-
Posts
37,874 -
Joined
-
Last visited
-
Days Won
1,502
Everything posted by Marcos
-
uCoz free Websites = HTML/ScrInject.B trojan
Marcos replied to Umbral's topic in Malware Finding and Cleaning
The website was compromised. The owner or admin should remove the reference to an external js at mXXXXu.com (some letters were intentionally replaced) and take measures to prevent further re-infection. -
The notification doesn't read "error". It's a known bug in v11.2.49 that update notifications are sent out. It will be fixed in the next v11.2 hotfix.
-
Theoretically yes since it has nothing with the update cache. Do you have v11.2.49 installed? In case the error occurs frequently, a Procmon log would shed more light.
-
Eset File Security update wont work
Marcos replied to DougBrooks's topic in ESET Products for Windows Servers
Did you right-click the msi installer and select Run as administrator? -
11.2.49.0: Email Notification works not as expected
Marcos replied to querfeldein's topic in ESET NOD32 Antivirus
It was already confirmed as a bug and fixed. The fix will be included in the next hotfix. I will check if it's possible to provide you with a fixed binary in the mean time. -
It's not necessary to install it since the only change is that a computer restart is not required any more in order for HIPS/AS to work.
-
The only change is that it creates a special registry value during installation to ensure compatibility with Windows updates. Otherwise HIPS/AS would not start after installation and would require update and a computer restart for it to start working. An announcement should be posted soon.
-
Windows 7 | Registration to "Security Center"
Marcos replied to howardagoldberg's topic in ESET NOD32 Antivirus
Windows Security Center was first introduced with Windows XP SP3 if I remember correctly. Module updates should not cause re-registration to WSC. If you are not continually getting an error related to WSC, I would ignore it. -
My computer is corrupted! Please help!
Marcos replied to NOD32_user's topic in Malware Finding and Cleaning
It should be ransomware instructions which are detected. The last variant of Magniber was seen about 10 days ago. If you've got infected recently, it should be due to having outdated modules or disabled protection (e.g. if an attacker logged in via RDP and disabled the av). However, without further logs it's impossible to tell how the infection occurred. -
My computer is corrupted! Please help!
Marcos replied to NOD32_user's topic in Malware Finding and Cleaning
The files were encrypted by Filecoder.Magniber. Most likely decryption won't be possible. Please email the following stuff to samples[at]eset.com: 1, Payment instructions 2, Logs collected with ESET Log Collector (a zip archive) 3, A couple of examples of encrypted files (ideally documents) -
Free to Upgrade from 5.x to 6.x?
Marcos replied to Chupacabra's topic in ESET PROTECT On-prem (Remote Management)
Upgrade to a newer version of the same ESET product has always been free. Since we are approaching the release date of ESMC (ERA v7), I'd strongly recommend that you wait a few days until ESMC is released and then test upgrade on a small number of computers. There is a comprehensive guide how to perform upgrade (https://help.eset.com/era_install/65/en-US/export.html?migration_tool.html, https://support.eset.com/kb3607/) and we too are here to assist you should you need help. In such case, also let us know how many computers you have in your network, if you want to perform migration or install ERA v6 from scratch and if you want to use a Linux-based virtual appliance or you'll install it on a Windows Server. -
The file should be reported to the AV maker as a possible false positive. Judging from the name, it could be ClamAV which detected it.
-
We have tested build 17728 currently available on fast ring and confirm that it resolves the issue with HIPS/AS/firewall.
-
ESET Modules Are Non-Functional After Windows Update
Marcos replied to ddurand's topic in ESET Endpoint Products
If the archive generated by ELC is too big to be attached to a personal message, upload it to a safe location (e.g. Dropbox, OneDrive, etc.) and provide me with a download link. -
If those files were modified from another machine in the network that is not running ESET with Ransomware shield, the ransomware could not be detected. The Ransomware shield monitors running processes and not just files on disks.