Does my antivirus product detect the Dyreza malware?
Page 1 / 1
Hi flanners63
Welcome to the Community Forums.
The answer is 'Yes' & 'No' due to the way that WSA works. Let me explain.
This is a fairly new threat as far as I can see...and at some point it will have been completely new, i.e., never seen. Should it arrive on your system at that point and go active, i.e., try to do its nasty business then WSA would intecept it, check if it is known & good or bad...but if unknown it would set it to be 'Monitored' & it's activities severely restricted & journalled/recorded, by WSA. As and when, in this case, WSA identifies it (the Cloud has been updated with information to that effect that can be matched to what WSA is seeing on your system) and that is in fact bad, WSA will 'Block' it and then using the information from the journal it will rollback what the file has done.
That is the 'No' answer...surpringly, i.e., it has not specifically detect the Dyreza malware but has detected something that it does not know is NOT the the Dyreza malware...if you follow me.
The 'Yes' is that when the Cloud has been updated with the characteristics of the Dyreza malware then after that as and when it tries to go active on your system WSA will instantly jump in and 'Block' it then remove it to Quarantine, etc.
So...as you can see if yo follow my haphazard answer...;)...you are covered eitherway...and that is the beauty of WSA.
Hope that answers the question...but if not or if you have further questions, please post back.
Regards, Baldrick
Regards, Baldrick
Welcome to the Community Forums.
The answer is 'Yes' & 'No' due to the way that WSA works. Let me explain.
This is a fairly new threat as far as I can see...and at some point it will have been completely new, i.e., never seen. Should it arrive on your system at that point and go active, i.e., try to do its nasty business then WSA would intecept it, check if it is known & good or bad...but if unknown it would set it to be 'Monitored' & it's activities severely restricted & journalled/recorded, by WSA. As and when, in this case, WSA identifies it (the Cloud has been updated with information to that effect that can be matched to what WSA is seeing on your system) and that is in fact bad, WSA will 'Block' it and then using the information from the journal it will rollback what the file has done.
That is the 'No' answer...surpringly, i.e., it has not specifically detect the Dyreza malware but has detected something that it does not know is NOT the the Dyreza malware...if you follow me.
The 'Yes' is that when the Cloud has been updated with the characteristics of the Dyreza malware then after that as and when it tries to go active on your system WSA will instantly jump in and 'Block' it then remove it to Quarantine, etc.
So...as you can see if yo follow my haphazard answer...;)...you are covered eitherway...and that is the beauty of WSA.
Hope that answers the question...but if not or if you have further questions, please post back.
Regards, Baldrick
Regards, Baldrick
@ wrote:
Hi flanners63
Welcome to the Community Forums.
The answer is 'Yes' & 'No' due to the way that WSA works. Let me explain.
Regards, Baldrick
:)
Hi David
Apologies for that...I was typing and managed to not only delete what I was typing but also end up posting what you originally saw which meant that I could not access the Auotsaved version...it was gone...Grrrrrrrrrrr...so I had to start again. Thought about deleting the forshortened post but in the end just got back into the response...et voila...as I said...apologies...the joys of trying to contribute from a tablet...LOL :$
Regards, Baldrick
Apologies for that...I was typing and managed to not only delete what I was typing but also end up posting what you originally saw which meant that I could not access the Auotsaved version...it was gone...Grrrrrrrrrrr...so I had to start again. Thought about deleting the forshortened post but in the end just got back into the response...et voila...as I said...apologies...the joys of trying to contribute from a tablet...LOL :$
Regards, Baldrick
It is not often I catch you in a mis-post, though I do it often enough myself. I HAD to grab the chance while I had it to rub it in before you edited LOL!@ wrote:
Hi David
Apologies for that...I was typing and managed to not only delete what I was typing but also end up posting what you originally saw which meant that I could not access the Auotsaved version...it was gone...Grrrrrrrrrrr...so I had to start again. Thought about deleting the forshortened post but in the end just got back into the response...et voila...as I said...apologies...the joys of trying to contribute from a tablet...LOL :$
Regards, Baldrick
Well, David...you are entitled...and as a result all I can say to that is: http://www.forumsextreme.com/images3/sSig_rofl.gif...one has got to get them in when one has the chance, eh?
And I fully expect you to exact your revenge when you get the chance.... that goes with the territory 🙂@ wrote:
Well, David...you are entitled...and as a result all I can say to that is: http://www.forumsextreme.com/images3/sSig_rofl.gif...one has got to get them in when one has the chance, eh?
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.