- Apr 1, 2019
- 2,868
Ha! I just had a similar issue with an image restore. Fresh Windows for all, I suppose. Never hurts to keep things running smoothly.
Wraith's Gaming PC Config for 2019
- Thread starter Wraith
- Start date
Ha! I just had a similar issue with an image restore. Fresh Windows for all, I suppose. Never hurts to keep things running smoothly.
- Aug 15, 2018
- 634
Starting afresh gives me a good feeling 
. Actually I haven't had the time to configure ESET HIPS and the FW after the fresh install. So temporarily I have kept OSArmor until I have finished creating the necessary rules for ESET.
. Actually I haven't had the time to configure ESET HIPS and the FW after the fresh install. So temporarily I have kept OSArmor until I have finished creating the necessary rules for ESET.
Last edited:
- Aug 15, 2018
- 634
Changed from Chrome to Brave.
Changed search engine from Google to DuckDuckGo.
Changed search engine from Google to DuckDuckGo.
Last edited:
- Aug 15, 2018
- 634
UPDATE:
Changed from ESET Internet Security to Kaspersky Internet Security.
I don't know but I somehow got infected yesterday just by simply browsing and without even downloading anything. PC restarted itself automatically in SAFE MODE and then again restarted itself in NORMAL MODE, after which I found out that ESET had been AUTOMATICALLY uninstalled from the PC. Upon scanning with EEK, MBAM and ESET Online Scanner, found a bitcoiner and two backdoors(StartupCheckLibrary.dll and winscomrssrv.dll).
Changed from ESET Internet Security to Kaspersky Internet Security.
I don't know but I somehow got infected yesterday just by simply browsing and without even downloading anything. PC restarted itself automatically in SAFE MODE and then again restarted itself in NORMAL MODE, after which I found out that ESET had been AUTOMATICALLY uninstalled from the PC. Upon scanning with EEK, MBAM and ESET Online Scanner, found a bitcoiner and two backdoors(StartupCheckLibrary.dll and winscomrssrv.dll).
- Aug 15, 2018
- 634
Here are the link for these two backdoors on VT. It would be very helpful if someone can provide any insight about these two
- Nov 15, 2017
- 1,083
- Feb 24, 2019
- 408
Yikes, and I thought ESET had great self-protection. Would be great if you can found out the source of this malware. Scary stuff.
Last edited:
- Apr 1, 2019
- 2,868
Well if there's one company with better web filtering than ESET it's Kaspersky, if K can't help you no one can. Very surprised ESET a)missed something with web filtering and b)was disabled. Sounds like the type of Malware that not many AV vendors would stop, or it had specific designs against ESET. I would also be curious the source of this nasty bug.
- Mar 29, 2018
- 7,623
As the author noted above, ads are a common vector for malware, and this is the reason I use µBO in advanced medium mode. K has a great web filter. Hope your problem is solved now.
@devjit2018 - maybe PM your query to @TwinHeadedEagle.
- Apr 1, 2019
- 2,868
Out of curiosity, since I’ve used ESET recently, did you have ESET’s https scanning disabled since you’re using AdGuard desktop? Getting a bad ad while using AdGuard desktop would be surprising, but looking at VT these variants seem somewhat recent.
- Aug 15, 2018
- 634
Believe me friend, I myself have no clue about how I got infected. I was searching for some information in the internet regarding a project topic when all of a sudden this message by ESET popped up. I naturally clicked Block. After around 2-3 minutes, the PC rebooted into safe mode and again rebooted into normal mode both automatically and the real nightmare was after rebooting into normal mode, ESET icon would not show up and when I double clicked the shortcut on the desktop, it said shortcut not found.
- Aug 15, 2018
- 634
Nope, I would never disable ESET HTTPS scanning since ESET Web Filter is one of the BEST.
- Feb 24, 2019
- 408
@devjit2018 using your ESET settings too with apps & OS updated? Is there anything in your browser history?
- Aug 15, 2018
- 634
I am using AdGuard desktop version. It is supposed to block all ads.
- Aug 15, 2018
- 634
I wouldn't call it the fault of the ESET self-protection. I think that because of the ESET self-protection, the malware had to restart the PC in safe mode to disable ESET services and delete ESET files. But then again, I am disappointed with ESET because I had ESET HIPS to notify any change in startup application but still ESET did not notify me. So now I'm using WinPatrol since it can alert when any change in startup application occurs. For those who're interested, here's the log from Malwarebytes and the scan of
- Apr 1, 2019
- 2,868
Did you report the event to ESET? I'm sure it would be useful for them to hear about the failure, maybe save some others from the same fate.
- Aug 15, 2018
- 634
I've created a thread in malware assistance section. Currently I don't see any signs of infection but there are two user accounts on this PC which I have not created.
- Feb 24, 2019
- 408
Personally I'd just reinstall, if it was capable of restarting in safe mode and removing ESET it could very easily hide away. Would be nice to see what TwinHeadedEagle finds, though.
- Aug 15, 2018
- 634
I use ESET with custom settings. I've also set up custom rules for firewall and HIPS. I have all apps updated including Sumatra PDF and LibreOffice. Windows is up to date with automatic updates(I don't know if Windows 7 was the culprit which got exploited.) Maybe the situation would have been different if I had been using windows 10.
- Feb 24, 2019
- 408
Windows 10 does have a lot more exploit prevention and features like core isolation so it depends.
Similar threads
