Bogdan Florin

Old machine is gone but rest of advises are welcomed and will be followed. We delete 25 years of email and contacts. That's tough. As much I search Internet I NEVER found a solution who FIX a Recovered from Delete VM file. No one imagine this solution would be needed sometime somehow ?

it is highly probable than NOD32 would behave the same under this circumstances. I research all internet about Banload.AYD in MBR and there is absolute NO Documentation at all. but now my bigest problem is to make VM to work again, and than will have to solve the Trojan issue.

After I was able to recover deleted .vhdx file by Win Security Antivirus ... I get stuck in adding this file back to Virtual Machine in order to start. All my problem begin because of the Banload.AYD who arrive somehow in VM EFI and MS Antivirus inside VM was unable to see it, only MS Antivirus from HOst was seing it and delete the VM VHDX file. Any help how to make this VM work after I recover deleted VHDX file ? it is massive stress on me since all Google Leads arrive in dead end. No Checkpoint, no backup, not very big experience with VM

Thank you for answering so fast. I do not have ESET installed neither on Hyper-V HOST and neither on VM. Please advice. Right now I'm recovering the VM.

I use Data Deletion Recover Tool to recover .vhdx file of eMail VM machine .. but if I manage to mount back online .. I will still have the same TorjanDownloader - Banload.AYD issue who install himself to MBR.

I have a Hyper-V Host machine with Windows 2019 called "mnhost02"On this machine I have a Virtual Machine called "eMail" who is also Windows 2019 + Exchange 2019the Windows Security Antivirus from Host mnhost02 detect the Trojan Downloader Banload.AYD on VM eMail and was unable to Quarantine or Remove since VM eMail was running. I stop it. Than the Win Security Antivirus from Host mnhost02 simply delete the virtual HDD of VM eMail machine creating BIIIIG problem.Previous scanning VM eMail from inside with Win Security Antivirus does not show any infection !!!It seems to be a Boot infection and Win Security within the infected machine eMail it is not seeing it.Any suggestion how to remove a MBR Virus on a Virtual Machine ???Your suggestion will be greatly appreciated.

if your software have option to scan mailbox .. than that one should work too.

There is no SP2 for Windows Server R2 as I have installed. Never mind. I would like to really benefit by ESET Gateway for TMG, I discover it only 1 month ago and you are discontinued in few days Not even a test licence I was not able to obtain. So sad.

Do you have any product capable to perform AntiVirus to TMG ? Why Discontinued Antivirus for Gateway ?

This is very VERY unfair! Installing same kit file on 2 different servers, .. result in totally missing /Network Protection /Web & Email modules on Windows 2008 while it is present on Windows 2022. I'm very curious to know WHY ? a shocked Bogdan

Other example or idea: you can transform this product into something protecting IIS or SQL not only simple firewall but also inspecting commands received by the server and by this way to be able to stop an attack BEFORE arrive the request to the IIS. It is an example. Joust firewall is not enough, it also required Packet Inspection BEFORE arriving to IIS. The GUY is nice, to pity to discontinue.

/Setup /Ignore Server certificate .... it allow the AV to scan the mailboxes. It is true that we use Let'S Encrypt certificate who is not Official World Wide, kind of "cheap" certificate. I will check later if scan also the files.

Surprise, surprise. Mail Security does not know to scan also the FILE SYSTEM. Others servers have 200-300k files and Exchange is much bigger in numbers but .. from unknown reason does not scan any of them. Hmmm

Scanning Mailbox database ... return this error. I was added an Exch admin user previously. Regards, Bogdan

I know everything you say. You can consider that there is ppl willing to use also software WITHOUT support for the "right" money.