Nightowl
Most Valued Members-
Posts
1,848 -
Joined
-
Days Won
17
Everything posted by Nightowl
-
I attacked by virus and hacked my fb account
Nightowl replied to Sohel Rana's topic in Malware Finding and Cleaning
Rambler is a website that is similar to Yahoo/MSN and is owned by Sberbank , I doubt it will launch attacks on specific users to steal their instant messaging accounts Another connection is that the attackers used emails from Rambler.ru services , which is the same thing if the attacker used gmail or proton or whatever , since even bad actors that aren't connected to PC work used ProtonMail which is based on Switzerland. It doesn't matter where it's coming from , even if from your friends , if the link isn't supposed to come or the message look weird , don't open it -
Thanks for your assistance ITMAN I will check it out. I wish I had an easier route rather than messing with Microsoft's GPO
-
I was looking at it yesterday (SRP) , but your explanation is better than what I was reading , I will give this one a try , and apply it to specific folders like Downloads , TEMP etc. and will see what happens About Downloads location , I bet I can keep it there , I just put the wanted extentions to be blocked Thank you bro.
-
I will try to do it through Fortinet filters.(hardware firewall) Thank you bro. I will try to google for best practices/hardening and take a look Thanks for suggestions Should also block Python,Firefox,Chrome,VLC,7zip,rar from running from AppData/TEMP or creating new applications from there like that remcos variant that brought it's vulnerable exes with it I think in first place , since powershell , cmd is prevented , the next step of the vulnerable exes shouldn't come , but who knows Anyone have suggestion?
-
Is there anyway to prevent *.VBS and *.PIF from being downloaded , received from Skype/Whatsapp etc ?
-
-
Hello , please check this sample , I sent also from my email https://www.virustotal.com/gui/file/ce0e2c758444ae6e3be95b83e0f53990e722472e75113d57b18a19cb8e397ca9?nocache=1 [TRACK#64EAFA9300F7]. EDIT : Support answered.
-
That should do it , and also there is Potentially Unwanted Application , enable them , if you want higher detections , you can go with aggressive reports and detections. You can keep MBAM as second opinion scanner , without the real-time parts being active. , just a scanner when you need it as itman said , it will cause conflicts , doesn't matter which one you want to keep in the end it's your own opinion and thought of which proves to be better for your usage , but one realtime protection should be active at the time , otherwise it would conflict and cause problems and maybe blue screen crashes.
-
I have a question apart from other replies Did you open detection of Unwanted and Unsafe applications ?
-
I am sure that the PC I worked with didn't have Python and the person who works on it doesn't have any programming skills or anything , I even searched for Python traces on PC , there is not.
-
I can't hear my calling partner.
Nightowl replied to SBrown's topic in ESET Products for Mobile Devices
I believe so also , GSM or signal issue , because ESET won't touch the GSM parts if I am not mistaken. -
I can't hear my calling partner.
Nightowl replied to SBrown's topic in ESET Products for Mobile Devices
Is it an internet call or normal GSM call Internet whatsapp calls can be blocked in some companies or networks , that's why you might not be able to call for example. ESET for Android doesn't provide a Firewall so there is no way it could have blocked it. On my device I use it , but I never experienced such thing -
This is what happened with me , the infected PC I worked on had a person who doesn't know programming and doesn't know even English language , so naming the files fruit and idea and stuff like this made it a bit suspicious , and there is no even Python installed , the RAT supplied its own Python.
-
This is what I posted about recently , it's nice read by the way , thank you https://news.drweb.com/show/?i=14728&lng=en I found the Dr.Web article about it.
-
Patch Now: Up to 900K MikroTik Routers Vulnerable to Total Takeover
Nightowl replied to itman's topic in General Discussion
Indeed it's just my opinion , many will disagree with me , and true vulnerabilities happen to all , but I just found other brands easier to work with. -
Patch Now: Up to 900K MikroTik Routers Vulnerable to Total Takeover
Nightowl replied to itman's topic in General Discussion
4 years before I had a client with Mikrotek , one of the worst experiences I had with a router/firewall.. -
Hello, Check here for instructions how to repair the MBR because as far as I know AVs cannot do it / dis-infect the MBR. https://neosmart.net/wiki/fix-mbr/ And here is from ESET Hungaria https://www.eset.hu/tamogatas/viruslabor/virusleirasok/abcd They explain about the threat you have in your detection log. It's pretty old virus , but how did you revive that up? did you plug an old hard disk?
-
RE-Instalation error MSI 1401
Nightowl replied to Guido's topic in ESET Internet Security & ESET Smart Security Premium
Hello brother , I am good thanks for asking Thanks for explaining , I understand Have a nice day -
RE-Instalation error MSI 1401
Nightowl replied to Guido's topic in ESET Internet Security & ESET Smart Security Premium
What was the solution , just interested. -
RE-Instalation error MSI 1401
Nightowl replied to Guido's topic in ESET Internet Security & ESET Smart Security Premium
Try this when you boot back to normal environment DISM /Online /Cleanup-Image /ScanHealth Does it find corruption? Not trying to interrupt with Marcos , please follow with him because he is an ESET Staff , I am not But try to download ESET Online Scanner , and put it to detect unwanted apps and unsafe apps , and let it scan deep , does it find something weird? -
RE-Instalation error MSI 1401
Nightowl replied to Guido's topic in ESET Internet Security & ESET Smart Security Premium
Are you the Admin? If you are , try to see if your Windows is corrupted Run this from CMD Admin sfc /scannow -
ESET Endpoint Linux v10 Web Access + FortiClient
Nightowl replied to Nightowl's topic in ESET Endpoint Products for Linux
Thank you Peter , I will do if something happens Thanks for the assistance.