- Sep 12, 2015
- 617
I haven't had any issue with updating Emsisoft or Windows Update.
Are you using the latest beta EIS?
I haven't had any issue with updating Emsisoft or Windows Update.
Does CIS default settings protects against the mentioned script?Sandboxie... I have to test, but I would think it would - but only if properly configured. Sounds familiar, right ?
With Sandboxie there is a lot of configuration possible... like Comodo. So I would be surprised if advanced configured "Secure" box did not protect.
I have to find script sample again... I lost it... Hee, hee...
IF there is bypass, of course I would let SBIE know about it by giving Invincea the script. Whether they can, or will, fix it is an entirely different matter.
Default Sandboxie box, I think, will not protect...
Does CIS default settings protects against the mentioned script?
Ok...got it.Comodo detects it as malicious.
If deactivate Comodo antivirus module, script will run in sandbox. It will delete Download folder contents... unless you add that folder to Protected Objects or virtualize the Download directory.
So, basically, yes...
I think anyone would want to know if something is attempting to delete the entire disk Lol. Who's worried about a false positive in that scenario. If the user really is trying to wipe their disk they can always just allow the action when prompted. They can even shut the protection down if needed.EAM\EIS is not anti-executable like AppGuard, NoVirus Thanks Exe Radar Pro or VooDooShield.
If a malicious script triggers the Behavior Blocker, then it will generate an alert. So, in other words, unless a file does something covered by the BB, EAM\EIS will not alert. I have submitted a really nasty WinKill script to Emsi that deletes the entire disk. The reply was they can't do anything about that (since there are valid scripts that perform deletions...). It is new feature, so let 'em figure it out...
I think anyone would want to know if something is attempting to delete the entire disk Lol. Who's worried about a false positive in that scenario. If the user really is trying to wipe their disk they can always just allow the action when prompted. They can even shut the protection down if needed.