Jump to content

Search the Community

Showing results for tags 'malware'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • ESET General Forums
    • ESET Announcements
    • General Discussion
    • Forum FAQ's and Rules
    • Submit a virus, website or potential false positive sample to the ESET lab
    • Quick questions by guests (registration not required)
    • WeLiveSecurity.com
  • ESET Home User Products
    • ESET Internet Security & ESET Smart Security Premium
    • ESET NOD32 Antivirus
    • ESET Cyber Security (for Mac)
    • ESET Cyber Security Pro (for Mac)
    • ESET NOD32 Antivirus for Linux Desktop
    • ESET Products for Mobile Devices
    • Web portals
  • Malware Detection and Cleaning
    • Malware Finding and Cleaning
    • ESET Standalone Malware Removal Tools
  • ESET Business User Products
    • ESET Cloud solutions
    • ESET Endpoint Products
    • ESET Products for Windows Servers
    • ESET Products for Linux Servers
    • ESET Products for Mobile Devices
    • Remote Management
    • ESET Enterprise Inspector (EDR)
    • ESET Products for Virtualized Environments
    • Encryption
    • ESET Licensing for Business
    • Other ESET business products
  • ESET Beta Products
    • ESET Beta Products for Home Users
    • ESET Beta Products for Business Users
  • Slovak and Czech forums
    • ESET NOD32 Antivirus, ESET Internet Security a ESET Smart Security Premium
    • Produkty pre mobilné zariadenia
    • Vírusy a iné hrozby
    • Ostatné


  • Files
    • Early Access
    • EES / EEA 9 BETA
    • Miscellaneous

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. Hi I am a student of horticultural therapy and I need to access hxxp:// htinstitute.org/community/login-to-the-hti-community-link when I try I get this message; ESET NOD32 Antivirus Threat found Access to the web page was blocked. hxxp:// htinstitute.org/community/login-to-the-hti-community-link Threat: HTML/ScrInject.B.Gen virus I contacted my instructor. Can you tell me what it is I should tell them regarding this message. I need to access this to upload my homework. Thanks, Dawn
  2. I'm just trying to understand the lag here with most of the vendors including Eset. See: hxxp://www.securityweek.com/russian-hacker-tool-uses-legitimate-web-services-hide-attacks-fireeye Given this pretty much bypasses most of our detection other than ESET Endpoint, and the hashes have been known for a few weeks now: https://www.virustotal.com/en/file/8995535721ebeaf6983c6cecf3182d756ca5b3911607452dd4ba2ad8ec86cf96/analysis/ Why the delay for signature detection?
  3. All of a sudden, service / hardware monitoring modules by R-U-On.com are being reported as viruses by ESET's Smart Security - probably just the normal AV product as well, but I've not tested it there. I've been using these modules for probably over a decade now and I've not witnessed any malicious activity from them. I've submitted file review requests to ESET, but I've not gotten any answers back yet. Has R-U-On's modules lost their reputation? This is what ESET's log says: "a variant of Win32/RiskWare.Proxy.Ruon.A application unable to clean" Does anyone here know why ESET's calling this software bad?
  4. Hi, I've seen that Kaspersky has a protection module to tell you if your webcam is been used. This would be a great feature to add to Eset, because some people like me get a bit paranoid if my webcam is on. Can you please consider this suggestion. Thank You
  5. Very confused: When I install ESET Cyber Security Pro on each of my kids Macs, immediately after detecting our actual home network the following happens: - New Network Connection Detected. "You just connected to an unknown location. Please select a profile for this connection." - So, I confirm my current (not new) network connection name. It shows my current familiar network address. - Then it prompts me again with a New Network Connection detected. - It says, "Interface: awd10" I don't know what this is. - Below, under advanced settings it shows a Network of "fe80::/64" and above that a particular fe80... address. I am unfamiliar with this address. - Now, my normal network connection shows BOTH addresses, as if my internet connection might be routing 2 different directions. This appears really suspicious to me. I'm wondering if a malicious code is activating or running awd10. Does anyone else experience this? Is this a true part of ESET? (If so, it would be REALLY nice to be forewarned.) Thank you for any help! Craig
  6. Hello, I did a test from page hxxp://www.amtso.org/check-desktop-cloud-lookupsand was able to download a file. Windows showed an alert that this file can harm my computer but ESET Endpoint Antivirus 6.1.2222.1 did nothing. Follow by this page antivirus should not allow to download such file. I have default configuration of my EEA product. Please let me know if I should change any settings? Thank you!
  7. Hi, I am new to the forums and am having a problem. This morning had an online sale but was unable to print a label. After jumping through a dozen of hoop, called Lexmark who after having remotely connected to my computer, told me I have a virus. Oh well. I am bringing my laptop to a local shop, however all the ESET applications etc, is gone from the Downloads folder. I checked, and sure enough, my license is good until next year. BUT to my astonishment (and this is to put it nicely) everything that has to do with ESET, is gone from the downloads, except for the Installer. Can't run scans or anything else. So much for this morning. Can't do anything with the Installer as when I click on it, am getting a message that it's already installed. But can't run it. I am very disappointed. Any ideas are welcome.
  8. If you had to use another malware solution other than ESET which one would it be and why? I think I would use Webroot as it is light, unobtrusive and fairly reliable and would be my likely choice. After using or dabbling with Avast, Norton, Bit Defender and Webroot the reasons I have come back to ESET recently and now will always stay with ESET are: 1. My older PC's just choked on Bit Defender, very noticeable slowdown, especially when using Outlook and other Office programs. On my ten year old PC Outlook would not even open with BD installed. 2. With Norton, it would block Outlook email sending and receiving randomly and would generate a lot of FP's with email attachments and documents. Couldn't open or view them even though I knew they were clean/safe. 3. Avast updates would break the mouse drivers and sometimes the keyboard drivers. Usually, would just have to unplug/re-plug the mouse or keyboard to get them working again, not a big problem but a nuisance. The anti-spam module which started stamping every single email my wife sent and received in Outlook with the "SPAM" warning in the subject field. Avast tech support offered no fix for this. There was no simple way to just quit using the anti-spam module without there being a big red X in the Avast taskbar icon saying I was not fully protected. 4. Webroot web filtering extensions, when browsing the internet, the green, yellow, red traffic light safety indicators of their Bright Cloud reporting system keep breaking so instead of seeing a colored dot indicator, would get endless spinning circles. Would have to uninstall/re-install Webroot to fix this and just got to the point where I just disabled the filtering extensions in the browsers. I'm not comfortable with Webroot not scanning emails and attachments either. Although Webroot takes a whole different approach to malware protection than every other solution it seems like too much could go wrong with not scanning emails. With ESET there are none of these problems. It is just rock solid reliable, causing no problems, don't even know it's there and working. The highest endorsement I can give ESET is that even my wife (who doesn't care to know the how's and why's, nuts and bolts of malware protection) told me "don't use anything other than ESET on my computer anymore" because of the aforementioned Outlook problems Norton, Avast and BD created. Also, in my wife's business she receives a good number of email attachments and ESET routinely intercepts all of the numerous Crytplocker variants and other cooties. Significant reason: Another point that I very much appreciate about ESET is that I use a reciprocal link creation/management software for my wife's website business. When I use this software to check/verify the reciprocal links are still good/active ESET is checking them too. This morning ESET flagged three of the links (there are over 300 links) and after checking further, sure enough the sites were now compromised/unsafe, ESET was blocking them. ESET is the only malware solution that has ever checked these links when I ran the check/verify process. That ESET is doing this when the others don't even think of it gives one a warm and fuzzy feeling and under no circumstances do I want a viewer of my wife's website to follow one of these reciprocal links to an infected website. My apologies for the long winded monologue but these are my reasons/my story for choosing ESET. I find it interesting though if not ESET what else would you go with?
  9. Wykrył trojana, gdy próbuje go usunąć -odpowiedz brzmi nie można gdyż apk systemowa
  10. ESS8 is blocking access to the website hxxp://www.puebloarts(111).orgbut if I use another computer running Webroot or Windows Defender I can access this site. Virustotal.com does state there is one detection for this site by 'ADMINUSLabs" but also shows in the list that ESET says it is a clean site. If virustotal.com is showing that ESET says it is a clean site why is ESET not allowing access to this site by saying it detects JS/Agent.NOQ trojan? If this is an FP, how do I tell ESS8 to stop blocking it?
  11. On virusradar.com I saw quite many descriptions which seem to have an issue. For example take this search for a "threat" where I recently wanted to link to. Now click on a description, e.g. this one (hxxp://virusradar.com/en/Win32_SlowPCfighter.A/description) and instead of showing you information about the thread it redirects you to the "Latest description" site... And this is only one example of a threat (with a "redirection issue")... So obviously there is something wrong...
  12. I am running SS v8.0.304.0 and have Botnet Protection turned on. I was just provided with a list of 222 IP addresses associated with ZeusTracker malware. I know that I can add single or range of IP addresses to the blacklist but adding 222 addresses would seem to be an onerous task. Before undertaking the mass input, can I determine if ESET's Botnet protection makes this an unneeded task? Here is the current listing of the Zeus specific IPs. https://zeustracker.abuse.ch/blocklist.php?download=ipblocklist Thanks for your assistance...
  13. I'm getting lots of email spam with attached malware in Word/pdf docs. However, NOD32 doesn't pick this up immediately, and allows the email to be opened. Later in the day though (it seems), if I click the dodgy email, it will get moved to infected items. Why the delay? Thanks
  14. Why is it when I want to download latest version of WinZip to my Vista o/s I get a warning that winzip18.exe is a 'potential threat' as it is a variant of Win32/InstallCore.OY? Can I safely ignore or is there something about WinZip to not trust please?
  15. Hello, I have seen multiple discussions about this topic floating around the web. As Linux becomes more and more popular, the demand for malware will continue to rise, especially for financially driven malware. Linux is more susceptible to browser and java based malware, as well as the big problem being rootkits and malware that use escalation of privilege in order to obtain root and run under the limited user accounts. I am hoping to receive some responses from multiple people, however my biggest expectation here is to receive some responses from moderators and staff of ESET. Would also be interested in receiving responses from researchers as well. More in particular Mr. Goretsky, as his responses are always clear, precise, professional, and his answers have always been correct as much as they can be. Thanks, ~Arakasi
  16. Very thanks to @esetglobal for posting this. And of course also thanks to International Business Times (IB Times)... Debunking the Hollywood hacker myth: Inside a real cyber-security command centre www.ibtimes.co.uk So have a look into it...
  17. hxxp://www.eset.com/int/about/press/articles/infographics/article/to-know-about-android-malware/ hxxp://www.eset.com/int/about/press/articles/infographics/article/anti-theft-what-should-i-do/ Great infographics, ESET!
  18. Dear Sir, we have using ESET Endpoint Version 5.0.2214.4, recently infected with conficker worm.AA it spreading over the network, we have no solutions to prevent the conficker worm A.A infected the workstation pc. had try to configure IDS setting it still infected the workstation pc by create a conficker file into windows folder and only removed it by eset endpoint security on windows section and it also created a task job, by it self. had try to make a full scan but no infection just got infection it spread over network and cleaned by endpoint itself and reinfected again after a few hours or day, however had try to disable autorun.inf using registry patched it totally not able to block the conficker worm spread over the networkstation... it will infected and removed by eset endpoint only .. pls help
  19. I haven't yet bought my own ESET protection, partly because as soon as I was ready, I found myself broke. I make $12.50 per hour and that isn't a living wage. And I'm lucky compared to many. As I said, 'partly'. The other reason is that I never got an answer to the question whether the ESET stand alone av prog takes 'preventive' measures, the way (I'm sure) the suite does. If I don't need the suite, I only want the av. I visited my mother in Oshawa yesterday and discovered a wee problem on her desktop. (She's using windows xp, home) She has picked up 22Find and try as a might, I can't get it off her pc. I started to look into solutions online, but ran out of time. I had to get back to Toronto. Who knows whether 22Find is the cause of some of her problems? (She can't access Kijiji) From what I've read about this browser hi jacker, it borrows deeper over time and, as it invites partners to tag along, narrows the user's own choices. I'm not tech savvy, but compared to my mother, I'm Edward Snowden. Any thoughts anyone? Thanks in advance.
  20. I ran a deep scan and the report said it cleaned 1 object but there were 13 infected objects. How do I remove the infected objects from my Mac. I saw instructions on the board for Windows/PC but not for Mac.
  21. I had recently (finally) gotten a reply from my favourite Anti Virus software developers ESET on their Twitter Page: ESET ‏@ESET 2h @TOPNOTCHPClol if you haven't already, please post this issue with as much info as you can share via https://forum.eset.com - Thanks! (I am new here, so I apologize if I did not post in the correct area) I will basically be copying and pasting my original post on the Linus Tech Tips Forum (Before starting a description, this is not exactly news and I am not much of a writer, however I am posting it here including my sources. This issue, as-well as the IPv6 Router Advertisement flood needs to be resolved. This won't be the easiest to read however, anyone with some technical knowledge should be able to get the just of what I am saying) Sam Bowne teaches Ethical Hacking at the City College San Francisco1. Sam Bowne has done many talks at Defcon which can all be found on You Tube2. Most recently Sam Bowne had his students modify & compile malware in Python into Windows executables3, thus making Virus Total.com unable to detect it(Virus Total does not use heuristics, as normal Anti Virus engines would) making the code effective against Anti Virus softwares with Behavioral Analysis options disabled(Which they very rarely are)4. After having published his findings a Twitter follower by the name of Bobby 'Tables5 suggested to Sam Bowne that Behavioral Analysis really only watches the process for "a minute or two", suggesting that a simple delay in combination with Sam's original method could make both definitions obsolete by modifying the malicious code, compiling in Python, then switching it over to a Windows executable, leaving heuristics or "behavioral analysis" the only thing left to pick up the malicious code. To get around heuristics Sam simply used a delay after starting the process to in essence wait until the guards pass to do something malicious. The delay issue in itself actually worries me a fair bit more than, a slight modification of malicious code in Python. My suggestion for Anti Virus manufacturers is to offer users the flexibility on both how long heuristics will watch certain processes, and maybe even the intervals in which the Anti Virus software re-checks processes. Anti Virus Software such as ESET Nod32/Smart Security is already so light weight and efficient that, I could see myself having it watch processes for about an hour long still with minimal performance hits. If you are interested in watching a video on Sam Bowne demonstrating these concepts the link has been provided in the sources, as-well as a link to a video on IPv6 Router Advertisement Floods. Sources: (To see video demonstrations follow this link to my original post please: hxxp://linustechtips.com/main/topic/199011-python-delay-makes-anti-virus-softwares-obsolete/) 1: https://twitter.com/sambowne 2: https://www.youtube....am Bowne Defcon 3: hxxp://samsclass.inf...roj14/p8-av.htm 4: hxxp://samsclass.inf...oj14/norton.htm 5: https://twitter.com/info_dox 6: RA flood Videos: RA flood hitting fortigate: RA flood discussion:
  22. I have a MacBook Pro with 3 partitions that have Mac OS X, Ubuntu & Win 7 respectively. When doing a scan with ESET NOD32 it shows up some possible infections within the Windows partition but appears to give no options to deal with them. Do I need to enable read/write access to the Mac OS X & Windows partitions for ESET NOD32 to be able to eliminate/quarantine the infected files. In closing I do wish to say that I very much like the way ESET NOD32 integrates with the new Ubuntu Unity desktop
  23. We have 150 workstations. Over the course of the last two weeks Eset Endpoint has detected, in the operating memory, a variant of win32/urlbot.nao trojan on 22 different machines. Eset cannot clean or delete the files. When we do a full scan with Eset after the message, no objects are infected. Eset does appear to be quarantining files from the windows\system32 and office directories. This infection is spreading. Any help would be appreciated.
  24. I noticed last week my computer cpu being used a lot, and available memory being very low. Looking into it, I found an SVCHOST.exe process using around 10 to 20% cpu, and up to 1.2 gigs of memory. I killed the process, and it stopped, without affecting Windows. However, about 12 minutes later it restarts the process. I downloaded Malwarebytes, and it shows that when this happens, outgoing data to a malicious website flyclick.biz is stopped. No scan I have run using Malwarebytes, Adaware, Search and Destroy, or Spyhunter seems to find this problem, but Roguekiller does find one or two processes in it's Prescan, and kills it. However, one of the SVCHOST.exe processes it kills is the plug and play or power process, and it re-boots my computer. Obviously something is using my computer for some nefarious purpose, and since I sometimes do financial actions using my computer this is very concerning. I finally downloaded ESET NOD32, and it found and fixed a few issues, but the main issue remained. I ran it in SAFE mode, and when it was done the problem was gone. I cannot find a log for that Safe Mode scan, but I won't complain much. Thanks, Daniel
  • Create New...