Jump to content

comunic

Members
  • Posts

    71
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by comunic

  1. Hi all,

    We manage about 850 devices on our ER6.

    We have a large panel of windows OS from XP to 10 and from 2003 to 2012 R2.

    Now we are facing a big issue, about 10% of the agents haven't joined the console since weeks, mounths... Ok some computers are quite never powered, some others are dead.

    But we realise that most of those 10% never joins the console because agent is totally out of service and we have to reinstall it manully !

    It seems that the push update of the agent (we start with 6.3 and update to 6.4) breaks many agents !

    I am very affraid about that !! have you got some similar experience ?!

  2. Well, thank you for repling !

    the only things different with the kb is that i disable network drive scan.

    I think this whould have not help me in this case because the crypto was executed on an rds session and encrypt everthing on the network (every shared folder) without being mapped as a network drive.

    @gonzalo : if i could prevent users clicking on a big message like "just click here to encrypt all my files" i would do it :)

  3. hi all

    i am very disapointed of the ransomware protection on my RDS servers with EFS 6.4 and maximum security ERA6 profile.

    it's been 6 times the same client have about 650gb on 3 VMS totally crypted, and eset doesn't do anything !

    On the attachement, you can see that eset detect the responsible DLL but it simply unable to stop it (reboot is required to clean the threat...), which is impossible to manage on a RDS server !

    What can we do to improve the efficiency against this ?!

    thank's for your replies.

    post-6462-0-67994600-1475520855_thumb.png

  4. Hi,

    i mentionned EFSW because it is an RDS 2008 R2 server ! So the malware ran directly on the server.

    All the settings and fonctions are enabled and based on the maximum protection policy of ERA 6.4 !

     

    I know that a user opened a word document received in outlook, lauching the crypto locker. i will PM you the log collector.

    thank's

  5. Of course i always let HIPS with all its feature enabled, but i never seen antyhing on the hips log, and yesterday one of my client with EFS 6.3 open a zepto locker, encrypting about 50 000 files before eset block it.

    Sorry, but for me it is useless ! My goal is to improve the product, to but the more efficient it can.

  6. Hi,

    i serioulsy considering deploy hips because it seems to be the "ultimate" solution against crypto.

    Following my experience, automatic mode is useless, it never stopped anything.

    The mode "smart" seems interresting, but is it more efficient ?

    Finally, the learning mode, is it really safe to deploy it ?

     

    i would be very interested to have some feedbacks !

  7. hi,

    i wanted to know if it's possible to customize the new licence manager.

    because now we can't see on a single screen which licence is overused, to renew... it is SO unconvinient to clic on every licence to see the status...

    it was SO easy on 6.3 i don't understand why this screen have been changed !

  8. we are currently deploying ESET v6.4 for about 1000 clients.

    the less i can say, it is a very very consumming time process, for "just" the antivirus.

    most of the time, this works well, but sometime the uninstallation of Enpoint V5 and FS V4.5 is a real nightmare..

    I really enjoy the web console, but in my opinion, the whole product is between a beta and a rtm version.

    too much bug, to much unachieved are non present fonctions.

    Saying that, we have very good results against cryptolockers with v6, unlike with v5, totally ineffective and nightmare for many clients....

  9. Nope, you can't click on finished, the message is systematically displayed and i have to discard the changes to exit the screen.

    to reproduce: 

    - create a cron trigerered Product Activation task and add some static groups.

    - edit the trigger to add a static group

    - error message and impossible to apply

     

    here is the details of version :

     

    ESET Remote Administrator (Server), Version 6.4.295.0
    ESET Remote Administrator (Web Console), Version 6.4.266.0
    Copyright © 1992-2016 ESET, spol. s r.o. All Rights Reserved.

    END-USER LICENSE AGREEMENT

    Microsoft Windows Server 2012 R2 Standard (64 bits), Version 6.3.9600 

    License used for module updates of this ERA:
    Public ID: 33D-2N7-JMF
    Expires: 2037 Dec 31 13:00:00


    Connected Clients: 646
    Active Licenses: 15 

    LICENSE MANAGEMENT

    Installed Components:
     
    NAME
     
    VERSION
     
    Update module 1064 (20160324) Translation support module 1500 (20160623) Configuration module 1277.13 (20160616) SysInspector module 1259 (20160406)
×
×
  • Create New...