Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

IS it normal this behavior of W10Privacy?


  • Please log in to reply
3 replies to this topic

#1 xspeed

xspeed

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 08 November 2016 - 03:24 PM

I am not very sure if this happened also when I opened it without "Run as administrator"
 
But as soon as I "Run as administrator" ESET HIPS:
 
Application;Operation;Target;Action;Rule;Additional information
C:\Windows\System32\consent.exe;Modify startup settings;HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run\internat.exe;allowed;Automatic mode;
 
 
Application;Operation;Target;Action;Rule;Additional information
C:\Windows\System32\services.exe;Modify startup settings;HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TrustedInstaller\Start;allowed;Automatic mode;
 
 
Can anyone say please that this is normal?
 
Thank you.


BC AdBot (Login to Remove)

 


#2 shelf life

shelf life

  • Malware Response Team
  • 2,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:07:36 AM

Posted 08 November 2016 - 04:54 PM

Its normal for HIPS based software, asking you as a popup to either allow or not allow a change. Those are legit Window .exe.

Are you referring to the W10Privacy software that one can install to help control W10 telemetry?  If so then allow the change.


How Can I Reduce My Risk to Malware?


#3 xspeed

xspeed
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:01:36 PM

Posted 09 November 2016 - 12:25 AM

Thank you shelf life,

 

Are you referring to the W10Privacy software that one can install to help control W10 telemetry?

 

 

Yes please.

 

Can someone tell please if it is a risk considering:

 

https://virustotal.com/en/file/f02239a3637eec4fac4636c7fc045a3cd81a6389cefee06547c0f03e0aec3485/analysis/1478668924/

 

File name: W10Privacy.exe

 

Antiy-AVL               - Trojan/Generic.ASVCS3S.1E5

Bkav                       - W32.HfsAtITPSINF.7D4E

ClamAV                  - Win.Trojan.Philadelphia-1

Invincea                  - trojandropper.autoit.rebhip.a

 

Regards.


Edited by xspeed, 09 November 2016 - 12:27 AM.


#4 shelf life

shelf life

  • Malware Response Team
  • 2,653 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:@localhost
  • Local time:07:36 AM

Posted 09 November 2016 - 05:03 PM

I use W10 Privacy myself on several W10 machines.

http://www.winprivacy.de/english-home/


How Can I Reduce My Risk to Malware?





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users