-
Posts
35 -
Joined
-
Last visited
-
Days Won
1
Kudos
-
mallard65 gave kudos to itman in Trojan:Win32/Accessibility Escalation.A on my PC
Based on Microsoft write up here: https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=Trojan:Win32/AccessibilityEscalation.A&ThreatID=-2147238315 , Microsoft Defender should have removed the malware.
Also this is an old detection dating to 2018.
-
mallard65 gave kudos to Marcos in how many offline license can i use, and it is legal ?
You are supposed to use your license in accordance with EULA.
-
mallard65 gave kudos to Marcos in Protected before splash-screen?
It's the ekrn.exe service which protects you from malware. Gui starts a bit later when ekrn is already running.
-
mallard65 gave kudos to NewbyUser in Issues with ESET during Windows 10 updates and restore points.
Same here. Windows restore is not compatible with Eset products here either.
-
mallard65 gave kudos to itman in Issues with ESET during Windows 10 updates and restore points.
I will note the issue was not fixed in Win 10. A system restore from normal Win 10 operating mode will fail every time.
-
mallard65 gave kudos to itman in What is your experience with aggressive detection ?
Kaspersky is one example and it has proven quite effective against 0-day ransomware. By coupling ransomware behavior monitoring with system snapshot taking, Kaspersky is capable of restoring all files encrypted by ransomware.
Also, Kaspersky is not 100% bulletproof in this regard. I have seen a few ransomware that have bypassed its protections. However, they are a very rare occurrence.
It should be additionally noted that it appears Kaspersky has "worked out the kinks" in regards to previous versions system performance impact issues in regards to its system snapshot processing. System snapshot also gives Kaspersky the capability to "rollback" system modifications done by malware. Of note and in reference to postings in the forum Malware section, Eset might detect malware upon execution. However it is powerless to remove system changes performed by the malware prior to discovery. Those changes have to be manually removed.
-
mallard65 gave kudos to Marcos in Error in 15.0.16.0
Since no update problems have been reported with v15, it must be a specific issue in your environment. Therefore I'd recommend raising a support ticket with your local ESET distributor since further troubleshooting will be needed, possibly they will also need to arrange a remote session with you.
We kindly ask you not to blame ESET staff and developers for issues, especially for those that have not been investigated yet. Also please be so kind and use a polite tone in discussions in this public forum. ESET cannot be responsible for connectivity issues between your computer and ISP or between the particular ISP and ESET's servers.
-
mallard65 gave kudos to ForceRecon in Numbers Above License Box - MyEset
Just curious if someone could tell me what these numbers mean? Thanks!
-
mallard65 gave kudos to itman in Dropbox and self-updater constantly changing directory name triggers firewall in interactive mode to approve connection
Again, your missing the point. An app being signed does not guaranty that it is not malware. Numerous signed malware instances have been documented.
-
mallard65 gave kudos to itman in New trojan not detected by Eset
At far as VT detections go, note the following which has been mentioned multiple times in this forum.
Most AV products installed there do not have all their protection mechanisms enabled. Overall, VT is primarily employing static detection methods in the products used; i.e. signature detection.
Therefore just because a given product doesn't detect a malware sample at VT, does not imply the product won't detect when installed on a device.
-
mallard65 gave kudos to Marcos in New trojan not detected by Eset
I was talking about the malicious payload which is dropped. The dropper will be detected as well: Win32/Injector.Autoit.FKM.
-
mallard65 gave kudos to Marcos in New trojan not detected by Eset
Not true, detected since Feb 2020 :
windo_137178474.exe » INNO » {app}\quis\Dolorem.exe - a variant of Win32/Kryptik.HAYM trojan
windo_137178474.exe » INNO » script_decompiled.pas - Win32/CrthRazy.R trojan
The other file is digitally signed, no detection at VT:
https://www.virustotal.com/gui/file/421fd3c8957b4cd16c7edbd49c046ef384dca0dfc81c94e1e397cb28afe2293b/detection
-
mallard65 gave kudos to Marcos in SSL Blocking Website
The certificate was indeed revoked:
https://www.ssllabs.com/ssltest/analyze.html?d=www.itravelhero.com
Revocation status Revoked INSECURE
Mechanism Provider Status Revocation Date Last Observed in CRL Last Checked (Error) OCSP The CA Revoked (cessationOfOperation) 2020-11-27 10:06:34 UTC n/a 2021-01-22 13:33:51 UTC CRL The CA Revoked (cessationOfOperation) 2020-11-27 10:06:34 UTC 2021-01-22 12:39:42 UTC 2021-01-22 13:33:47 UTC -
-
mallard65 gave kudos to Marcos in Installing ESET on my smart phone
Due to the design of iOS antivirus programs for Iphone do not exist.
-
mallard65 gave kudos to Marcos in Installing ESET on my smart phone
No company provides a true antivirus for iOS due to the design of the OS.
-
mallard65 gave kudos to Marcos in latest ESET contacting 72.21.81.200
It's not possible to disable updates completely, only program updates can be disabled in the advanced setup (not recommended). There are other triggers for module updates than Scheduler. Keeping modules up to date is crucial for protecting your machine from newly emerging threats.
-
mallard65 gave kudos to Marcos in Suspecting Malware attack in my phone
If the phone is not rooted applications should not have sufficient permissions to remove other applications.
-
mallard65 gave kudos to Marcos in ESET Internet Security 14 version release date
Yes, v14 is going to be released later this year. It will be announced here as well as via other marketing channels.
-
mallard65 gave kudos to Marcos in Error ACT. 33 for new key activation
The Russian website is legitimate but they may sell licenses only within their region. If you provide me with the license public ID, I can check details of it.
-
mallard65 gave kudos to Marcos in Error ACT. 33 for new key activation
You seem to be from Italy but purchasing from Russia. ACT.33 means country restriction. I'd ask for a refund and buy in Europe from an authorized reseller or directly from ESET's store.
-
mallard65 gave kudos to URBAN0 in New User Interface Change Needed
There is absolutely no reason to change anything about GUI, Its simple, yet elegant and easy to navigate and if that's your only gripe, your in good hands😉
-
mallard65 gave kudos to Marcos in ESET and Windows 10 21H1
The latest ESET's products (v13.2 and Endpoint 7.3) are compatible with Windows 10 21H1. There should be no difference in performance after upgrade to Windows 10 21H1.
-
mallard65 gave kudos to Marcos in Real-time protection not funtional
Couldn't it be that you made a fresh installation of an old Endpoint? In such case issues would be expected. Please always use the latest installers from ESET's website.
-
mallard65 gave kudos to Marcos in Deleting Ransomware Notes
Making the ransomware note undetected was already considered and pros substantially outweighted cons.