You can check the log file, and it will show the CBT was active for an incremental
But like always how many machines will ever see a HIPS
Actually Appguard does just as good a job, and this MZwritescanner, stops most of it before Appguard can react.
Okay, that makes sense, but also makes the feature next to useless to me, as I will almost always have a restart between a full and differential....
is there anything really new, or just new expiration
Oh one other thing. CBT works fine on incrementals, but not on differentials. Wonder if the marketing types got carried away
I've already done several restores under v7. No issues at all. One thing that was interesting, is I didn't remove the CBT driver from V6....
Again Jeff thanks. I disabled eventwvr and haven't seen any ill effect
Thanks Jeff
Any thoughts about protecting .net exe's?
Keep an eye on that. The last update turned it off.
I don't care about detections. As long as there is a dropper I am covered.
Did an upgrade today on one win 7 machine. It was a perfect install, perfect RE creation. Tested two incrementals and a differenctial...
Please do keep it as simple as the current version.
It is for me on 3 machines and a VM
Yes indeed.
That was a good read. Tell me if I read correctly, that initially there is a small file drop on your system
Yep I just got 1405. Your lucky day yes, theirs, clearly no. :)
There should be a new update 1404. I've already got it.
Apparently the problem was a false positive in the website database, and has been fixed. I've now got 1403 and all is quiet.
From what I've seen any of the anti's (ransomware,keyloggers etc) are on your system and the anti reacts, it's too late. You have to stopped...
Slight bias in that video. Not that I disagree, but there are no true plain Antivirus software anymore.
I downloaded from the link and it said 3.53, but installed it said 3.52 and then told me there was an update available. I let it update and now...
Applications that protect memory are going to be more critical then ever.
using latest beta here... no issues at all.
Separate names with a comma.
