Jump to content

Lockbits

Members
  • Content Count

    55
  • Joined

Profile Information

  • Location
    Chile

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Hi Marcos, Unfortunately in this case there are not link involved in the alert.
  2. Hi Marcos, That text was inserted by ESET and not by image editor. That text was added using this policy: I realized that it's the problem, not an ESET's bug. Thanks.
  3. Hi Marcos, Yes it's not technically an FP. But I'm asking here if the alert I show is legit or malicious. I think it's legit. Do you know if Office creates .com files or it's a malicious symptom? Thank you.
  4. Hello guys, We've seen that sometimes EES show a message (for example when DB is updated) or an alert (when PUA is detected) and EES mix the alert/message with the message that the productr should show when a pendrive or USB is inserted. We've seen this in our internal computers and also in a customer systems. Please see this as an example: In the screenshot above you can see that EES is showing an alert regarding a PUA but it's also including a customized text that our customer added when a pendrive is inserted. Is this a known cosmetic bug that will be fixed? Thank you.
  5. Hello guys, In the customer where we're testing EEI we're seeing some alerts regarding Office documents saving executable files. We know that there're a lot of malware in Office format using macro to download an and then execute a malware. The strange thing in the alerts we're seeing is that always the file that is saved is in .com format and always in a temporal folder. We manually searched for the file but it doesn't exist. We think it could be that Office is saving a .com file that belongs to some temporal procedure and not a malware. I think modern Windows versions can't even execute .com files. What do you think?
  6. Hello guys, We've a customer that is asking us why can be the reason of a connection logged in their swtich in the port 57707 coming from a system that only have ESMC (EFS, Agent, EEI Agent, ESMC componentes, RD Sensor, etc.). Can be RD Sensor the reason? Active Detection is off. 2019-06-26 09:12:29 Local7.Info 192.168.1.6 57707: Jun 26 12:48:03.017: %SEC-6-IPACCESSLOGNP: list acceso-admin denied 0 192.168.1.50 -> 0.0.0.0, 1 packet
  7. Hello guys, We've a customer that is evaluating EEI. The solution and its console are working as expected however about a week ago the console is reporting that EEI lost connection with LiveGrid. The strange thing is that EFS installed in that server doesn't report the same thing. Also I can see reputation of files if I click over a recent suspicious alert. What ping or others test can we do in order to troubleshoot this issue? I sent the customer the KB were are the addresses you should allow in firewall. Thanks.
  8. I can confirm this too even with latest version and paths indicated by Marcos excluded. I’m also starting to experience a internet connection problems that are related with ESET. If I disable protocol filtering (not the firewall) the problem is resolved but if I enable it again internet connection problems happens again. if I restart OS the problem is fixed even with protocol scanning enabled again. It happened two times and I’m not sure how can I reproduce this behavior. @Marcoswhen this happens again, what are the procedure in order to get logs and report it back to ESET?
  9. Hi Marcos, I'm affected by this issue too with my MBP 2018. I'm using EES 6.7.654.0. I had excluded the paths you mentioned here and I'll let you know if this resolve the issue. This problem is very inconsistent, MBP and ESET can work without issues until one specific module update freeze the system until update process is completed. Most module updates don't cause this behavior. Thanks.
  10. Hello guys, This version 7.1 includes the revamped module for Outlook? I ask because I read somewhere that 7.1 will include a revamped Outlook module in order to avoid the problem of email when users have a large quantity of email in inbox and doesn't use subfolders. Thanks.
×
×
  • Create New...