Nightowl
Most Valued Members-
Posts
1,848 -
Joined
-
Days Won
17
Everything posted by Nightowl
-
It would be much useful to know that the RDP is being brute-forced , and much more if the attempts would be blocked till the user apply any kind of other prevention like firewall or changing password or account lock-out.
-
Files encrypted by ransomware
Nightowl replied to SeriousHoax's topic in Malware Finding and Cleaning
This is very interesting and I like this , and I do believe also that this will come to consumer product also. It's also good for RDS servers(file server) where you can put the setting to aggressive mode , because many people who just use RDP , don't know what they are doing actually. -
Files encrypted by ransomware
Nightowl replied to SeriousHoax's topic in Malware Finding and Cleaning
It's now detected by ESET : Win32/Filecoder.NZG In my opinion what needs to be improved is the machine learning and HIPS , but I am not expert like those who program at ESET for sure , also as SeriousHoax said , Application Manager and Reputation(rep is already there) , to be combined with everything , so the AI could try to decide if this app is trying to do malicious things or it's not. But I could be mistaken , I don't know , but also as ITman said , nothing is 100% safe. -
Files encrypted by ransomware
Nightowl replied to SeriousHoax's topic in Malware Finding and Cleaning
Did you test it ? and had different results? (I'm just curious to know) -
Files encrypted by ransomware
Nightowl replied to SeriousHoax's topic in Malware Finding and Cleaning
Wondering if Smart makes any differences , Policy / Interactive should prompt you for allowing or denying the actions I think. , I never tried. -
Files encrypted by ransomware
Nightowl replied to SeriousHoax's topic in Malware Finding and Cleaning
Was HIPS set to Automatic or Smart? -
Files encrypted by ransomware
Nightowl replied to SeriousHoax's topic in Malware Finding and Cleaning
I think it's because he copied and pasted from another link , recently malwarebytes have lost it's reputation that it built time ago , I stopped trusting them , for security products I would go for 3 of these , ESET , Kaspersky , HitmanPro(as a second opinion scanner) -
Do you think your computer has been infected somehow ? , so it could be a malware that attempted to remove ESET and corrupt everything? Did you try to see with ESET Online Scanner https://www.eset.com/int/home/online-scanner/ If some malware is hiding inside your PC?
-
I understand that , XP is obsolete these days. , but I understand that you have some needs that is why you stick with this system.
-
It's much recommended to move on from Windows XP , to some Windows that is currently supported by Microsoft.
-
Yes indeed but he gives the AVs a different test from different perspective even though he disabled some layers to get them inside the computer and then ran them while realtime is running , he somehow in someway , tests how much powerful is the real-time protection. not overall the security solution
-
Yes I understand but sometimes you have cases where the files that you do are private to the company that you work with and it's hard to upload them for analyzing , but I understand it's bad for the AI system , same to what happened to Kaspersky and the American gov went crazy about it and blamed them for stealing data , while their AV saw that some files are suspicious and sent it to their AI. I know it's so important to get files sent by users , because that will make the system stronger and more accurate and faster.
-
It's the same thing of disabling the multi-layer protection that the AV is having , but still Windows Defender doesn't do good without it's cloud , although one of the videos Windows Defender missed lot of threats , including one from Windows XP days that would give you the same error message over and over.
-
Yes because Antivirus companies will tell you that you have disabled some features that could have blocked the threats before they start to run in the system , as web protection for example , so some layers have been disabled in order to run the test, But the crazy thing about this test or this guy , that he unleash lot of threats at the same time at the AV , it's sometimes funny to watch other products how they cripple with something like this, including Windows Defender and somekind of other security products that claim that it will protect your system , there are many more videos like this who do the testing. It's not funny that the antivirus fails , but it is funny that the advertising campaign that will be ran by the AV company will claim that it will protect your infrastructure , till you get hit by something Honestly for me , since NOD32 v2 , I never had to change any antivirus product , even though sometimes I wanted to give others a try , but I just can't go away , it's so light and efficient , it doesn't matter if the product doesn't protect 100% , because nothing is safe 100% , But it's so bad when a product claims to protect you like Windows Defender , and let your PC get encrypted by a malware , or somekind of very old virus not to be detected (Not windows defender but can't remember which company and which video) and corrupt your system. It's always better to have multi-layer protection.
-
Endpoint 6.5 keep old style password after upgrade
Nightowl replied to tbsky's topic in ESET Endpoint Products
Ok I will tag @Marcos and @MartinK , one of them should be able to help you. -
Endpoint 6.5 keep old style password after upgrade
Nightowl replied to tbsky's topic in ESET Endpoint Products
They probably should come with a reply , sometimes they answer a little bit late , but an answer will come for sure , if you need an urgent answer , you can contact your local ESET support , they can assist you. -
Endpoint 6.5 keep old style password after upgrade
Nightowl replied to tbsky's topic in ESET Endpoint Products
I believe you can make a default policy from the ESMC and apply it to all computers , but I don't know if that fixes your password problem , I believe I will leave that to someone from ESET Staff Team that works with Endpoints.