Jump to content

Mail with malicious attachement not handles by ESET Server Security


Recommended Posts

Hi there. 

A customer informed me about a suspicious mail with img file attachement.

The customer works on a remote desktop environment with Windows Server 2019 Standard and ESET Server Security 9.0.12.13.0 installed. He received the mail via Outlook. When I download the mail with attachement or just the attachement to file system and start a manual ESET scan, it is cleaned by ESET. I uploaded the mail to virustotal.com and it was also detected malicious by seven checks. 

 

I asked him to forward the mail to me. I have ESET Endpoint Antivirus installed and as soon as the mail arrived in my inbox it was detected and cleaned by ESET.

How is it possible, that there is a difference in detection??

Link to comment
Share on other sites

Update: I just called with another customer, who works on the same remote server as the one mentioned above. She received the same mail but ESET detected the malicious attachement and cleared the mail. 

 

Link to comment
Share on other sites

  • 2 weeks later...

How do I do that? Just export log entries from ESET Server Security on the remote system or export via ESET PROTECT?

Link to comment
Share on other sites

  • Administrators

The best would be to run ESET Log Collector on the server and provide the generated archive. It also collects the product configuration which is important when determining the reason for not detecting certain malware.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...