-
Posts
38,051 -
Joined
-
Last visited
-
Days Won
1,509
Everything posted by Marcos
-
Please provide me with logs gathered with ELC. Obviously a process has crashed while a Procmon log with protection enabled was being generated. However, the very first Procmon log you provided didn't contain any records of a crash.
-
The installation was not completed successfully
Marcos replied to Tootsierolls's topic in ESET NOD32 Antivirus
Try uninstalling ESET in safe mode using the Uninstall tool. Should the problem persist, gather logs with ELC and provide me with the generated archive. Also if possible, create and provide a Procmon log from a failed install as well. -
Long Endpoint Security on-demand smart scan task
Marcos replied to Mavcom's topic in ESET PROTECT On-prem (Remote Management)
If you have gigabytes of iso files or other archives / containers with dozens of thousands files inside, it can take quite long to complete the scan. Try running a scan with archives disabled to see if it improves the speed. -
Need help to enable Web-access/Anti-Phishing protection
Marcos replied to Ryan Clark's topic in ESET NOD32 Antivirus
Hi Tom, Do you mean the link How do I use ESET Log Collector? in my signature? I've tested it and it opened a correct KB with instructions for using ELC. -
Checking on A Possible False Positive
Marcos replied to ram1220's topic in Malware Finding and Cleaning
Not surprisingly detected as a PUA: ..\Local\Temp\DTInstallerResources\Fusion.dll;a variant of Win32/FusionCore.AC potentially unwanted application -
If you provide me with the network protection advanced log with an ARP cache poisoning attack detection captured, I should be able to confirm that it's caused by a different MAC address than the one from which the previous ARP response was sent. After generating the log and disabling advanced logging, gather logs with ELC and provide me with the generated zip file.
-
HTML/ScrInject.B trojan, but site seems clean?
Marcos replied to ThorSwe's topic in Malware Finding and Cleaning
-
HTML/ScrInject.B trojan, but site seems clean?
Marcos replied to ThorSwe's topic in Malware Finding and Cleaning
The website / page in question was compromised and loads malicious javascript from 2 other malicious websites. -
Licensed Units vs Used Licenses
Marcos replied to Cap-it's topic in ESET PROTECT On-prem (Remote Management)
Check ELA/EBA for information about units that use the EFSW license. If you are using ESMC, it's a good practice to not add your license directly to ESMC, instead add it to EBA (eba.eset.com) and then add the EBA account to ESMC. Some new products, such as ESET Dynamic Threat Defense, require that. -
HTML/ScrInject.B Trojaner ???? Don't think so:
Marcos replied to RicoB's topic in Malware Finding and Cleaning
The detection is correct. The website was compromised and loads JS/Adware.Revizer js from another website. -
False Alarms JS/Adware.Agent.AA
Marcos replied to Rockin_Eset's topic in Malware Finding and Cleaning
The detection is correct. The fact that other vendors do not detect it does not make the code benign. Please provide the url (obfuscate http) on which the detection was triggered. -
ESET Endpoint Security 7 BETA signup
Marcos replied to Peter Randziak's topic in ESET Beta Products for Business Users
Endpoint v7 has already been released. We currently have no beta version to test. -
Question about future of ESET products for Linux Servers?
Marcos replied to karlisi's topic in General Discussion
A new version of Linux server products will be unveiled next year. -
No, decryption of Filecoder.Crysis is not possible.
-
I didn't find anything unusual with regard to ESET. Ekrn spent 14,5s on the file C:\Users\ntona\AppData\Local\Packages\WhitewaterFoundryLtd.Co.16571368D6CFF_kd1vv0z0vy70w\LocalState\rootfs\lib\x86_64-linux-gnu\libc-2.27.so but other processes spent more than 700s on it. Does excluding the folder C:\Users\ntona\AppData\Local\Packages from scanning make a difference?
-
ERA Agent 6.5 to EMA 7 artifacts
Marcos replied to ChristophBerthoud's topic in ESET PROTECT On-prem (Remote Management)
Please refer to https://forum.eset.com/topic/16476-after-upgrade-agent-to-v7-old-agent-is-also-visible/ for a resolution. To prevent having multiple topics on a subject, we'll draw this one to a close.