March 2021 | Samples Pack | Static Detection | Dynamic Detection | Total Detection | System files encrypted | 2nd_opinion scanners result (NPE + HMP) inactive remnants will also lead to "infected" | System final status br = before reboot ar = after reboot within SD environment reboot = logout |
|---|---|---|---|---|---|---|---|
01/03/2021 | 2 | 0 | 2 | 2 | no | clean | clean |
02/03/2021 | 2 | 0 | 2 | 2 | no | infected | not clean |
04/03/2021 | 2 | 0 | 2 | 2 | no | clean | clean |
05/03/2021 | 11 | 4 | 6 | 10 | no | infected | infected (br) / not clean (ar) |
06/03/2021 | 2 | 0 | 1 | 1 | no | clean | protected |
08/03/2021 | 3 | 3 | 0 | 3 | no / yes, some (bonus dynamic test with RTP off) | infected | infected |
09/03/2021 | 3 | 0 | 3 | 3 | no | clean | infected (br) / protected (ar) |
10/03/2021 | 1 | 0 | 1 | 1 | no | clean | infected (br) / protected (ar) |
11/03/2021 | 2 | 1 | 1 | 2 | no / yes, some (bonus dynamic test with RTP off) | clean | infected (br) / protected (ar) |
12/03/2021 | 10 | 4 | 6 | 10 | no | infected | infected (br) / not clean (ar) |
13/03/2021 | 3 | 1 | 1 | 2 | yes, some (8) / Bonus dynamic test with RTP off: 26 | infected | infected |
14/03/2021 | 1 | 1 | 0 | 1 | no / Bonus dynamic test with RTP off: yes, some | clean / infected (bonus dynamic test with RTP off) | clean / infected (bonus dynamic test with RTP off) |
14/03/2021 | 1 | 1 | 0 | 1 | no / Bonus dynamic test with RTP off: yes, 15 | clean | clean / infected (bonus dynamic test with RTP off) |
16/03/2021 | 2 | 0 | 1 | 1 | no | clean | protected |
17/03/2021 | 3 | 0 | 2 | 2 | no | clean | infected (br) / not clean (ar) |
18/03/2021 | 6 | 3 | 3 | 6 | no | clean | not clean |
19/03/2021 | 5 | 3 | 0 | 3 | yes | infected | infected |
20/03/2021 | 5 | 1 | 2 | 3 | rather wiped (explicit user input needed!) | infected | infected |
23/03/2021 | 3 | 0 | 3 | 3 | no | clean | infected (br) / not clean (ar) |
25/03/2021 | 5 | 3 | 2 | 5 | no | clean | protected |
26/03/2021 | 1 | 1 | 1 | 1 | no | clean | clean |
27/03/2021 | 0 | 1 | 1 | 1 | no | infected | infected (br) / not clean (ar) |
29/03/2021 | 15 | 8 | 5 | 13 | no | clean | infected (br) / not clean (ar) |
29/03/2021 | 1 | 0 | 1 | 1 | no | clean | clean |
30/03/2021 | 3 | 1 | 1 | 2 | no | clean | infected (br) / not clean (ar) |
31/03/2021 | 13 | 6 | 6 | 12 | no | clean | infected (br) / not clean (ar) |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
Action on threat detection: clean (instead of ask)
Behavior Based Detection: Enable Ransomware Trapping
HIPS: File / Registry / Sensitive action: all possible rules enabled (default action is still "ask")
HIPS: Enable Network Access Control (kinda outbound Firewall, colour indicator green and orange - safe or not)
HIPS: Webcam Protection: uncheck "Permit programs with a valid digital signature" and "Permit system core programs"
Installation Detection: Automatically block recognized installations of unlisted softwares
Firewall: Lateral Movement Protection - Remote MMC and Remote WMI also on
Network Access Control on (=two-way Firewall)
Advanced: Enable custom rules
Imported custom rules shared by user JerryLin - v4.24_1 - Update - Huorong Internet Security (Stable)
Behavior Based Detection: Enable Ransomware Trapping
HIPS: File / Registry / Sensitive action: all possible rules enabled (default action is still "ask")
HIPS: Enable Network Access Control (kinda outbound Firewall, colour indicator green and orange - safe or not)
HIPS: Webcam Protection: uncheck "Permit programs with a valid digital signature" and "Permit system core programs"
Installation Detection: Automatically block recognized installations of unlisted softwares
Firewall: Lateral Movement Protection - Remote MMC and Remote WMI also on
Network Access Control on (=two-way Firewall)
Advanced: Enable custom rules
Imported custom rules shared by user JerryLin - v4.24_1 - Update - Huorong Internet Security (Stable)
Last edited:
