Jump to content

Carbonyl

Members
  • Posts

    7
  • Joined

  • Last visited

About Carbonyl

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    USA
  1. Thanks very much, Marcos! If that's the case, then I take it that the malware didn't get a chance to do it's badness, and it should be safe to use the system still. I will wait until the full system scan is done regardless, but I appreciate the information. I didn't know if it was saying "ESET has stopped this potential attack" or if it was saying "ESET found something inside the system that may indicate a larger problem".
  2. Recently while browsing in Chrome, ESET threw up a warning that it had filtered an HTTP event. It gave a big red warning with the following info: Scanner: HTTP Filter Object type: File Object: {Redacted because it may be live malware} Detection: JS/Adware.Subprop.O application Action: Connection terminated User: {Redacted} Information: Event occurred during an attempt to access the web by the application {Path to Chrome} Hash: {Redacted, can be provided on request} My question is - Does this indicate that my system has been breached, and further cleaning action is necessary? Or did ESET stop this attack before it occurred, and no further action is necessary? I am performing a full system scan currently (will take several hours), but if a breach occurred, I realize that even a full system scan could be unreliable. I am running on a fully patched latest version of Windows 10, on ESET NOD32 version 13.1.21.0, detections updated on 4/23/2020 at 8:22:22 AM PST. Thanks very much in advance for any help.
  3. Duly noted, and thank you. It's now disabled. But in the meantime, what should I do to prevent this issue in the future, regarding the fact that ESET and Process Explorer are in a near-constant state of conflict? And even an exception rule doesn't seem to change that?
  4. Thanks much for the advice, Arakasi! I went ahead and tried to add a rule as you directed, allowing Process Explorer (and it's 64 bit version) to access programs and files. Sadly the logs persist in piling up. If it's safe to let this keep going as it does, I'm fine with that. I just have an unsettling feeling that the constant barrage of activity, blocking, activity, blocking, activity, blocking, on and on and on, is causing unnecessary wear on my SSD and CPU. SSDs only have so many write cycles in a lifetime, so if it's persistently writing over and over and over again because of this I risk shortening it's lifetime.
  5. Description: Please change the tray icon and GUI notification for Gamer Mode. Detail: Currently when NOD enters gamer mode due to a fullscreened application, the tray icon and GUI show a somewhat unsettling ! icon that is indicative of a more substantial problem, and the GUI says that "NOD requires your attention". This is unsettling, as gamer mode is operating as designed, there is no problem, and NOD does not require attention. With the prevalence of multi-monitor setups becoming more and more common, it's very likely that users will fullscreen an application, video, or game on a secondary display - and see the icon or GUI for NOD on their primary display and become concerned. This is particularly disconcerting when first discovering it. I just now saw the ! icon while a video was full screened on another monitor, and clicked over to the ! on my primary screen to see what was wrong and needed my attention. Doing so caused the video to exit fullscreen, and caused NOD to exit gamer mode before I could realize what was happening. And so I spent a good 10 minutes going back and forth thinking something was more seriously wrong on my system than it was. Anyhow, just a suggestion! Thanks.
  6. Hello. I recently switched to NOD v7, and overall have been very happy since the transition. The only thing that has me somewhat worried is that I tend to have Process Explorer running at all times on my computer. Checking the verbose logs on NOD show that the HIPS is constantly blocking Process Explorer: 2/7/2014 8:51:01 PM C:\Users\[REDACTED]\AppData\Local\Temp\procexp64.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application,Modify state of another application 2/7/2014 8:51:01 PM C:\Users\[REDACTED]\AppData\Local\Temp\procexp64.exe Get access to another application C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe some access blocked Self-Defense: Protect ekrn and egui processes Terminate/suspend another application,Modify state of another application,Get access to another application 2/7/2014 8:51:01 PM C:\Users\[REDACTED]\AppData\Local\Temp\procexp64.exe Get access to another application C:\Windows\System32\lsass.exe some access blocked Self-Defense: Do not allow modification of system processes Terminate/suspend another application,Modify state of another application etc, etc. It keeps doing this. I've turned off logging (because that would be absurd, at 10-20 messages a second), but I'm concerned that this is still happening in the background while I run process explorer. HIPS is a new thing to me, though, so I'm unsure of how to add Process Explorer to any exceptions, or what exceptions to add. As it is, I fear that my computer is constantly having this conflict happening in the background. If anyone could advise me as to what I ought to do, I'd be most appreciative.
  7. Hello - A while back I built myself a computer, and at the time I decided to use MSE as the antiviral suite of choice once my system was created. Since then, MSE has slipped noticabley in its detection and protection, and I am interested in replacing it. NOD32 is a highly recommended option that I am considering. HOWEVER: In the past I have had serious DISASTERS of compatibility and stability when trying to remove one AV suite and replace it with another. This leads me to a few questions before I choose to go with NOD. 1.) If I choose to remove MSE and install NOD, how can I be positively 100% sure to remove all traces of MSE before installing NOD? If even the slightest scraps linger, I'm sure I'm going to have a headache of crashes, blue screens, and other disasters. 2.) I am currently running Sandboxie with specific settings for my web-facing applications. It's currently running with a setting for MSE compatibility. If I remove MSE and install NOD, will I be able to switch Sandboxie over to some kind of NOD mode? Will Sandboxie and NOD get along with each other, or will they cause a huge conflict? I have heard that NOD doesn't like the system level drivers that Sandboxie runs with. 3.) How can I know if NOD will have a resource impact on my system? I like MSE because it is lightweight. I primarily use my system for gaming and heavy video editing (Premiere/After Effects), so a drain on the system wouldn't be fun to see. Similarly, if NOD is going to be doing constant read/write to my SSD, it might shorten the lifespan of the drive. Current specs are: i7-3930 64 GB RAM Win 7 x64 SP1 (most current) 2x HDD (512 GB SSD, 2 TB Platter HDD) Any information or guidance would be most appreciated. Thanks much.
×
×
  • Create New...