Nightowl
Most Valued Members-
Posts
1,867 -
Joined
-
Days Won
17
Everything posted by Nightowl
-
Banload.AYD virused a Hyper-V Virtual Machine
Nightowl replied to Bogdan Florin's topic in Malware Finding and Cleaning
I doubt ESET will help you since it is Microsoft's AntiVirus which done all of this , I have no suggestions other than for Backup or making Windows Defender restore what it deleted and excluding the trojan so it doesn't get removed again by Defender and break the VM , and then installing ESET to see if it can help you in a better way without breaking the system like Defender has done. , better to be done while the internet is blocked from the VMs so the infections doesn't spread somehow. Contact Microsoft Support they should assist you with this , since it's their product who has done this mayhem. -
Here it's posted the 1.1 libraries of OpenSSL , which why it would make it work again after that , but as it seems that 22.04 got rid of it and now using OpenSSL 3.0
-
But it also could stop the EICAR test file as far as I recall.
-
When it shows in red , click Setup , and then you would be able to see which modules are pending for restart , it will show you that they are not active.
-
I would ignore their advice and keep ESET running , I would just allow it with NordVPN Shutting down security services is not an advice.
-
Yes it should detect them as the updates in ESET package contains from all systems Try to download an eicar test file to your phone , ESET should detect it https://www.eicar.org/download-anti-malware-testfile/
-
Eset Online Scanner effectivity
Nightowl replied to Hatus's topic in ESET Standalone Malware Removal Tools
It would act same as scanner module in any of ESET's products if I am not mistaken , but for sure you are not having any kind of real-time protection or other protections that ESET provide This is only a scanner that will connect and download updates and scan your computer and that's it. -
See with your local ESET seller on upgrading to endpoint linux , it's much better product , the desktop version is based on v4 which is obsolete by the time of now.
-
Upgrade File Security 6.5.x to 8.0.x?
Nightowl replied to slarkins's topic in ESET Products for Windows Servers
You can find changelogs here https://www.eset.com/int/business/download/file-security-windows/ And see what they differ from eachother , but most recommended for sure is to stay on latest version , unless it introduces problems for you then it's otherwise. -
ESET PROTECT Missing Features!
Nightowl replied to Hello There's topic in ESET PROTECT On-prem (Remote Management)
10 - An eset staff could have a better answer than me 11 - Better to block from network/firewall level , rather than let ESET work hard on CPU to keep blocking everything , anyway it's easier to be done from a NGFW 12 - You can password protect the settings, and prevent local admins from knowing that password , or through a policy rule it would prevent changing through GUI even if you are admin if I am not mistaken. -
I believe it's nothing to be mad at ESET for , Without analysis but it could be that this software has been used in some exploits several times which made ESET include it as unsafe application, but the safety of the program depends on it's developers , it happened to ASUS before that where malicious actors used their software to deploy their malware to people who had their software But having the detection after 5 years is a good indication that ESET will reanalyze or remake their decisions even on old software. I doubt you are compromised, but the detection just shows that this application can be misused and harm your device, uninstalling it is the better option , if you still don't trust ESET results , you could run another scanner like Kaspersky or Windows Defender which could scan without realtime so it won't conflict with ESET.
-
You have posted into the wrong category , here belongs to Slovak/Czech languages But if you think there is a missing detection from ESET , you can send the sample https://support.eset.com/en/kb141-submit-a-virus-website-or-potential-false-positive-sample-to-the-eset-lab About the alerts , they should appear immediately
-
All servers are classified as File Server?
Nightowl replied to Ufoto's topic in ESET PROTECT On-prem (Remote Management)
I believe so it's the product name also , but still not updated here in the console , if it was another product like mail security , you would see mail security -
All servers are classified as File Server?
Nightowl replied to Ufoto's topic in ESET PROTECT On-prem (Remote Management)
It is just the product name from ESET , it is made for Windows Server with the name of File Security But recently ESET has renamed the product into ESET Server Security I don't think it's being classified as a file server , it's just the naming of the product I believe. -
Control them all through ESET Protect and ditch the other AVs or you can keep one vendor as secondary scanner(not real-time) that would make your life easier I think. ESET and Kaspersky both of them have a great detection/protection rate and good reputation between AVs companies/users McAfee is just painful software.
-
Defender is always targeted by good developed malware and it is disabled very fast Recently only Microsoft added the Anti-Tamper protection that would let Defender protect itself from modifications that would completely render it useless , but I don't know if the Anti-Tamper is still good enough Windows Defender can be completely shutdown by a registry entry, or from Group Policy , I don't know if that still works. But still ESET or any other popular vendor still perform better than Windows Defender , if you remove the cloud access to Defender it will weaken it so much, still have much more false positives and for sure other AVs have more protection modules than what Defender would offer.
-
No actual page for RAV , neither a download link I can find , it's bundled inside a software and hard to uninstall or breaks things as @PassingBydescribed , I think it fits the description of a PUA if it's not a malicious software. I found this in their website , but still I cannot find a download link for it