Jump to content

Nightowl

Most Valued Members
  • Posts

    1,350
  • Joined

  • Days Won

    15

Kudos

  1. Upvote
    Nightowl gave kudos to itman in Infected? Undetected Script wscript.exe loading from startup folder   
    The free version of ZoneAlarm definitely has been using  the Kaspersky engine for a while: https://www.pcmag.com/reviews/check-point-zonealarm-free-antivirus-plus .
    The paid consumer and enterprise versions use more Kaspersky components: http://svendsen.me/worried-checkpoints-use-kaspersky-products-heres-disable-remove/
  2. Upvote
    Nightowl received kudos from Tzatz in Infected? Undetected Script wscript.exe loading from startup folder   
    Just to note , Checkpoint uses Kaspersky engine hence why they both detect it.
  3. Upvote
    Nightowl gave kudos to Marcos in U/P for ESET NOD32 Linux   
    Yes but only existing holders of a NOD32 AV for Linux desktop will be eligible to get it. That said, it won't be possible to use an EAV/EIS/ESSP for Windows license for activation.
  4. Upvote
    Nightowl received kudos from camelia in Why WaasMedic_Agent.exe download in my desktop?   
    You can upload your version to virustotal for more checking by AV engines to be more sure
    It seems that this WaasMedic is related to Windows Update.
  5. Upvote
    Nightowl received kudos from cwong in ESET Endpoint Antivirus for Linux version 8.0.3.0 consumes /dev/shm   
    Version 8.1.3.0
    Added: ESET Dynamic Threat Defense support Added: SecureBoot support Added: Process Exclusions Added: Ability to check for update in GUI Added: Ability to copy support-related information from GUI Improved: Warning when product is being activated with an overused license Fixed: Update doesn't work from a mirror created by ESET Mirror Tool Fixed: Device control could block the keyboard and mouse required to log into the system Other bug fixes and minor optimizations New version was released but there is no mention of supporting new kernels , so I doubt your issues are fixed sadly.
  6. Upvote
    Nightowl received kudos from daylon in JS/Agent.OZD   
    Try to clean the browser's data , like cache and stuff, you can also remove that JS manually by removing it from the folder path , or by running a scan ESET should pick it up and remove it
    And also try to refrain from using IE , Microsoft is killing that browser and soon will retire and go out.
  7. Upvote
    Nightowl received kudos from Prayer1 in ESSP Password manger   
    I believe they are both safe , but ESET would be more safer.
    Normally malicious software will target Password Managers of Firefox and Chrome because normally that what everyone uses, ESET could be more protected against this type of attacks and more safer to use.
  8. Upvote
    Nightowl gave kudos to Peter Randziak in Deep Behavioral Inspection blocks threads of .NET process after loading a golang DLL   
    Hello @Alex C,
    you are welcome, credit does to our dev team as the whole analysis was done by them.
    Keeping thing up to date is for sure recommended...
    Peter
  9. Upvote
    Nightowl received kudos from Ricky Martin in Upgrading to ESET Protect server?   
    It's still same ESMC but with a different name and a new version.
    About reverting back , I don't know an ESET Staff could help more in this , but you can backup the server incase something wrong happens.
  10. Upvote
    Nightowl gave kudos to ujeng in ESET Endpoint Antivirus for Linux User interface Cannot display   
    Thank for reply.
    May got to switch to GNOME to show the user interface.
  11. Upvote
    Nightowl received kudos from camelia in Am I having too many Edge connections?   
    Thanks for that itman , I was trying to remember the name of O&O software , I completely forgot about it and Cortana drove me crazy recently , trying to disable it every way I can , but Cortana is mighty keeps resurrecting itself haha
    Thanks!
  12. Upvote
    Nightowl received kudos from ujeng in ESET Endpoint Antivirus for Linux User interface Cannot display   
    I am having same trouble with MATE desktop , I believe MATE is like Cinnamon they aren't supported unfortunately
    If you switch to GNOME , the GUI will work normally , but I hate GNOME.
  13. Upvote
    Nightowl received kudos from nabeelmansoor in License Renewal   
    Yes they will be added , you have the remaining time of the current license and the added renewed time over it but make sure to renew the same username
  14. Upvote
    Nightowl gave kudos to howardagoldberg in Dark Mode!   
    I missed the *soon* part, thanks!
  15. Upvote
    Nightowl received kudos from Astterlan in Dark Mode!   
    It's not yet supported that's why you cannot use it
     
  16. Upvote
    Nightowl received kudos from howardagoldberg in Dark Mode!   
    It's not yet supported that's why you cannot use it
     
  17. Upvote
    Nightowl gave kudos to parahesap in DotNet MSIL / Injector.VGR   
    I see the warning text has changed after restarting the computer. I scanned again and saw it deleted two spyware. You got him, Sir. The alert is no longer displayed. Thank you so much!


  18. Upvote
    Nightowl gave kudos to itman in DotNet MSIL / Injector.VGR   
    Looks like my suspicious were correct. It was a coin miner.
    The question is was HashCalc actually and deliberately installed? Always opt for portable download versions of utility software like this.
    -EDIT- Also think twice about installing or running directly any unsigned software which I assume this HashCalc software was.
  19. Upvote
    Nightowl gave kudos to Marcos in DotNet MSIL / Injector.VGR   
    We've nailed it down. A legit tool was backdoored and loads a malicious dll with zero detection at VT which loads the following encrypted payload:

    I expect the detection to be available momentarily via streamed/pico updates.
    Also please confirm that you have enabled the LiveGrid Feedback system for maximum protection.
  20. Upvote
    Nightowl gave kudos to FlorjanK in ESET antivirus found malware on my website   
    Yes I just did that and sent the files to Marcos DM 😃
    Thank you
  21. Upvote
    Nightowl gave kudos to itman in Virus signature database not updating with latest version   
    I would also advise creating the SysRescue bootable media on a device not connected to the local network. For example, a relative's or friend's computer that has no malware on it.
  22. Upvote
    Nightowl received kudos from itman in Virus signature database not updating with latest version   
    It's better to isolate the computers that have the Worm so it can stop spreading , after that you need an up-to-date antivirus that will run a deep scan for these computers so it can take the worm out
    Maybe in your case where you cannot update for some reason and cannot select directly from ESET Update servers , try to see what you can do with ESET Online Scanner : https://www.eset.com/us/home/online-scanner/?intcmp=intrw
  23. Upvote
    Nightowl received kudos from peteyt in Logins for 1.3 million Windows RDP servers collected from hacker market   
    I wonder why people open RDP to all , when sometimes it's companies that do that.. and even though you are opening it to all and still using a password like

    Running unpatched systems that are open to all with weak passwords, that is really bad.
    And if it had to be open to all , some products need to be used for protection , like an IPS or some NGFW and a looooong and complicated password is also needed , I wonder what kind of logic is this
    Firewalls are crying in the corner..
  24. Upvote
    Nightowl gave kudos to Marcos in What are pico updates   
    Yeah, pico updates are typically less than 500 bytes in size.
  25. Upvote
    Nightowl gave kudos to pronto in Hafnium Post Exploit Detection   
    In my opinion, they tried to attach importance to their cloud products, but probably underestimated the dynamics of the situation. It seems like they have lost control in the meantime. With the implementation of Windows 10 and their Windows as a Service update strategy, one update after another is blowing up. Either they came too early or too late. The customer has not been the king anymore, rather they are being forced towards in the direction where Microsoft wants them to go.  The other global players like Apple and Google are no exception. If Google decides that any standard is no longer useful, a new standard will be introduced and the world will have to follow. You just stand by shaking your head and get the feeling that they're making fun of it, also. Sorry but I had to vent a bit...
    Bye Tom
     
×
×
  • Create New...