mayowa
-
Posts
89 -
Joined
-
Last visited
Posts posted by mayowa
-
-
Hello All
The repository has being empty since yesterday,we are trying to create all in one installer for deployment to no avail,can anybody confirm if the repository server is down or why it not accessible at the moment
Regards
-
Hello All,
A customer was infiltrated with coin miners malware virus, ESET file security on the server was used to scan with threat-sense parameters of in-depth scan and strict cleaning,
We are still experiencing pop up's of the presence of coin miner on the server as detected by ESET every minutes
Does anyone have any ideal on how to deal with this situation ?
For you perusal kindly find attached document for the Log collected from the file security installed on the server
-
A client is trying to set up ESA to integrate with Sophos vpn but keeps getting connection error and we discovered that the port 1812 is not listening after running netstat, how can we resolve this
-
2 hours ago, khairulaizat92 said:
Barracuda is quite tough competitors base on my experience, i have been testing all products and it seems they outperform most of the products offered in the market. But that just based on my experience. But for Endpoint, yes eset is best in terms of performance.
In terms of future version, you might need somebody from dev staff to comment
Than you
-
Dear All
We have a client who is interested in using Eset Mail Security.... The client uses Barracuda Email Security Gateway for mail security and Kaspersky endpoint for their endpoint devices. The pain points for the client with respect to the endpoint solution is its impact to system performance.
They do not have any specific pain points for their current email solution, but they will prefer to move to Eset also if there's a comparable email security solution but the cloud email security solution does more compared to what eset does.
I would like know if the upcoming version of ESET...version 7 can compete the Barracuda Email Security Gateway.
-
On 4/17/2018 at 2:09 PM, mayowa said:
A customer complained that eset is causing process spiking on his server
we suggested the following fix below
- Upgrade to the latest version of the ESET File Security (Version 6.5.12014.1)
- Process exclusion (Via GUI > F5 > Antivirus > Processes Exclusions > edit > add > find the process 'Ax32Serv.exe' in the path mentioned above ( C:\Program Files\Microsoft Dynamics AX\60\Server\MicrosoftDynamicsAX_Axnos\Bin\Ax32Serv.exe)> hit OK 3x to save the changes.)
We proceeded to ask the following with his response in green
Can you also please describe the issue more precisely? CPU is maxed continuously with 96% usage tied to Eset service
When the issue started to occur? It started since the 5th of April 2018
Did it happen after our product/windows update? No
Does the issue occur at some specific time, or is it permanent issue? It looks like a permanent issue as the server performance improves if Eset is either uninstalled or disabled
Is the server some type of file server, which the users are accessing and reading data from / writing data to this server?: The server is a terminal Server
Also, kindly check, if the 'Log all blocked operations' is enabled in GUI > F5 > Antivirus > HIPS > advanced settings? If yes, can kindly disable this option, wait some time and confirm, the issue with high CPU load is still present, or is gone? It is already disabled so there is no need to disable the settings.Please Note the issue still presently persist and kindly find log of the spiking server
Kindly check this link for log
Hello Marcos
I will like to follow up on the log sent if it has being analysed by you and your kind advise on the way forward
Kind Regards
-
18 minutes ago, Marcos said:
Just to make sure, did you exclude "C:\Program Files\Microsoft Dynamics AX\60\Server\MicrosoftDynamicsAX_Axnos\Bin\Ax32Serv.exe" in the process exclusion list and not just "Ax32Serv.exe"? A full path the executable must be entered, otherwise it won't work and HIPS will report errors.
Please provide also logs collected with ELC on the server to make sure that EFSW is configured properly.
Just a quick one
can you give me guide on how to exclude it
-
Hello Marcos
Thanks for your swift response
Kindly let me know when you have analyse the log and a feedback for a possible resolution
Regards
-
A customer complained that eset is causing process spiking on his server
we suggested the following fix below
- Upgrade to the latest version of the ESET File Security (Version 6.5.12014.1)
- Process exclusion (Via GUI > F5 > Antivirus > Processes Exclusions > edit > add > find the process 'Ax32Serv.exe' in the path mentioned above ( C:\Program Files\Microsoft Dynamics AX\60\Server\MicrosoftDynamicsAX_Axnos\Bin\Ax32Serv.exe)> hit OK 3x to save the changes.)
We proceeded to ask the following with his response in green
Can you also please describe the issue more precisely? CPU is maxed continuously with 96% usage tied to Eset service
When the issue started to occur? It started since the 5th of April 2018
Did it happen after our product/windows update? No
Does the issue occur at some specific time, or is it permanent issue? It looks like a permanent issue as the server performance improves if Eset is either uninstalled or disabled
Is the server some type of file server, which the users are accessing and reading data from / writing data to this server?: The server is a terminal Server
Also, kindly check, if the 'Log all blocked operations' is enabled in GUI > F5 > Antivirus > HIPS > advanced settings? If yes, can kindly disable this option, wait some time and confirm, the issue with high CPU load is still present, or is gone? It is already disabled so there is no need to disable the settings.Please Note the issue still presently persist and kindly find log of the spiking server
Kindly check this link for log
-
NSIS/Injector.AAU keeps saying a threat NSIS/Injector.AAU was deleted in a file windows explorer tried to ascess. I am confused if the file has been deleted why does it keep coming up.
-
ESET anti-virus is requesting for license re-activation,though we have pushed severally the issue persist,its a 500 seats and we deployed in 4 branches all connecting via VPN but only one of the branch is having this problem after months of successful deployment (Note all endpoints were activated initially )
Any one who have experience this ?
-
please sign me up for beta 6.5
Coin Miner
in Malware Finding and Cleaning
Posted · Edited by mayowa
Thanks Marcos for your swift response
Kindly check the ftp support server for the log as requested with the name Egbin efsw_logs.zip
I await your feedback for a resolution
Thanks in anticipation
Best Regards