Juan

Hi team, please your answer to the following question, we know that we can do the implementation of Agent and antivirus through a GPO. Using the GPO, a policy can be established in which every time a new device enters my network, it is carried out Automatically install Agent and antivirus ?. Do you known how to do this procedure.

Hi team, please your answer to this question A customer requires to install the Mail Security product on Microsoft Exchange Server. The detail is that it is a Microsoft Core server 2016 without a Gui interface. The customer was asked how Microsoft Exchange Server was installed and what they indicate is that the Microsoft Exchange Server graphic mode was activated and they are working in this way. Ask what would be the procedure to install ESET Mail Security on this platform?. Your comment are wellcome.

That´s correct, but before installing the ESMC 7.1 version, the ESMC 7.0 version was working without problems. and seeing the Eraserverlog, it is not seen that there is blocking by the firewall.

Hi team I made the new installation and it shows no problems, but when try opening the console in the browser it does not load. I initially thought it was the Apache Tomcap 9.x, but it is running. I thought maybe it could be that the server would have several network adapters, but it only has one. The browser does not load. The only problem seen in the Eraserver log 2020-01-08 16:37:08 Error: NetworkModule [Thread 21cc]: Receive: NodSslWriteEncryptedData: Internal error in the underlying implementations., ResolvedIpAddress:192.1.2.70, ResolvedHostname:192.1.2.70, ResolvedPort:49266 2020-01-08 16:37:08 Error: NetworkModule [Thread 21cc]: Protocol failure for session id 3333, error:Receive: NodSslWriteEncryptedData: Internal error in the underlying implementations. Team in this link you can see and download the log. (ESET log collector, process monitor, Eraservelog): https://we.tl/t-kYcQKXWV6k Eraserverlog.zip

Hi team, we have a with an OVA virtual applice the presented problems of electric fluid so the virtual machine turned off abruptly, when trying to log in to the web console, but I got a password error message, allowed me to change the password from root, th password was changed successful, but does not allow access, continued trying with the previous password, but has not been successful. We use the following kb https://support.eset.com/es/cambiar-la-contrasena-de-la-consola-web-de-eset-security-management-center-esmc-web-console-7x I make the tests doing the same scenario on another server and this one worked. Do you have any idea, about that. Your comment are wellcome

Hi team, I am having problems updating from ESMC 7.0 to ESMC 7.1 We expose the following problem, we send the update task to the latest version of the ESMC "7.1", but still keep the version 7.0, although it indicates the task was executed successfully. - Additionally it is noted that there is no record of peer certificates - The operating system is Windows server 2012 r2 Your comment are wellcome. .

Hi Team, could you plesase help me with this topic. My firewall provider "fortinet" says that I have a virus in my network, when I perform a deep scan on one of the computers, no virus is registered. At the moment I have the ESMC console installed and the ESET Endpoint Security version 7.1 on the computers. and the possible viruses registered in the fortinet are: - tcp.split.handskshaked.pakets - php.malicious.shell - smb.login.brute.force These elements announced. Questions: Are updates or patches of windows, some application or are false postives. Thanks for your help

Hello team, a client indicates that he wants to add his own certificate in the ESMC console "test.test.com.cer", so this certificate must be automatically uploaded to the users when they want to enter with the new certificate and in a secure way. doing the tests from the chrome can be entered and it works but the idea is not to do it computer by computer, but the console can do it. will be any way to do that or a kb that indicates how to do this. Thanks for your help.

Hello team, all the filters were removed, even install a new console and it updates the repositories without problem. Could you tell me which other configuration to check. The files are attached "the log and screenshots" Thanks. Log.rar

Hi team, thanks for the help, we managed to get a backup and installed everything new.

Hi team, Do you have any answer? Thanks.

Hi Michalj I switched repository to "AUTOSELECT", there were no improvements, the problem continues. Server Microsoft Windows Server 2012 R2 Standard (64 bit) ESET Security Management Center version (Server) 7.0 (7.0.577.0) ESET Security Management Center version (Console) 7.0 (7.0.429.0) the images were attached.

hello team I am working with the ESET Security Management Center console, but it presents a problem, when I try to update the new agent version the repositories do not appear. I did the task of adding or changing so that it updates through the repository: hxxp://repositorynocdn.eset.com/v1 Perform all the procedure indicated to verify if there is no blockage in the fire hxxp://repository.eset.com/v1/info.meta Follow the steps indicated in the kb: https://support.eset.com/kb5667/?locale=en_US&viewlocale=en_US, but I still do not have good results, please your help.

Phoenix Ransomware Description When the Phoenix Ransomware was first mentioned amongst security researchers, the Trojan was still in development. Researchers found the threat while digging in reports submitted to the Google's VirusTotal platform and going on the Dark Web. Samples recovered from reports provided threat investigators with the executable to analyze, and they reveal interesting facts. The Phoenix Ransomware appears to be in development at the time of writing this. However, the Phoenix Ransomware is compact in size and can be deployed with spam emails as a file with a double extension, which may pass as a simple invoice easily. https://www.enigmasoftware.com/phoenixransomware-removal/ https://www.pcrisk.com/removal-guides/10829-phoenix-ransomware File infected.rar

Hi team one of my server was infected with ramsomware wallyredd@aol.com extension phoenix. Do you know the best tool or the way to delete and decrypt the files. The version is ESET remote administration version 6.5 Thanks.