Terry Ganzi

Level 24
Verified
Yup! That`s what I found(y)

Could you check out the HIPS component ichito and see if you can get them to work ?

Regards Eck:giggle:
Depends on how you configure it, but hips work. On default settings i'm not sure because i run no Av in default settings.
In testing it works. (hips)
Configure it correct and then run stuff and check logs, hips stop stuff and ask for permission to accept or deny stuff.
 
Last edited:

Behold Eck

Level 11
Verified
Depends on how you configure it, but hips work. On default settings i'm not sure because i run no Av in default settings.
In testing it works. (hips)
Configure it correct and then run stuff and check logs hips stop stuff and ask for permission to accept or deny stuff.
I thought on default that at least .exe would be queried ?
If you wrote your own custom rules, remember to enable this button on Protection. :)
View attachment 212098
Thanks Jerry I will give this a go when I have the time to.(y)
 
Last edited:

Sunshine-boy

Level 27
Verified
Hi Eck how are you? i made some rules and combined them with Chinese user(they have some smart and knowledgeable users) rules.
The hips don't have memory protection, hook protection and ... but 100% free+no adware+bb and signature+ very powerful FW. very good tool to combine with exploit guard(to get memory protection and such)
you can dl my custom rules from Yandex disk. after you dl go to advacned->costume rules and import it.
 
Last edited:

Behold Eck

Level 11
Verified
I`m fine Sunshine and how`s you ?

Yes this is a good find. Do I need Yandex browser to view the download ?

I take it the firewall bit is an add-on for windows firewall ?

Very good out bound control, sigs not too bad and it`s as light as a feather. Works on XP as well.

Thanks for the reply(y)

Regards Eck:giggle:
 
  • Like
Reactions: Sunshine-boy

tiktoshi

Level 4
Clean failed
Trojan/Generic!EFB4845FE2BE78F6
.exe
Signature: 2019-04-08 10:57
Started at: 2019-04-08 19:52
Duration: 00:00:06
Object(s): 154
File(s): 94
Threat(s): 1
Cleaned: 0

Virus Details


Path: C:\Users\xxxxxx\Desktop\2\2\2019-03-01-Emotet-binary-used-to-generate-infection-traffic.exe, Detection: Trojan/Generic!EFB4845FE2BE78F6, Detection ID: efb4845fe2be78f6, Result: Clean failed