Jump to content

Tetranitrocubane

Members
  • Content Count

    26
  • Joined

  • Last visited

Posts posted by Tetranitrocubane


  1. 12 minutes ago, Marcos said:

    All drivers are loaded and running fine, there doesn't seem to be any issue with the product. Otherwise the protection status would be red if there was an issue with loading drivers.

    By the way, where did you download ESET Log Collector from? It's an old version 3.2 which doesn't support v13+ products. The latest version is 4.0 with 4.1 to follow soon.

    I admit I used the copy I had on my hard drive already rather than download the newest one. I had it on hand from a previous troubleshooting attempt.

    If everything seems to be working, though, I guess I should just chalk it up to being a fluke? It certainly isn't red on the protection status at all.


  2. Hi all. Today when I started up my computer, ESET started to update itself as per normal. When it began to attempt to apply the update, I got a series of errors:

    Quote

     

    An error occurred during the installation of the edevmon driver

    An error occurred during the installation of the eamonm driver

    An error occurred during the installation of the epfwwfp driver

    An error occurred during the installation of the ehdrv driver

     

    ESET then instructed me to reboot to complete the update of ESET, which I did.

    Upon restarting, ESET seems to be running just fine, but I presume that is with the older drivers or without the appropriate drivers installed (due to the errors). Updating again does not seem to do anything, unfortunately.

    Are these errors something to worry about? ESET appears to be functioning just fine now, but I'm not sure.

    Thanks very much in advance.


  3. 14 minutes ago, Marcos said:

    If you scanned the dlls before (on July 17 according to your logs) and the dlls hadn't been updated / changed and ESET had not been re-installed (ie. the local cache wasn't cleared), it doesn't make sense why they would not have been detected 3 hours ago.

    I admit I'm out of my depth. 

    On Friday the 17th, I returned to my computer to find this in the log file:

    image.thumb.png.c42dac24c62e84d820ea873f71622e3a.png

    ESET auto-deleted and quarantined the files, and my own response was to delete the program entirely out of an abundance of caution. The files have not been altered since then.

    Today, when I restored the files from quarantine and scanned them through the windows context menu, I got these outcomes (Scanned one file on it's own, then the other two together - Restored the file to a different folder, because the original location was deleted along with the program):

    image.png.5e3ecd6603c8d063e813842dcad32ced.png

    image.png.1b448b4d75bc9141ba0cedb59c1a1220.png

    I don't think there's any possibility that the files themselves were updated at all between scans - The first thing I did upon noticing that the detection had flagged these files as suspicious was start this entire process. The last patch issued for the game would have been on July 15th.

     

    I suppose the possibility exists that something foul is going on throughout the system, but unrelated to these files? Subsequent full-system in-depth scans have come back clean, I admit.

    Edit: Though notably, the ESET portion of Virus Total didn't flag the files, either, earlier today?


  4. 4 minutes ago, Marcos said:

    The files were blocked by LiveGrid, we've already unblocked them. However, you wrote "ESET Context scan does not detect any of these files as suspicious or malicious" which would have happened only if the files had been updated, otherwise the statement wouldn't make much sense.

    I don't know what to say - I restored the DLLs from Quarantine, scanned them via ESET Context scan, and the ESET Context scan did not flag them as malicious. I would presume because ESET's definitions have been updated to unblock the files?


  5. 53 minutes ago, Marcos said:

    It could be that the dlls have been updated in the mean time. Could you please provide current dlls?

    Hi Marcos. The only DLLs I have were ones that I pulled out of quarantine, so I don't believe they've been updated. I deleted the program after the DLLs were flagged.

    The DLLs in question should be in the logs I attached above. I used the ESET log collector as you instructed. Thanks!


  6. 24 minutes ago, itman said:

    Determine if the three files Eset is flagging have been recently updated. If so, submit them to VirusTotal: https://www.virustotal.com/gui/home/upload and see if anyone else there is flagging them.

    The files were auto-deleted by ESET.

    The developer of the software in question did verify, however, that the files were legitimate. I reached out via email.


  7. Hello,

    Today I performed a full system scan, and was shocked when ESET (version 13.2.15.0 on Windows 10 x64) reported three detections, where I usually have zero. I hadn't installed any new software recently, so this got me very worried.

    Digging into the scan log, it seems that three files were flagged as being 'suspicious objects': 

    PhotonUnityNetworking.dll

    Unity.Timeline.dll  

    UnityEngine.Monetization.dll

    All three of these files are associated with the video game "Black Ice" sold through steam. This game has been on my computer for years, and never caused a problem - However, it seems that a recent update to the game occurred, and may be responsible for these files. 

    The files were cleaned via deleting automatically when the full scan was executed. I went into the quarantine panel of ESET and submitted each file for analysis via the ESET GUI.

    Are these files legitimately dangerous, and could they have done any harm in the time they were active? Or are these potentially false positives?

    Thanks much.

×
×
  • Create New...