Defensewall and malware

Discussion in 'other anti-malware software' started by curious george, Jun 8, 2009.

Thread Status:
Not open for further replies.
  1. curious george

    curious george Registered Member

    Jun 24, 2007
    Alright, so i've been messing around with this Copy.exe host.exe and this autorun thats sometimes created with a bunch of anti malware software. I thought i could match this up with Defensewall, and even though its running as untrusted, the app still seems to spread.

    Any ideas or settings i should try?
  2. LagerX

    LagerX Registered Member

    Apr 16, 2008
    Have you tried Stop attack after you have executed these malwares?

    Hmm yeah...kinda strange it is spreading.
  3. Ilya Rabinovich

    Ilya Rabinovich Developer

    Sep 13, 2005
    If you mean new malicious processes and files- just stop them with the "Stop attack" button. Files can be removed manually with the "File and registry tracks" (rollback) dialog if you really understand what is what.
  4. Saraceno

    Saraceno Registered Member

    Mar 24, 2008
    As Ilya said, just go to 'file and registry tracks', highlight all the files created by that process (you'll see the folder path/extension name listed, and a list of times a file/folder/registry key was created), and then 'delete'.

    You can hold shift key to select many files, or the control key to select individual files.

    File and registry tracks even show you the 'time' files were created. Just remember to 'allow' any files you want to keep such as documents or program installation files etc (be sure to check the file location and time created).

    Last edited: Jun 9, 2009
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.