Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. If the scanner worked properly then it should indeed take a slightly longer time, but I do not think that a scan that takes 2-3 times longer as "... slightly longer ..." Should have been sorted before 13.2.15 entered the public release phase.
  3. Could you please double check that there is no encrypted disk and reboot was performed after decryption was done?
  4. Decryption process on the workstation is finished, the workstation report as Inactive in ECA. Uninstalled ESET Full Disk Encryption in control panel. But the EFDE services are still running in client workstation. Is there anyway to fully remove it? Thanks
  5. On my system I scanned WMI and the registry, 16216 objects in total, which took 3 minutes: Number of scanned objects: 16216 Time of completion: 12:44:08 PM Total scanning time: 191 sec (00:03:11) WMI and registry scans are a part of the initial scan and in-depth scan which may now take several minutes longer because of this. They are also scanned when you click "Scan your computer" (don't confuse it with the Smart scan profile). Since more objects are scanned, slightly longer scan times are expected.
  6. Hello @mgn, it might be related to the issues reported at https://forum.eset.com/topic/24746-av-is-blocking-loading-webpages/ So if you would like to troubleshoot the issue with us, proceed in a following way: 0. Enable Startup scan 1. Disable Protected service and Self-defense under HIPS settings 2. Reboot your system 3. Download and apply https://forum.eset.com/applications/core/interface/file/attachment.php?id=18636 4. Reboot the system again 5. Download Procdump https://docs.microsoft.com/en-us/sysinternals/downloads/procdump 6. run it from an elevated command line with following parameters: procdump -ma -e 1 -n 10 ekrn.exe 7. If the issue occurs again, the dumps will be generated collect them, pack with output from ESET log collector, upload to a safe location and send me and @Marcos download details via a private message to check. Peter
  7. Today
  8. itman is correct. Since the update to 13.2.15 my "Initial Scan" and the "Scan your Computer" are taking over twice as long to complete. Also the "Objects Scanned", which should increment as files are scanned, remains on 0 (zero). Extremely disappointed that ESET allowed something as major as this to enter the public release version.
  9. I would recommend collecting logs as per https://support.eset.com/en/kb6159-run-the-info-getcommand-on-a-linux-virtual-machine-and-send-the-logs-to-eset-technical-support and opening a ticket with your local ESET support.
  10. Run a full system deep scan and see if ESET will detect more things or some leftovers by the EXE you have ran. Sometimes having some suspicious files you can just upload it to some places like those : https://virustotal.com/ https://hybrid-analysis.com/ https://app.any.run/
  11. I had this on two different PC's for nearly a year I waited to see if the May update fixed things that's when I gave up. If that helps Below is on Defender
  12. Oh, the agent's log. Was looking at the server one. But re: server's trace.log, I've taken a look at the permissions and am not sure what the default. I took a look at the permissions of other files and they're the same. I'm thinking of deleting that file and hope it'll get regenerated. Thanks!
  13. On Windows you can use Procmon to find out if and in which file ESMC server is logging to.
  14. I'd like to clarify Marcos' post. You can find the app verifier installer here 32bit: https://drive.google.com/file/d/1c4wQGJteGQb5EurEmhYaYLcmAqUbAIY-/view?usp=sharing 64bit: https://drive.google.com/file/d/1Sh_Yyp7Ie69dbGqBaitN_Nv5iAzuRdwb/view?usp=sharing Before you are able to use it, you'll have to disable self-defense and reboot. The changes you make will be applied after you click Save in the verifier and restart ekrn by rebooting Windows. You can skip the manual registry import he's describing by extracting and importing the file attached to this post. Dumps will then be created in c:\dumps. Edit: There's one more option that needs to be changed in the app verifier. After you've added ekrn.exe you'll need to expand Basics, right-click Heaps, Properties, and enable UseLFHGuardPages (see attached screenshots). local_dumps_registry.zip
  15. Hello, I wouldn't currently recommend using "Update ESET products" (which is just software installation task) for deployments where EESA is installed over Google play store. Currently this breaks auto-update which should happen over Google play store based on device settings (so You will be stuck with manually updating all phones each time EESA version is released) In Your case it would be better to contact phone user and check why EESA isn't auto-upgraded. As for why task failed, we would likely need to see EESA and MDM logs, so please contact Your local customer care. HTH, M.
  16. Thanks for confirmation. Do you think it would be possible to arrange a remote session as soon as possible? Or if you can do it yourself, we'd need you to ask to install AppVerifier, in safe mode run appverif.exe, press CTRL + A (find the ekrn.exe file in c:\ProgramFiles\ESET ...) and leave the Basic checks defaults. Next configure Windows to generate complete user dumps as per https://docs.microsoft.com/en-us/windows/win32/wer/collecting-user-mode-dumps. In particular: Create the registry path: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps\ekrn.exe Under this path create the value DumpFolder of type REG_EXPAND_SZ Set this value to the path on the disk where the dumps will be created. For example C:\dump Create the value DumpType of type REG_DWORD and set this value to 2. Reboot Windows to normal mode Reproduce the issue and wait until a dump is generated at the path you have specified before.
  17. Upgrade procedure is performed by ESMC Agent, so both failures and upgrade process should be trace in AGENT's trace.log. Regardless of that, during upgrade, ESMC Server should be stopped, and that should be recorded in ESMC's trace.log. It is very suspicious there are no entries from this year -> could you possibly verify that permissions do enable ESMC service to write to log and that file is not locked by different process, possibly preventing ESMC from writing to it?
  18. Hi everyone, im using eset file server in centos 6.7. When i open eset realtime protection server is load 100% cpu. And i cannot scan beacause everytime i scan system is crash. How can i fix this issues. Thanks a lot
  19. Yes, the reason was that I haven't enabled "Anti-Phishing" it works now. Thanks @Marcos it worked.
  20. @rbkaiser Microsoft moved Startup settings under See more recovery options.
  21. Make sure that you are using a supported browser. Try it with Chrome and Firefox. On my mobile phone the website you sent me through a PM was blocked by ESET Mobile Security. Make sure that this test page is blocked: https://www.amtso.org/check-desktop-phishing-page/
  22. Mobile Security needs some kind of permissions for Anti-Phishing to work properly , have you enabled that?
  23. Hi, why ESET Internet Security blocks a URL, and Mobile Security doesn't? Thank you.
  24. @itman what do you mean by " WMI scan" Is there a setting in ESET Internet Security for that?
  25. I was logged in to ESMC this morning and when to went and worked on something else, I noticed the system had booted me off from the ESMC and had returned to the log in screen. I tried to login but got "Login failed: Connection has failed with state 'Not connected'. I went to the server log and looked through what was wrong only to discover that the last entry in the c:\Programdata\ESET\RemoteAdministrator\Server\EraServerApplicationData\Logs\trace.log was dated last year. In the same directory, there's a ConsoleApi that's dated today [13 July 2020]. I checked the disk space and I have ample, so I'm confused as to how the product was updated to the latest version without logging to the trace.log file. Question: What situation would lead to the server not update the trace.log? That said, the upgrade task failed as it couldn't get the webconsole file from the repository. Went to the repo and realized that the file was indeed missing. [probably stemmed from my issue with mirrortool.]. So at the end, I manually updated the webconsole, and things seem to be running ok. Edmund
  26. After running ESMC on a server for a bit, I migrated it off to using MySQL instead of the built in SQL Server (Express?). Does the RSMC still use the SQL server?
  1. Load more activity
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...