migs_k
Members-
Posts
21 -
Joined
-
Last visited
Everything posted by migs_k
-
is it normal for services.exe to stop Microsoft Defender Antivirus Network Inspection Service from time to time?
-
after logging in using PIN after a restart and HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{D6886603-9D2F-4EB2-B667-1971041FA96B}\S-1-5-21-229674073-691441657-888200982-1001\NgcFirst\ConsecutiveSwitchCount this came up on ESET HIPS, never seen this popping up before. after doing some internet search, this came up https://forum.eset.com/topic/23588-hips-alert-for-host-process/?_fromLogin=1
-
is this a legit eset website? https://www.eset.com.ph/ my aunt purchased eset license and registered using that website, but when trying to login to the hxxp://my.eset.com/ using the same credentials, it wont work. https://www.scamvoid.net/check/eset.com.ph/
-
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
Yeah, i guess im gonna need that consultation A lot has happened since my last reply -
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
these record happened when I was already logged on and during that time I was on a google meet session also, I don't access my PC through PIN, I use Microsoft pass -
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
also to me this is an unresolved issue 2/19/2021 5:05:06 PM;C:\Windows\System32\LogonUI.exe;Modify startup settings;HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{D6886603-9D2F-4EB2-B667-1971041FA96B}\S-1-5-21-2775152818-1588230348-2558996214-1001\DestructiveResetInProgress;allowed;Automatic mode; after doing google search D6886603-9D2F-4EB2-B667-1971041FA96B = PIN so im going to assume someone logged in via my PC's PIN did a "DestructiveResetInProgress" and "TpmClearRecoveryInProgress" whatever this means -
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
ive also sent some sort of .exe s to eset they are CR_xxxxx/setup.exe the x are random number / chars these things keep popping up from HIPS from time to time targeting my browsers I couldnt obtain all of them, as soon as it gets reported by eset's HIPS I try to go the location of that .exe and its not there anyway, do you how to disable safe boot without logging into windows and without a windows 10 physical disc? -
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
not sure about that, after blocking 0x1f4b0.com and restarting its now replaced by 0123movies.com -
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
-
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
ive added the 127.0.0.1 0x1f4b0.com to hosts and it returned back to 0.0.0.0, but still this shows in eset what are suppose to be the default connections / ports of these things should I block ports 15xx? is my system services hijacked? -
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
-
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
theres also an unknown user S-1-15-3-1024-1065365936-1281604716-3511738428-1654721687-432734479-3232135806-4053264122-3456934681 in the HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WdNisDrv and HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WdNisSvc im the only user on this device WdNisDrv also stops running from time to time -
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
can anyone tell me what these are?? -
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
scratch this -
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
dunno, something definitely suspicious is going on I just discovered in my documents 2 exported bookmark htmls that the contents contain selectively private stuff and not just talking about porn (although it was included) also today, I found in my recycle bin files ive deleted long ago, these files all of them deleted at the same time of 5:08, and their original location deleted is on microsoft/windows/recent -
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
even though it has 5335 attached to it? -
can I ask where to locate these windows "updates"
migs_k replied to migs_k's topic in ESET NOD32 Antivirus
what about these services? no results on googling i cant disable it, all it says parameter incorrect -
where can I locate these "updates", because I want to send it for inspection, get to see what's inside of it. ty