Jump to content

Nightowl

Most Valued Members
  • Posts

    1,820
  • Joined

  • Days Won

    17

Everything posted by Nightowl

  1. I will try to do it through Fortinet filters.(hardware firewall) Thank you bro. I will try to google for best practices/hardening and take a look Thanks for suggestions Should also block Python,Firefox,Chrome,VLC,7zip,rar from running from AppData/TEMP or creating new applications from there like that remcos variant that brought it's vulnerable exes with it I think in first place , since powershell , cmd is prevented , the next step of the vulnerable exes shouldn't come , but who knows Anyone have suggestion?
  2. Is there anyway to prevent *.VBS and *.PIF from being downloaded , received from Skype/Whatsapp etc ?
  3. Hello , please check this sample , I sent also from my email https://www.virustotal.com/gui/file/ce0e2c758444ae6e3be95b83e0f53990e722472e75113d57b18a19cb8e397ca9?nocache=1 [TRACK#64EAFA9300F7]. EDIT : Support answered.
  4. That should do it , and also there is Potentially Unwanted Application , enable them , if you want higher detections , you can go with aggressive reports and detections. You can keep MBAM as second opinion scanner , without the real-time parts being active. , just a scanner when you need it as itman said , it will cause conflicts , doesn't matter which one you want to keep in the end it's your own opinion and thought of which proves to be better for your usage , but one realtime protection should be active at the time , otherwise it would conflict and cause problems and maybe blue screen crashes.
  5. I have a question apart from other replies Did you open detection of Unwanted and Unsafe applications ?
  6. VHO and HEUR are the heuristic namings if I am not mistaken You will find them on Checkpoint , ZoneAlarm , Bitdefender I think also , because those use the kaspersky engine.
  7. I am sure that the PC I worked with didn't have Python and the person who works on it doesn't have any programming skills or anything , I even searched for Python traces on PC , there is not.
  8. I believe so also , GSM or signal issue , because ESET won't touch the GSM parts if I am not mistaken.
  9. Is it an internet call or normal GSM call Internet whatsapp calls can be blocked in some companies or networks , that's why you might not be able to call for example. ESET for Android doesn't provide a Firewall so there is no way it could have blocked it. On my device I use it , but I never experienced such thing
  10. This is what happened with me , the infected PC I worked on had a person who doesn't know programming and doesn't know even English language , so naming the files fruit and idea and stuff like this made it a bit suspicious , and there is no even Python installed , the RAT supplied its own Python.
  11. This is what I posted about recently , it's nice read by the way , thank you https://news.drweb.com/show/?i=14728&lng=en I found the Dr.Web article about it.
  12. Try changing your DNS in your computer/router I don't see any reason for ESET to be blocked in Indonesia , other than that ESET have an office there so most likely it's not blocked and some other issue.
  13. Here bro , you have to repair the Master Boot Record for the devices. Check instructions for which Windows is running. https://neosmart.net/wiki/fix-mbr/
  14. Indeed it's just my opinion , many will disagree with me , and true vulnerabilities happen to all , but I just found other brands easier to work with.
  15. 4 years before I had a client with Mikrotek , one of the worst experiences I had with a router/firewall..
  16. Hello, Check here for instructions how to repair the MBR because as far as I know AVs cannot do it / dis-infect the MBR. https://neosmart.net/wiki/fix-mbr/ And here is from ESET Hungaria https://www.eset.hu/tamogatas/viruslabor/virusleirasok/abcd They explain about the threat you have in your detection log. It's pretty old virus , but how did you revive that up? did you plug an old hard disk?
  17. Hello brother , I am good thanks for asking Thanks for explaining , I understand Have a nice day
  18. Try this when you boot back to normal environment DISM /Online /Cleanup-Image /ScanHealth Does it find corruption? Not trying to interrupt with Marcos , please follow with him because he is an ESET Staff , I am not But try to download ESET Online Scanner , and put it to detect unwanted apps and unsafe apps , and let it scan deep , does it find something weird?
  19. Are you the Admin? If you are , try to see if your Windows is corrupted Run this from CMD Admin sfc /scannow
  20. Thank you Peter , I will do if something happens Thanks for the assistance.
  21. I'm afraid there is nothing I can exclude since I lose access to the whole software I don't think it would make a difference if I would exclude my VPN IP , since the whole program stops working when Web Access Protection is running If I can exclude some other way that I am not aware of , please tell me , but for me I can wait more time , I have it off for now (web access protection)
  22. As far as my brain helps me , Kaspersky is with the others but they are just quicker to re-act to adding signatures , hence the detection name UDS Malware Hashes (UDS) – a set of file hashes detected by Kaspersky Lab cloud technologies (UDS stands for Urgent Detection System) based on a file’s metadata and statistics (without having the object itself). This enables the identification of new and emerging (zero-day) malicious objects that are not detected by other methods.
  23. I just lose access to the whole GUI of FortiClient itself , I tried to exclude Forticlient but I wasn't successful or I did something wrong.
×
×
  • Create New...