-
Posts
12,172 -
Joined
-
Last visited
-
Days Won
319
Everything posted by itman
-
inpoutx64.sys potentially dangerous application
itman replied to tese01's topic in Malware Finding and Cleaning
Based on this; https://www.bleepingcomputer.com/news/security/blackbyte-ransomware-abuses-legit-driver-to-disable-security-products/ I would say they is no safe way to allow this vulnerable driver to remain installed on the system regardless of where it is stored at. -
Ping blocked by eset
itman replied to byxil's topic in ESET Internet Security & ESET Smart Security Premium
It's strange that Eset Network Traffic Scanner would block a ping from a device on a trusted network to another device on the same network. One possibility is Eset is monitoring for a ping flood attack: https://www.imperva.com/learn/ddos/ping-icmp-flood/ . In any case if this is a major issue for you, I would open a tech support request about it. -
Ping blocked by eset
itman replied to byxil's topic in ESET Internet Security & ESET Smart Security Premium
I guess we can assume that the Eset firewall is not blocking the inbound ping activity. You will have to go through Eset logs; Detections, Filtered web site, HIPS, and Network Protection to determine if any entries exist related to this ping activity. -
inpoutx64.sys potentially dangerous application
itman replied to tese01's topic in Malware Finding and Cleaning
Based on this: https://hardforum.com/threads/major-security-vulnerability-in-msi-afterburner.2030538/ , the latest ver. of Afterburner is not vulnerable. I assume it installs a new version of RTCore64.sys driver. If Eset doesn't alert about it after latest Afterburner installation, you're good to go. -
All the following URL's show PUA in Firefox; https://prod-master.il2sturmovik.net https://alpha.il2sturmovik.net/ https://alpha2.il2sturmovik.net/
-
Eset firewall use has no bearing on if a port is open or closed. The router controls this. My best guess is you have a device on your network that has port 53 access capability. Eset Network Inspector should show you which device; other than the router, that has this capability.
-
inpoutx64.sys potentially dangerous application
itman replied to tese01's topic in Malware Finding and Cleaning
Refer to this article: https://connect.tobii.com/s/article/TTL-InpOut?language=en_US . Also, other app software might use this driver Appears compattelrunner.exe was scanning the system for installed software as it does and when it encountered inpoutx64.sys, this caused the Eset detection. The bottom line is this driver is used by system parallel ports. The only thing I know that uses those are old printers. -
Ping blocked by eset
itman replied to byxil's topic in ESET Internet Security & ESET Smart Security Premium
On the Private profile, Eset's firewall trusts all connections on the local subnet; e.g. 192.168.1.0/24. If you review Eset default firewall rules and scroll down to the rule title "Allow ICMP communication in the Trusted zone," all ICMP communication is allowed. This leads me to believe it's ICMP activity from the the VPN connection that is being blocked. Ping from the HA server again. Immediately thereafter open Eset GUI -> Network Protection. Refer to the section titled "Resolve blocked communication." The count shown should be a non-zero value. Mouse click on Resolve blocked communication section. Shown should be the blocked ICMP communication and you can have the Eset firewall auto create a firewall rule to allow the ICMP traffic. -
Ping blocked by eset
itman replied to byxil's topic in ESET Internet Security & ESET Smart Security Premium
Does your Eset active network connection show as Public profile? -
Slovakia observes daylight savings time. As such, update times effective 3/31 should be UTC/GMT +02:00; https://en.wikipedia.org/wiki/Time_in_Slovakia
-
NOD32 17.1.9.0 not allowing VPN to connect
itman replied to Super_Spartan's topic in ESET NOD32 Antivirus
Add exclusion to Web Access protection per; https://help.eset.com/eea/10.1/en-US/solving_problems_protocol_filtering.html The exclusion being; 8. Antivirus / Firewall https://hide.me/en/knowledgebase/why-a-vpn-connection-could-not-be-established/ -
Does the below apply to you per above linked Eset KB article? If your license expiration is within 10 days of expiration and auto-renewal is in effect, you can't downgrade the product. Your Eset Home Account will show if auto-renewal is in effect. Best you contact your Eset authorized distributor is Spain about the situation.
-
Did you disable WFP use in Adguard Adblocker as shown here: https://adguard.com/kb/adguard-for-windows/solving-problems/wfp-driver/ ? My advice is don't use anything installed AdGuard related with Eset. Their installed products overall are not compatible with Eset. Alternatives are to use Adguard browser extension or use uBlock Origin browser extension and activate AdGuard TPLs within it.
-
ESSP 17.0.16.0 Browser Protection
itman replied to Tmod's topic in ESET Internet Security & ESET Smart Security Premium
Since you are persistent in your desired use of this app, the only solution I know of is to disable Eset Browser Privacy & Security feature since it is what is alerting about this .dll. Browser Privacy & Security is not an essential security protection. Its primary purpose is to examine browser search results and warn via icon notification about a suspect web site. As far as I am aware of, there is no way to create exceptions to Browser Privacy & Security. -
-
Turn on WinTun option. Reboot PC. Retest at AMTSO Phishing test site. Ref: https://adguard-vpn.com/en/blog/adguard-vpn-v2-2-for-mac-and-windows.html . Note that AdGuard documentation does not specifically state that WFP use is disabled when WinTun driver is used. But, the implication is the tunnel driver is bypassing WFP use.
-
ESSP 17.0.16.0 Browser Protection
itman replied to Tmod's topic in ESET Internet Security & ESET Smart Security Premium
https://www.file.net/process/mspydll.dll.html Since Eset's Browser Privacy & Security feature is alerting about this .dll, I assume its attempting to perform one or more of the above activities against your browser. -
It might be related to the QUIC issue affecting browsers as posted in recent forum threads. Disable this setting; https://adguard.com/kb/adguard-for-windows/solving-problems/low-level-settings/#filter-http3 and see if this resolves the issue. Another known Adguard incompatibility with ESET is Adguard's default use of Windows Filtering Platform. It needs to be disabled as shown here: https://adguard.com/kb/adguard-for-windows/solving-problems/wfp-driver/ .
-
Malware.injection JS/Agent.RJR on Web Site
itman replied to AlfredoBenni's topic in Malware Finding and Cleaning