P0RPL4
-
Posts
11 -
Joined
-
Last visited
Posts posted by P0RPL4
-
-
18 hours ago, Marcos said:
I, for one, don't see any mismatch in the screen shot. The two machines in the report match the filter product="ESET Endpoint Security". Please clarify.
The ”report” show result for 377 clients but “computer” show 388 clients.
-
-
35 minutes ago, MartinK said:
Could you please verify it is not one of known issues in Windows 10, for example mentioned here: https://docs.microsoft.com/en-US/troubleshoot/windows-client/networking/mapped-network-drive-fail-reconnect
Otherwise it is hard to guess what could be wrong -> run command just executed provided command as an LOCAL_SYSTEM account, i.e. as an system user, which might cause issues, but I was not able to find any specific ones - but I would guess it has something to do with permissions, especially in domain environments, where LOCAL_SYSTEM is commonly not authorized for network access. If this is the case mapped disks might repair/remapp itself when first used by authorized user, which would mean it is not actually working until user reopens it, which might cause issues in case mapped disk is to be used by other background services.
thank you so much.
-
11 minutes ago, itman said:
I believe the red "X" symbol is just a visualization of what is stated in the shown text. That is the Network drive is in a disconnected state. A disconnected Network drive is not in an online status and therefore cannot be mapped.
but I can access the mapped drive
-
-
On 5/28/2021 at 4:39 PM, Marcos said:
Please enable the LiveGrid Feedback system, detection of potentially unsafe applications and SSL filtering, then run a full disk disk scan and provide fresh ESET Log Collector logs.
Is the threat detected after a reboot? Even if the server is temporarily disconnected from the network?
My ESET file security doesn't have SSL filtering.
-
17 hours ago, itman said:
An Eset Korplug detection would be indicative of PlugX based malware usually deployed by APT actors such as Winnti. Eset has reference here: https://www.welivesecurity.com/wp-content/uploads/2020/07/ESET_Threat_Report_Q22020.pdf
This malware will be a hard one to remove.
Thank you for your guidance.
-
23 hours ago, Marcos said:
Please enable the LiveGrid Feedback system, detection of potentially unsafe applications and SSL filtering, then run a full disk disk scan and provide fresh ESET Log Collector logs.
Is the threat detected after a reboot? Even if the server is temporarily disconnected from the network?
Thank you, I am doing, I'll tell you again.
-
No matter how many times I scan, the trojan always re-appears. every single day, it reappears. Is there a way to permanently remove it ?
-
We use the Linux Openmediavault.
Could you check the compatibility, we can install ESET on it or not.Thank you.
What information do EEI collected. ?
in ESET Inspect On-prem (Detection and Response)
Posted
What information do EEI collecte ?