred behaviour Surf Protection --> PUP Host --> choose your preferred behaviour
  9. Thanks! The false positive is triggered when you try to download the emsisoft installers. For example this link; https://www.emsisoft.com/en/software/internetsecurity/download/
  10. And here you have the Asus response... i.e. you are vulnerable I give up on my side. Cheers,
  11. Thank you on the details of the servers used. I have reported the false positive to ASUS, lets see what happens...
  12. Normally they direct users to TrendMicro but I have not contacted them. The fact is that I see no impact on EIS... was just for your information in case you see weird report on connectivity from users.
  13. Interesting, clearly a false positive by TrendMicro in Asus Routers. Tried to report to trend but the reporting interface does not recognise the URL as malicious.