Nightowl
-
Posts
1,848 -
Joined
-
Days Won
17
Kudos
-
Nightowl gave kudos to parahesap in DotNet MSIL / Injector.VGR
I see the warning text has changed after restarting the computer. I scanned again and saw it deleted two spyware. You got him, Sir. The alert is no longer displayed. Thank you so much!
-
Nightowl gave kudos to itman in DotNet MSIL / Injector.VGR
Looks like my suspicious were correct. It was a coin miner.
The question is was HashCalc actually and deliberately installed? Always opt for portable download versions of utility software like this.
-EDIT- Also think twice about installing or running directly any unsigned software which I assume this HashCalc software was.
-
Nightowl gave kudos to Marcos in DotNet MSIL / Injector.VGR
We've nailed it down. A legit tool was backdoored and loads a malicious dll with zero detection at VT which loads the following encrypted payload:
I expect the detection to be available momentarily via streamed/pico updates.
Also please confirm that you have enabled the LiveGrid Feedback system for maximum protection.
-
Nightowl gave kudos to FlorjanK in ESET antivirus found malware on my website
Yes I just did that and sent the files to Marcos DM 😃
Thank you
-
Nightowl gave kudos to itman in Virus signature database not updating with latest version
I would also advise creating the SysRescue bootable media on a device not connected to the local network. For example, a relative's or friend's computer that has no malware on it.
-
Nightowl received kudos from itman in Virus signature database not updating with latest version
It's better to isolate the computers that have the Worm so it can stop spreading , after that you need an up-to-date antivirus that will run a deep scan for these computers so it can take the worm out
Maybe in your case where you cannot update for some reason and cannot select directly from ESET Update servers , try to see what you can do with ESET Online Scanner : https://www.eset.com/us/home/online-scanner/?intcmp=intrw
-
Nightowl received kudos from peteyt in Logins for 1.3 million Windows RDP servers collected from hacker market
I wonder why people open RDP to all , when sometimes it's companies that do that.. and even though you are opening it to all and still using a password like
Running unpatched systems that are open to all with weak passwords, that is really bad.
And if it had to be open to all , some products need to be used for protection , like an IPS or some NGFW and a looooong and complicated password is also needed , I wonder what kind of logic is this
Firewalls are crying in the corner..
-
Nightowl gave kudos to Marcos in What are pico updates
Yeah, pico updates are typically less than 500 bytes in size.
-
Nightowl gave kudos to pronto in Hafnium Post Exploit Detection
In my opinion, they tried to attach importance to their cloud products, but probably underestimated the dynamics of the situation. It seems like they have lost control in the meantime. With the implementation of Windows 10 and their Windows as a Service update strategy, one update after another is blowing up. Either they came too early or too late. The customer has not been the king anymore, rather they are being forced towards in the direction where Microsoft wants them to go. The other global players like Apple and Google are no exception. If Google decides that any standard is no longer useful, a new standard will be introduced and the world will have to follow. You just stand by shaking your head and get the feeling that they're making fun of it, also. Sorry but I had to vent a bit...
Bye Tom
-
Nightowl gave kudos to Peter Randziak in Larger Detection engine update scheduled today (February 25)
Today (February 25) we plan to release a Detection engine update with expected size around 12,2 - 12,4 MB.
We expect that the update will be available on the update servers for the clients to download at around 14:00 CET (+/- 30 minutes).
This change will optimize the way how we store the data and will reduce the Detection engine size, it's memory footprint and also will make further updates smaller.
The Micro updates scheduled on February 26 will have the weekly update package around 13 MB in size and the monthly update package up to 15 MB.
Peter on behalf of the teams involved
-
Nightowl gave kudos to stackz in can I ask where to locate these windows "updates"
Yes, every user session the services will be created with a different hex number suffix.
-
Nightowl received kudos from peteyt in The Great Suspender extention is malware
Will be detected as this by ESET.
-
Nightowl received kudos from itman in Unknown Connected Home Device
Can you get into your router and check which devices has DHCP lease?
That way you can have all info about connected devices to your home network
-
Nightowl received kudos from Super_Spartan in NOD32 Gamer's Edition?
And yet you missed the most important point of my post that I don't work for ESET and I am just a User
Even so you are still talking about a product that you didn't use or buy and isn't being offered in your country.
So if you have bought this product and you feel that you have been mislead by the design of the box , you can request a refund and get your money back , I bet ESET won't deny you that , and if you still feeling mislead , hire your favorite lawyer in town and sue ESET in the area that sells that product.
-
Nightowl received kudos from polcalweng in Disable OS Update Warning
That's weird , I prefer to wait for an ESET Staff to reply here for your problem, as he/she would understand more than me in this case.
-
Nightowl gave kudos to DKech in Scheduled Scans
Not all ransomware is configured to bypass this. Some kind of flimsy argument. This is the same as saying that you don't need to insert a lock into the door, since the robber has the ability to open the lock with his own key.
-
Nightowl gave kudos to ntg2978 in ESET Internet Security on Linux password/username
Alright, Marcos, thank you for the straight-talk. Will the Linux desktop users ultimately have to either upgrade to the business edition or do you think the modules will continue to be updated for the foreseeable future?
I've come from using F-Prot for the last 3 yrs, and they announced an End-of-life of F-Prot for home use, as they are going to solely focus on business editions.
I'm seeing a trend among the Linux antivirus products that they are increasingly moving towards business users; I can completely understand that, because the revenue generated is much greater; probably there is also more demand as well.
I'd just like to know if you guys are planning on an End-of-life for the Linux Desktop as well in the near future, so that I can start researching what I'll do in a year once my license expires.
Thank you.
-
Nightowl gave kudos to Marcos in Maximum Protection even Firewall Off
Not according to the specification. I assume there were many requests to not warn if the firewall is turned off intentionally, e.g because users prefer the system firewall.
-
-
-
Nightowl received kudos from Leonardo in anti virus best software
In the download link when you click Advanced Download you will be able to see Changelogs per versions.
-
Nightowl received kudos from Leonardo in anti virus best software
Yes it is
Network Protection is available in Internet Security and Smart Security
It is not available in Antivirus edition.
-
Nightowl gave kudos to itman in Internet Security and Google Searches
Or clear your browser history and/or cache in Chrome at its close time and see if that resolves the alerts.
-
Nightowl received kudos from HSS77 in Eset File Security PDF/Phishing.A.Gen
Argh didn't notice that was MacOS , Glad you sorted it out.
-
Nightowl gave kudos to HSS77 in Eset File Security PDF/Phishing.A.Gen
Tried sending now as was able to allow it again. Thanks.