Jump to content

EnjoyBoast

Members
  • Content Count

    5
  • Joined

  • Last visited

Kudos

  1. Upvote
    EnjoyBoast gave kudos to Marcos in Virus not detected   
    As long as the dll was recognized, the whole exe would be detected. Maybe you ran it before the detection was added at ~`2:20, maybe you have an older product that doesn't support streamed updates, maybe you had LiveGrid not working... The case and your cfg would need to be investigated in order to tell. What can we say 100% that after 2:10-2:30 users with streamed updates and LG enabled and working were 100% protected.
    This is how the detection would have looked like at that time:
    Log
    Scanned disks, folders and files: C:\test2\documento.exe
    C:\test2\documento.exe - Suspicious Object
    Number of scanned objects: 1
    Number of detections: 1
    And here is how ESET reacted with 2-month old modules:

    The malware was executed. When the injection itself was performed, AMSI scanner detected a malicious script...
    Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
    7/28/2019 4:06:06 PM;AMSI scanner;file;script;MSIL/Bladabindi.BC trojan;blocked;DESKTOP-5JIJ6V4\Admin;;AB122C106AC5DFA34C8168069E847F7F6DDDF550;

    And the malicious process was terminated:

    AMSI has been supported since Windows 8.1 so on older systems it's possible that the malware would have run with outdated modules.
  2. Upvote
    EnjoyBoast gave kudos to Marcos in Virus not detected   
    The file is an activator. Should not be detected as malware but as a hacktool application at most. Those who detect it as malware are wrong. We're not going to detect it for now since we are antimalware and not anti-cracking sw.

     
  3. Upvote
    EnjoyBoast gave kudos to Marcos in Virus not detected   
    Blacklisted more than 2 hours before you made the post (4:28 AM) round that time (2:20 AM) the detection was included in a streamed update:
    adelantado.dll - a variant of Win32/Injector.EHZT trojan

    Below is the evolution of detection. The start of the X axis is yesterday 20:06 CET, the end is today 5:44. Only detections at the start and end are known, the evolution in between is not. We can only tell that ESET has protected you since cca 2:20-2:30 AM, not taking into account features like AMS that might have detected it upon execution. On modern Windows systems (Windows 8.1, Windows 10), thanks to AMSI even users with outdated modules were protected as you can see in the test below.

  4. Upvote
    EnjoyBoast gave kudos to Marcos in Virus not detected   
    Since you continue ranting and personally attacking moderators which is against the forum rules and ignore the proof above that ESET protected our users even with outdated modules unlike many other AV vendors, we'll have to take an action.
  5. Upvote
    EnjoyBoast received kudos from foneil in Congratulations! Now works with 10.15   
    Cyber Security Pro 6.8.1.0 seems to run fine on macOS 10.15 Public Beta 8 (19A573a).
  6. Upvote
    EnjoyBoast gave kudos to Geremy in ESET Cyber Security Pro not working with MacOS 10.15   
    Hi,
    Impossible to setup ESET Cyber Security Pro  with the latest version of MacOS 10.15.
    Possible to have this issue fixed ?
    Any idea to setup ESET Cyber Security Pro ?
    Thanks, Geremy
  7. Upvote
    EnjoyBoast gave kudos to camelia in Select Scan Target   
    Hello,
    Why do I have a target called "VM' ? AND is part of macOS Mojave the folder .HFS+ Private Directory Data?
    Thanks
    Came


  8. Upvote
    EnjoyBoast gave kudos to zamar27 in VPN & Eset Firewall Setup   
    Many Windows VPN clients don't have own Firewall or Kill Switch. A VPN Client usually creates a virtual network adapter or MiniPort, which is used by the client instead of physical Ethernet or WiFi adapter, thus creating a separate "Network Connection" in Eset Firewall. Please advice how to best configure Eset Firewall in a way, that all traffic from the PC would pass only through VPN, and any other traffic outside VPN is blocked by Eset Firewall?
    Also, when VPN connection is temporarily interrupted, Eset Firewall should block all PC traffic on all adapters until the VPN connection is restored.
    Can you also explain whether Eset does Real Time Protection on traffic passing through the VPN virtual adapter? If yes, is it done after the traffic has passed the adapter and was decrypted by VPN Client?
  9. Upvote
    EnjoyBoast gave kudos to not2sure in Change in 10.14.5 kernel extension handling   
    I'm wondering whether Apple's new notarization was implemented starting in 10.14.5 Beta 2. Since installing that version of macOS, ESET Cyber Security Pro 6.7.555.0 has been displaying the message that, "System extensions needed by ESET Cyber Security Pro were blocked by macOS" and that I need to allow apps from ESET in System Preferences. However, when I go to System Preferences/Security & Privacy/General, it doesn't display a message asking to allow apps from ESET.
    I didn't have this issue with the same version of ESET Cyber Security Pro under 10.14.5 Beta 1.
    Additionally, the Console notes the following each time the ESET warning appears: "esets[273]: error[01110000]: ESET Daemon: Command kextload failed. 'com.eset.kext.esets-pfw' error:0x00". Note that the numbers in brackets vary.
    Disabling System Integrity Protection allows ESET Cyber Security Pro to run without a problem under 10.14.5 Beta 2; however, disabling SIP isn't a good idea in terms of system security.
    If notarization is the cause of the issue, then access to the internal ESET build that Peter Randziak mentions would be helpful.
    -- David
×
×
  • Create New...