Jump to content

Nightowl

Most Valued Members
  • Posts

    1,377
  • Joined

  • Days Won

    15

Kudos

  1. Upvote
    Nightowl gave kudos to Marcos in Web access protection Issue   
    I'm not angry about you reporting it. Quite the contrary, we are happy if you report us possible malicious samples or urls.
    I just wanted you to point in the right direction, ie. to report stuff directly to samples[at]eset.com according to the KB if you want the submission to receive better attention.
    Also I wanted to point out that even if a particular website is not blocked (ie. it may be a completely legitimate one with just somebody posting links to cracks), the point is to detect possible threat in the end no matter how it is achieved, ie. by blocking access to the malicious website or by detecting the malware upon download or execution at latest.
  2. Upvote
    Nightowl gave kudos to Aryeh Goretsky in CVE-2021-40444 are ESET user protected?   
    Hello,

    Just to follow up since I've been out of the office, CVE-2021-40444 is currently detected as DOC/TrojanDownloader.Agent.DIC and DOC/TrojanDownloader.Agent.DHY.

    For more information, please see ESET Knowledgebase Article # 8122, Does ESET protect me from the Microsoft Windows remote code execution vulnerability CVE-2021-40444?

    Regards,

    Aryeh Goretsky
  3. Upvote
    Nightowl received kudos from Crystal_Lake_Camper in Need some help please   
    Here you can find most of the needed information about configurations :
    https://help.eset.com/eis/14/en-US/?beginner.html
  4. Upvote
    Nightowl gave kudos to Minimalist in Reputation of Programs.   
    Thank you for suggestion. I've tried both in past but prefer using uTorrent. My comment was just meant to show that even non-malicious processes can sometimes be shown in red.
  5. Upvote
    Nightowl gave kudos to itman in Infected? Undetected Script wscript.exe loading from startup folder   
    The free version of ZoneAlarm definitely has been using  the Kaspersky engine for a while: https://www.pcmag.com/reviews/check-point-zonealarm-free-antivirus-plus .
    The paid consumer and enterprise versions use more Kaspersky components: http://svendsen.me/worried-checkpoints-use-kaspersky-products-heres-disable-remove/
  6. Upvote
    Nightowl received kudos from Tzatz in Infected? Undetected Script wscript.exe loading from startup folder   
    Just to note , Checkpoint uses Kaspersky engine hence why they both detect it.
  7. Upvote
    Nightowl gave kudos to Marcos in U/P for ESET NOD32 Linux   
    Yes but only existing holders of a NOD32 AV for Linux desktop will be eligible to get it. That said, it won't be possible to use an EAV/EIS/ESSP for Windows license for activation.
  8. Upvote
    Nightowl received kudos from camelia in Why WaasMedic_Agent.exe download in my desktop?   
    You can upload your version to virustotal for more checking by AV engines to be more sure
    It seems that this WaasMedic is related to Windows Update.
  9. Upvote
    Nightowl received kudos from cwong in ESET Endpoint Antivirus for Linux version 8.0.3.0 consumes /dev/shm   
    Version 8.1.3.0
    Added: ESET Dynamic Threat Defense support Added: SecureBoot support Added: Process Exclusions Added: Ability to check for update in GUI Added: Ability to copy support-related information from GUI Improved: Warning when product is being activated with an overused license Fixed: Update doesn't work from a mirror created by ESET Mirror Tool Fixed: Device control could block the keyboard and mouse required to log into the system Other bug fixes and minor optimizations New version was released but there is no mention of supporting new kernels , so I doubt your issues are fixed sadly.
  10. Upvote
    Nightowl received kudos from daylon in JS/Agent.OZD   
    Try to clean the browser's data , like cache and stuff, you can also remove that JS manually by removing it from the folder path , or by running a scan ESET should pick it up and remove it
    And also try to refrain from using IE , Microsoft is killing that browser and soon will retire and go out.
  11. Upvote
    Nightowl received kudos from Prayer1 in ESSP Password manger   
    I believe they are both safe , but ESET would be more safer.
    Normally malicious software will target Password Managers of Firefox and Chrome because normally that what everyone uses, ESET could be more protected against this type of attacks and more safer to use.
  12. Upvote
    Nightowl gave kudos to Peter Randziak in Deep Behavioral Inspection blocks threads of .NET process after loading a golang DLL   
    Hello @Alex C,
    you are welcome, credit does to our dev team as the whole analysis was done by them.
    Keeping thing up to date is for sure recommended...
    Peter
  13. Upvote
    Nightowl received kudos from Ricky Martin in Upgrading to ESET Protect server?   
    It's still same ESMC but with a different name and a new version.
    About reverting back , I don't know an ESET Staff could help more in this , but you can backup the server incase something wrong happens.
  14. Upvote
    Nightowl gave kudos to ujeng in ESET Endpoint Antivirus for Linux User interface Cannot display   
    Thank for reply.
    May got to switch to GNOME to show the user interface.
  15. Upvote
    Nightowl received kudos from camelia in Am I having too many Edge connections?   
    Thanks for that itman , I was trying to remember the name of O&O software , I completely forgot about it and Cortana drove me crazy recently , trying to disable it every way I can , but Cortana is mighty keeps resurrecting itself haha
    Thanks!
  16. Upvote
    Nightowl received kudos from ujeng in ESET Endpoint Antivirus for Linux User interface Cannot display   
    I am having same trouble with MATE desktop , I believe MATE is like Cinnamon they aren't supported unfortunately
    If you switch to GNOME , the GUI will work normally , but I hate GNOME.
  17. Upvote
    Nightowl received kudos from nabeelmansoor in License Renewal   
    Yes they will be added , you have the remaining time of the current license and the added renewed time over it but make sure to renew the same username
  18. Upvote
    Nightowl gave kudos to howardagoldberg in Dark Mode!   
    I missed the *soon* part, thanks!
  19. Upvote
    Nightowl received kudos from Astterlan in Dark Mode!   
    It's not yet supported that's why you cannot use it
     
  20. Upvote
    Nightowl received kudos from howardagoldberg in Dark Mode!   
    It's not yet supported that's why you cannot use it
     
  21. Upvote
    Nightowl gave kudos to itman in DotNet MSIL / Injector.VGR   
    Looks like my suspicious were correct. It was a coin miner.
    The question is was HashCalc actually and deliberately installed? Always opt for portable download versions of utility software like this.
    -EDIT- Also think twice about installing or running directly any unsigned software which I assume this HashCalc software was.
  22. Upvote
    Nightowl gave kudos to parahesap in DotNet MSIL / Injector.VGR   
    I see the warning text has changed after restarting the computer. I scanned again and saw it deleted two spyware. You got him, Sir. The alert is no longer displayed. Thank you so much!


  23. Upvote
    Nightowl gave kudos to Marcos in DotNet MSIL / Injector.VGR   
    We've nailed it down. A legit tool was backdoored and loads a malicious dll with zero detection at VT which loads the following encrypted payload:

    I expect the detection to be available momentarily via streamed/pico updates.
    Also please confirm that you have enabled the LiveGrid Feedback system for maximum protection.
  24. Upvote
    Nightowl gave kudos to FlorjanK in ESET antivirus found malware on my website   
    Yes I just did that and sent the files to Marcos DM 😃
    Thank you
  25. Upvote
    Nightowl gave kudos to itman in Virus signature database not updating with latest version   
    I would also advise creating the SysRescue bootable media on a device not connected to the local network. For example, a relative's or friend's computer that has no malware on it.
×
×
  • Create New...