-
Posts
18 -
Joined
-
Last visited
Everything posted by mattspchelp
-
Can I manually delete quarantine files?
mattspchelp replied to Persona1986's topic in ESET Endpoint Products
This is also an issue I reported months ago , as we have a server that quarantined all .zip files to prevent them being deleted or being delivered to customers, I was advised that the self defence module needs to be disabled and then the quarantine folder emptied , however I did ask if a pagination feature could be added or a limit of 30 records loaded at a time as we have had the same issue where the server becomes unresponsive, -
Maybe Eset should add there two factor authentication to there forum , a simple pin sent to the phone to confirm you are who you say you are?
-
if you have shadow copies enabled on the server you will be able to restore all the files without this corruption , I would however ensure your server is clear and run a full network scan via remote admin, aswell as enabling audit logging on file reads and writes this may then show you where these infections came from , potentially an employee using facebook or opening infected zip files from fake hrmc, tnt, dhl accounts. We have recently overcome this same infection for a new client, Regards Matt
-
Eset cannot detect this Virus
mattspchelp replied to mlyns_d's topic in Malware Finding and Cleaning
I would look into how the infection got on the system in the first place, also connecting 150 machines up to a single Remote Admin server will help you to scan and clean the machines in one go, -
Best Practices when Machines Remotely Access ERA Server?
mattspchelp replied to Al Puzzuoli's topic in ESET Endpoint Products
The easier option would be to open 2221 and 2222 for internal access at the server level and leave your external firewall as it is, but allow all laptops to connect via VPN, this adds security while allowing clients to update there status and doesn't open any ports on the external firewall. if these are business laptops used at remote locations its more than likely they will be using VPN's already. -
Good Place to start with any infec tion is bleeping computer however please follow this link hxxp://www.bleepingcomputer.com/virus-removal/remove-nationzoom.com-browser-hijacker
-
Win32/Kryptik.BORN - file encrypted
mattspchelp replied to Nataku4ca's topic in Malware Finding and Cleaning
Can I ask if you have checked shadow copies on the machine? as those files will still be unencrypted, Failing that this is why a backup is a good thing to have even on a single machine. Regards Matt -
Hi Ocean LC , We have also experienced this infection getting past Eset, I believe this was accomplished by hiding inside a zip file as an attachment on an email, but also would have been opened by a member of staff, luckily any of our customers with eset mail secuirty for exchange we have enabled rules to remove any files that are .exe .zip .rar ect... which has prevented the infection on a lot of customers, however standard antivirus protection from eset doesn't stop the infection at all, we are beginning to look into the lockdown bleeping computer have suggested as a preventative measure by using software security via group policy.
-
Good Afternoon Jim Cherry, I would advise using malwarebytes to remove the infection the software is freely available online however you may or may not be able to get to download the software from your infected machine due to thye redirects on google, I would advise downloading the software to a usb drive and then transferring the installer, once installed this should allow you to scan the machine and remove the infection , Regards Matt
-
If you need any renewal licenses I would be more than happy to sell them to you as reseller we would love the business, we sell the product at the same price as everyone else, no extras or hidden cost. PM me for any details Regards Matt
-
Sorry Janices, I work with the business versions and they are now called "endpoint antivirus/ endpoint security" the home software is still nod32 my apologies, Can I ask what software reported you had this infection as in your original post it stated eset wouldn't open, keep me updated, there are several different tools we can run to try and get rid of the infection,
-
Cannot reboot after eset sirefef removal tool
mattspchelp replied to a topic in Malware Finding and Cleaning
When starting your pc can you repeatedly press f8 until you receive a list of options starting with safe mode and select the option safe mode, using the up and down arrows, press enter and see if it boots if you get to windows at this stage post back. -
No Anti virus vendor is 100% effective however due to the definitions of virus and malware some antivirus companies are only preventing Virus's and not malware however eset has its built in "unsafe" application scanner.
-
When you say nod32 , the actual nod32 product was stopped several years ago and new products where brought out, I would suggest you find your eset username and password and download the latest product from esets website, also you can run a malwarebytes scan whilst eset online scanner runs.
-
Endpoint Antivirus Network Connectivity
mattspchelp replied to jibberihj's topic in ESET Endpoint Products
Is there any chance you can give us a list of any other software on the machine, weather you are updating via eset online or internal server? have you tried disabling and re enabling the network card, updating the network card driver? -
That site should be safe however the link below is a direct link from the software developer: hxxp://www.malwarebytes.org/mbam-download-exe.php Regards Matt