Jump to content

Nightowl

Most Valued Members
  • Posts

    1,816
  • Joined

  • Days Won

    17

Nightowl last won the day on August 28 2022

Nightowl had the most liked content!

2 Followers

About Nightowl

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Heard Island and McDonald Islands

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Unfortunately many of those who run VMs will have to disable it to enable intel vt-x/amd-v for their virtual machines Memory Integrity will prevent you from enabling this option for example in VMWare Workstation
  2. Also by group policy can be disabled , and it needed Admin settings to run , which normally users don't have unless it's a home computer and the person is the admin.
  3. I don't know what commands were in the bat , but could legitmate commands shutdown ESET as a normal user would , I bet they do , but one thing that would stop all this I think is a Passworded settings , once getting to shutdown command/kill , the password would stop it. But I think also HIPS or Self Defense didn't detect it or didn't see this as an attack. I don't know but I think the password would prevent it , unless the kernel was shutdown or whatever was done , I don't know , but I guess they shutdown the kernel or the process , a password would prevent this unless it's vulnerable.
  4. I guess @Purpleroses is confused between HTTPS scanning and secure browser protection Browser protection helps incase something bad passed and was able to intercept your keystrokes or something like that , the secure browser will be scrambling your keystrokes , so whatever eavesdropping or logging you keys , will have it encrypted. HTTPS scanning is different , ESET will add it's own certificate into the machine then it will be able to scan the HTTPS traffic , and if a malware was sent through that HTTPS traffic , ESET will be able to pick it up , without the certificate that ESET adds , it will not be able to scan the HTTPS traffic I could be mistaken of what I described , correct me if I am wrong please.
  5. I think Learning Mode is more designed to be used with Interactive Mode You let the firewall learn the machine for a while and then you switch to Interactive Mode , in that case you will have to manually allow/block traffic to unlearned apps after that. And learning mode will put apps and traffic that it learned and allow them or block them(it could block maybe idk), after that you can also look at the list and remove unwanted rules if the software added something you don't want but if you are looking to use Automatic Mode , then keep it Automatic
  6. Is your office cracked? If it is then I would get rid of it personally as ITMAN said MSRDC is RDP , if you put msrdc in Run command , it will open the Remote Desktop Connection Window
  7. I don't know if it's relevant for you to change the software , but give VLC Media Player a try , it's a good media player.
  8. It's true better to check Task Scheduler , it will try to revive itself from there.
  9. In the behaviour section , you can see what the BAT has done in the VirusTotal link , you could reverse it's changes Better also remove the Adobe products from your PC , and also run a SFC /scannow in an admin CMD to see if there are changes to the Windows itself , so Windows can repair itself back to normal. Also try to deep scan your PC again with ESET (deep scan) and if you need a second opinion after that you could download another scanner or use Defender(it sucks) for a scan , maybe like HitmanPro as second opinion scanner next to ESET , to see if there are any remnants.
  10. Please try my suggestion In Detections area on left side , after clicking that , make sure that Detection Resolved is ticked/not ticked depending on how Protect is reading your detection status And in the middle this one : And if your computers are divided to groups , make sure you select the correct group or select " ALL" And just to troubleshoot if there is Agent connection problem , do you see the computer in "Computers" area as connected?
  11. It shows how much time you have been connected , usually VPN programs do that.
  12. But I doubt any kind of decryptor would be on the hard disk , unless the attackers made a mistake
  13. Try to follow these steps here provided by Discord to secure your account more : https://discord.com/safety/360043857751-four-steps-to-a-super-safe-account
  14. I didn't go to the link , but it is a WoW boost? and stuff like gold or equipment I don't recommend doing that , because it's not affiliated with Blizzard or someone official to the game and it can be a scam or you will pay for something and get something else or get nothing. and probably it have to do some in-game trading to be able to get the stuff. Better not bro , I don't recommend it.
×
×
  • Create New...