-
Posts
36,329 -
Joined
-
Last visited
-
Days Won
1,445
Everything posted by Marcos
-
Detection of possible ransomware, no option to clean
Marcos replied to d3adfish's topic in Malware Finding and Cleaning
The detection is from Sept 2023 plus we'd been monitoring it for several months before. -
ESET Protection Disabled on Every Boot
Marcos replied to FloridaPro's topic in ESET Cyber Security Pro (for Mac)
ESET CyberSecurity v7 natively supports ARM CPUs. Other ECS features will be added throughout this year. -
If you attach a device that is blocked by Device Control, it should appear in the Device Control log on the endpoint as well as in the appropriate DC reports generated by ESET PROTECT.
-
The management agent for MacOS can be downloaded from https://download.eset.com/com/eset/apps/business/era/agent/latest/agent-macosx-x86_64_arm64.dmg.
-
Windows firewall allows all outbound communication so no extra rules should be needed for ESET security products to work.
-
Web protection - Figma App Error - macOS
Marcos replied to EjEm's topic in ESET Endpoint Products for macOS
I'm not sure if i follow but didn't you want to allow access to the site *.figma.com? Why did you add it to the blocked address list then? If it's accessed via https, then port 443 would have to be added to the list of http ports. -
ESET INSPECT Connector Alerts
Marcos replied to alepetpan's topic in ESET Inspect On-prem (Detection and Response)
Please raise a support ticket for further troubleshooting. -
ESET INSPECT Connector Alerts
Marcos replied to alepetpan's topic in ESET Inspect On-prem (Detection and Response)
Do you have a CA certificate with CN "ESET PROTECT Server Test" installed in your ESET PROTECT? Is there also an agent peer certificate installed issued by CA with CN "ESET PROTECT Server Test" with "yes" in the "CA is present" column next to it? -
Duplication of a machine in on-prem consolle
Marcos replied to dannyzed's topic in ESET PROTECT On-prem (Remote Management)
If you were not able to resolve it by following the instructions at https://help.eset.com/protect_cloud/en-US/vdi.html, please raise a support ticket for help with further troubleshooting. -
ESET Protection Disabled on Every Boot
Marcos replied to FloridaPro's topic in ESET Cyber Security Pro (for Mac)
Does it happen with the latest version of ESET Endpoint Antivirus v7? -
Submission of Malware Samples for Analysis
Marcos replied to Hardq's topic in Malware Finding and Cleaning
Please submit just one or few suspicious files from the image as an email attachment to samples[at]eset.com. I assume the big image must have thousands of files inside, we need just the suspicious ones which should be also substantially smaller in size. Also provide valid reasons why you find them suspicious; if the files are detected by other AVs, if you ran them and they did something malicious on your machine, etc. -
Limited connectivity with Direct Cloud
Marcos replied to Krax1948's topic in ESET PROTECT On-prem (Remote Management)
A newer version of the Direct cloud communication module 1136 was released last week. It reports issues with EPNS communication only if it lasts longer and is caused by a problem on user's side, e.g. if the communication is blocked by a firewall. Please carry on as follows: Enable advanced logging under Help and support -> Technical support Reproduce the issue Stop logging Collect logs with ESET Log Collector and upload the generated archive here (only the ESET staff can access attachments). If it takes longer to reproduce the issue, enable only advanced direct cloud logging in the advanced setup -> Tools -> Diagnostics. -
Detection of possible ransomware, no option to clean
Marcos replied to d3adfish's topic in Malware Finding and Cleaning
Please post a screenshot where ESET flagged the software as ransomware. I'd rather expect it to be detected as a potentially unwanted application. Moreover, the detection name comes from another AV maker as itman pointed out. -
If you mean by "keyword" a part of the url then yes, otherwise no. The text on websites is not checked for the presence of user-defined strings.
-
According to status.html, the management agent has been successfully replicating so there's no issue on the client. If you don't see it in the Computers panel in the console, it must be caused by having a filter enabled, Successful replications: 5 All replication attempts: 5 Connection: BI201XXXXXER.bi.local:2222
-
How to download Eset endpoint security for macOS version 7
Marcos replied to eornate's topic in ESET Endpoint Products
ESET Endpoint Security v8 will be available later this year. In the mean time it' possible to use EEA v7 or EES v6. -
How to download Eset endpoint security for macOS version 7
Marcos replied to eornate's topic in ESET Endpoint Products
An installer with ESET Endpoint Antivirus v7 can be created via ESET PROTECT. -
Web protection - Figma App Error - macOS
Marcos replied to EjEm's topic in ESET Endpoint Products for macOS
Does temporarily disabling Web access protection make a difference? Please prepare logs for technical support by enabling advanced protocol filtering logging and diagnostic logging verbosity prior to reproducing the issue. Raise a support ticket and provide the logs collected as per https://support.eset.com/en/kb3404. -
The alert doesn't come from ESET. It's a pop-up ad delivered through push notifications that you have likely allowed on a website: https://malwaretips.com/blogs/remove-macos-virus-detected-take-action/
-
Web protection - Figma App Error - macOS
Marcos replied to EjEm's topic in ESET Endpoint Products for macOS
-
Web protection - Figma App Error - macOS
Marcos replied to EjEm's topic in ESET Endpoint Products for macOS
The url is not blacklisted by ESET. I assume that you have port 443 in the list of ports to scan which may cause issues with some applications. -
Please carry on as follows: When the issue occurs, enable advanced operating system logging under Tools -> Diagnostics -> Advanced logging in the advanced setup After 1-2 minutes stop logging Collect logs with ESET Log Collector and upload the generated archive to a safe location (e.g. OneDrive, Dropbox,...) and drop me a personal message with a download link.