[ESET Protect can not load user groups from AD]

This is a tribble problem and we also did not find any solution yet !!! 

Dear @Marcos did you have any Idea that can help us ?

[ESET Protect can not load user groups from AD]

No Idea ?!

We involved to this problem from 2 years ago . Also we Send Support ticket but no answer was received !  Slovak Support : #00478833     RefID: ref:_00D0Y1lCTe._5001n1xxy8Z:ref

[ESET Protect can not load user groups from AD]

Hi dears.

We have this problem in many ESET Protect Consoles.

Console will not load user groups from AD . Users and AD structures will load and sync but just user groups will not load with this error :

Active directory browsing failed. Check input server parameters and AD availability.: Trace info: First attempt failed to get rootDSE: The server is not operational. Error code: 0x8007203a. Second attemp with anonymous bind failed to get rootDSE: The server is not operational. Error code: 0x8007203a

LogCollector and videos is attached.

 

Best regards.

 

[Overused license not blocked !]

25 minutes ago, emilota said:

Hello @RedDragon,

did you address your issue to your local ESET partner?

Yes But our distributor is not very OK and active. We send them but no Answer was received . is there any email address that we can report abused cases ?

[Offline Repository Problem in Protect 9.1.1295.0]

10 minutes ago, Marcos said:

I'm not sure if this is the same issue as that reported by the OP.  Do you mean that you have set up the repository url to http but ESET PROTECT attempts to connect via https? Please open a support ticket so that the case is properly tracked.

 

yes . we enable trace logging and find out eset try to download files from https://ip:3128 ?! So repository will not load and show empty.

This problem accured at new 9.1 console

[Offline Repository Problem in Protect 9.1.1295.0]

we have the same problem in offline repository. ESET Protect console want to load files from https !! 

https://ip:3128/....

[Overused license not blocked !]

Dear @Marcos , These kind of licenses are still works ! and our customers are laughing at us.

Is there any email address that we can report these abuses ?

[Overused license not blocked !]

9 hours ago, MichalJ said:

Hello. In case you are the owner of the license, what you can do is to add your license to ESET Business Account (if it was added already, just login) and force the deactivation of all the seats, that you feel should not be using the license. 

You can also contact ESET seller (partner who sold you the license) and request license credentials. Such over usage is not standard, and might indicate a leaked license. There are certain prevention mechanisms in place (depending on how long it is in such state). 

Thank you dear@MichalJ ,

I am a ESET Reseller in Middle East. one of our customers did not renew their genuine license and after investigation find that some fake company sell this license to them with very cheaper price.

First we ask you to block this license and then want to know why that certain prevention mechanisms does not work in such these cases ?! they were using this license about 1 month !  Customers said " Why we must to pay ESET while fake and licked license will work probably with very low price ! " 

 

ESET must correct block license mechanisms to protect it's partners and to respect genuine customers. We love ESET and do not want to be abused by fake resellers.

 

 

[Overused license not blocked !]

Any updates ?

[Overused license not blocked !]

Hello all. Look at what we find !  License usage 342/5 ? !!!

Why ESET did not have a plan to block overused license in such these scales !?

By this ESET Licensing policy, no one will buy ESET license from us , Do not be so kind ESET 🤪

Public ID is attached for ESET Moderators.

 

Public ID.zip

[JS/Agent.OZD found on my Wordpress installation]

1 hour ago, Marcos said:

The website was compromised. Searching for "/colors/blue/blue.php?id='+token();" will help you locate the malicious javascript.

Thank you dear @Marcos . ESET Support is fantastic !!

And would you help us why this website in infected ? can you see the infected part ? 

hxxp://airportseirosafar.com/

 

[JS/Agent.OZD found on my Wordpress installation]

We have the same problem in many Wordpress website .

Domain : https://zalidairy.ir

Detection : 

Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
2021/10/03 11:51:22 ب.ظ;HTTP filter;file;https://zalidairy.ir/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.7.0;JS/Agent.OZD trojan;connection terminated;Event occurred during an attempt to access the web by the application: C:\Program Files\Mozilla Firefox\firefox.exe (9D90FAA8197CACBBC70621FC6DD235043ECC3F43).;885A97E67D7D5911221C513DBB47352D3729A7C0;

 

It seems that is false positive . if not how can we find the malicious js ?