-
Posts
44 -
Joined
-
Last visited
Posts posted by NOD
-
-
-
Windows 10 RS4 (64bit)
Chrome 68 (64bit)
ESET Internet Security 11.2.49All in the last version.
In addition, AdGuard is installed.
-
-
1 hour ago, Marcos said:
The detection is from 2012. Please run ELC, also select "Quarantined files" and generate a zip archive. When done, upload it to a safe location and pm me a download link.
The file does not exist in the Quarantine.
https://adsbypasser.github.io/releases/adsbypasser.full.es7.user.js
-
2 hours ago, User said:
JS/TrojanDownloader.Iframe.EY #1679
Problem is also reported on Github.
The problem exists if Adsbypasser is used together with Tampermonkey, Violentmonkey seems to be not affected.
Good information, thank you.
-
I use a user script called AdsBypasser.
However, using this script will detect 'JS/TrojanDownloader.Iframe.EY'.
Is the malware correct? -
ESET is excellent in adware detection.
https://www.mrg-effitas.com/wp-content/uploads/2017/08/MRG-Effitas-360-Assessment_2017_Q2_wm.pdf
-
6 hours ago, itman said:
For the hash given, what VirusTotal is detecting is the malicious .exe version as noted here: https://www.virustotal.com/en/file/8210ff8bf51fa99bf5feac2e5fa5c682b63ba6b963203f39467778beaec12094/analysis/
BTW - Eset does not detect the .exe.
Question is if any of the VT vendors listed would have detected the script version of the malware.
FYI - I have long ago created a HIPS rule to monitor cmd.exe execution.
Thank you.
I added the HISP rule right now. -
cmd /c rd /s /q c:\
One of the ESET users suffered damage.
-
-
Thanks for always giving me good information.
-
-
5 hours ago, itman said:
Assume this is a variant of this: hxxp://www.isthisfilesafe.com/sha1/D3B0B1F6473377C50D7C589B507849947C99824D_details.aspx
Eset detects it with the assumption DNA signature would detect the V2 variant: https://www.virustotal.com/en/file/4be41e98628bac3a332789b5b40661b1743689876660f8af171fc4f9f95c2e65/analysis/
Good information, thank you.
And the above video was removed by the developer, but I have a video.
I will send if necessary. -
I installed ESET on Windows RS1 and updated it to RS2.
Could this cause problems?
When the window is RS1. ESET version is 10.1.204.
We then updated to Windows RS2.
-
15 minutes ago, Marcos said:
Do you really mean Windows Defender or ESET?
Means Windows Defender.
You can not disable automatic sample submission of Windows Defender while ESET is installed.
We do not know if we are collecting actual samples.
-
I use ESET Internet Security.
However, you can not turn off Automatic sample submission in Windows Defender.
Is there a reason? Or is it an error? -
EternalBlue Vulnerability detection test video.
-
Is Internet Security products protected against this malware?
-
During initial installation, an error code appeared and was not activated.
(In Korea, we set the activation method to US or Japan and activate it.)
If reinstalled, it will be activated even if it is set to Korea.
This is a problem that only appears when you first activate.
-
That's why people give low ratings on the Google Play.
Android products.
-
1 hour ago, itman said:
I wouldn't be concerned about this malware unless you reside in South Korea. It's a targeted attack by North Korea against South Korean interests. Also MW Word, etc. only supports the 1997 ver. of HWP attachments. Any newer vers. of HWP are not supported:
Note: Microsoft Office, OpenOffice, and LibreOffice can open HWP files only if they were created with Hangul '97 - newer versions of the .HWP file cannot be opened with these applications.
I agree.
This malicious code is a malicious code to attack Korea. However, ESET is a global group. ESET is doing business in Korea. If so, HWP malware should be analyzed and detected.And Korea is using Hangul products in addition to MS Office. So HWP file protection is required. If you do not protect it, Koreans will not use ESET products. I want ESET to be the most famous antivirus product in Korea. So this is to write this article.
-
Exploit.HWP.Agent
This malware was found in December 2014, and recently re-scanned, but not detected.
-
Is ESET detecting malware below?
https://www.threatminer.org/av.php?q=Exploit.HWP.BodyText.ParaText.Gen
This is the malware of this format.
hxxp://www.hancom.com/global/product/productWindowsMain.do?gnb0=3&gnb1=4
-
3 minutes ago, Marcos said:
The module was not released as a response to that article The code handling cryptography had been part of the Internet protection module for ages until we decided to make it a separate module for easier updating.
thank you for the quick reply.
Phishing site is not blocked.
in ESET Internet Security & ESET Smart Security Premium
Posted
If you use the browser below, it will not be blocked.
No problem with other browsers.
https://brave.com/
https://www.amtso.org/check-desktop-phishing-page/
And does ESET support TLS 1.3?
Brave browsers support TLS 1.3
I don't know if there's any difference other than this.
https://www.cloudflare.com/ssl/encrypted-sni/