Ransomware Event - ESET Log evaluation

[KevinL 0]

Hi All,

FIrst post in these forums - hope this is in the appropriate location.

I very recently inherited a customer that had just some out of the wrong end of a Ransomware infection and am keen to determine how this happened. I am not (or was not) an Eset regular so am not in to the rhythm of things in the forum, but some reading seemed to indicate that a set of logs extracted with the ESET tool can be evaluated by some kind folk to reveal all. Have I got this right and if so how do I go about doing the deed? I have extracted the logs.

[Marcos 5,070]

On a machine with ESET installed and activated with a paid version, run ESET Log Collector and gather logs. Next compress a handful of encrypted files (ideally Office documents) along with the ransomware notes, upload all stuff to a safe location (either ESET's ftp or OneDrive, DropBox, etc.) and email samples[at]eset.com with a download link included.