Jump to content

BlueTalon

Members
  • Posts

    5
  • Joined

  • Last visited

Posts posted by BlueTalon

  1. I have hundreds of popups saying a threat (Trojan downloader) was found in a file that powershell tried to access. 

    ALrUJMQ.png

    The "file" link in the popup only contains the text "script" so that isn't of any use.

    I have run a scan with no detections.

    Log record:

    Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
    01-Feb-23 9:53:16 PM;AMSI scanner;file;script;PowerShell/TrojanDownloader.Agent.GHN trojan;blocked;<ComputerName>\<UserName>;;4701E8D5946643D4AFE68AE5786FE84335C95BA9;

    I ran diagnostics for a few minutes and stopped it shortly after the detection. Logs attached. I had to delete the 5 .pcapng files as these were ~100MB each and pushed the zip over the upload limit. Can attached individually if need be.

    Thanks

    Diagnostics.zip

  2. Is there any update on this? Still an issue. Eset spikes to ~30% cpu and locks my computer up on startup and when using chrome (when opening new tabs but not 100% reproducible). I'm using ESS 10.1.235.0

    I haven't used gamer mode in years as it causes issues.

    On 11/4/2017 at 2:41 PM, Marcos said:

    Please narrow it down by disabling the following protection features or settings, one at a time:

    - Web access protection in gui
    - Protocol filtering in the advanced setup
    - Advanced scanning of browser scripts in the advanced setup -> Web access protection setup
    - HIPS (a reboot will be required)
    - Automatic start of real-time protection (a reboot will be required)
    - Firewall.

    Not sure why the onus is on the user to locate what looks to be a common enough bug. I'd rather not leave these disabled when it is difficult to reproduce/test the problem. As eset is a premium product, the onus should be on the dev team to locate and fix this issue. My license is coming up soon for renewal and at this rate I'm considering switching after many years.

    Thanks

×
×
  • Create New...