-
Posts
37,927 -
Joined
-
Last visited
-
Days Won
1,504
Everything posted by Marcos
-
something wrong with Eset NOD32 9 on computer
Marcos replied to irisemars's topic in General Discussion
Is she using Windows XP that she has v9 installed? If not, then I'd suggest uninstalling v9 and installing the latest v11. Also is it ESET NOD32 Antivirus or ESET Smart Security installed? -
Unfortunately, you've posted in the General forum so we don't know what ESET product and version you are using. Please provide that info so that we can move this topic to the appropriate forum. Also let us know if disabling protocol filtering in the advanced setup make a difference.
-
Did you remove the license by uninstalling ESET Mobile Security or what exactly did you do? Please drop me a private message with your email address associated with my.eset.com.
-
ESET Endpoint Security - WSL Support?
Marcos replied to whitelistCMD's topic in ESET Endpoint Products
Correct. -
ESET Endpoint Security - WSL Support?
Marcos replied to whitelistCMD's topic in ESET Endpoint Products
All recent ESET products support WSL in terms of real-time protection. There's no specific setting for that, however. -
Configure an ESET endpoint product to function as a Mirror server
Marcos replied to Hassan7's topic in ESET Endpoint Products
Please refer to https://support.eset.com/kb374/ and https://support.eset.com/kb3641/. We strongly recommend using an HTTP Proxy instead of a mirror to cache install and update files to save bandwidth and to use update files effectively, without downloading files that will likely never be requested by clients. -
If you download eicar from https://secure.eicar.org/eicar.com, is it detected by real-time protection and cleaned automatically? Does it appear in yellow in the ERA Console, ie. as an inactive threat? Also please check the details of the active threats and let us know what scanner (on-demand or real-time) is listed there.
-
Database migration.
Marcos replied to NumberFive's topic in ESET PROTECT On-prem (Remote Management)
Unfortunately, migration between different types of databases is not supported. -
Outlook and ESET Outlook Add-in Sync Issues/Conflicts
Marcos replied to John.From.VT's topic in ESET Endpoint Products
Sync issues occur if a particular email is modified concurrently, e.g. when scanned both on the server and client at the same time or when downloaded on more devices. If email is scanned on the email server, you can disable integration with Outlook. We've been working on a plug-in overhaul last months which will prevent sync issues and it will be included in Endpoint 7.0.X. -
Eset failed to stop ransomware
Marcos replied to winstonsmith84's topic in Malware Finding and Cleaning
First of all, please collect logs with ELC and drop me a message with the generated archive attached. The last Filecoder.NPA we've got is from January 2018. It could be that an attacker remoted in via RDP and disabled protection prior to running the ransomware. The logs should shed more light. -
I'll check if the version of VA downloadable from the mentioned website is really 6.5.31.0. This version has ERA Server v6.5.417.0 included which is supported by the repository.
-
It was most likely downloaded when opening a another website which was either compromised or downloaded it on purpose. That CoinMiner was detected and blocked. All you can do is avoid visiting websites that load CoinMiner if you don't want them to be detected.
-
Which of the above packages did you select when creating a Software install task?
-
Firewall paused with password protected settings?
Marcos replied to Lockbits's topic in ESET Endpoint Products
I have often seen Filecoders to be detected both in TS shares and on local disks which means they were detected and blocked, however, the attacker had to disable real-time or even other protection mechanisms in order to be able to run the ransomware. Did you have detection of potentially unsafe applications enabled? I'm asking because detection is disabled by default as it covers legitimate tools that can be misused in the wrong hands, however. -
Please post a screen shot of what package you selected in the repository.
-
Firewall paused with password protected settings?
Marcos replied to Lockbits's topic in ESET Endpoint Products
First of all, if an attacker gains administrator access to a computer, he or she can do virtually anything, including killing the security programs you use. In this case it's not the firewall that would have prevented the ransomware from being executed by the attacker; they typically disable real-time protection which would have otherwise prevented the ransomware from being executed. Besides hardening or completely disabling RDP, if not really needed, you should consider: - keeping the OS up to date, installing all critical security patches asap - using a non-default port for RDP connections - limiting users with RDP access - using strong passwords - limiting IP addresses / ranges for RDP connections - set a password to protect ESET settings - enable detection of potentially unsafe applications to detect legit tools that can be used to kill running applications. -
Firewall paused with password protected settings?
Marcos replied to Lockbits's topic in ESET Endpoint Products
The attacker would have to run this command from the ERA console. -
Dear Eset Community, I got a strong Malware into my device?
Marcos replied to Y.Bach's topic in Malware Finding and Cleaning
What was detected by ESET and what by the other AV you mentioned? Was it files which were detected? Do you still have them at least in quarantine? I assume you are talking about a Mac device, aren't you?