Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by Marcos

  1. Since ekrn runs under system account and all other services run under LSA too independently of logged on users, I assume it would not be technically feasible.
  2. I'd start off by asking you about what active / unhandled threats you have. The thing is that in a managed environment the security product handles even pot. unsafe or unwanted applications as though in strict cleaning mode, ie. fully automatically.
  3. Please collect logs with ESET Log Collector and upload the generated archive here. Only ESET staff can access attachments. Do you compile a lot of new binaries on a regular basis on the machine?
  4. HIPS is actually disabled. Please check directly on the server if HIPS is enabled. If it was re-enabled by a policy, a server restart will be needed in order for HIPS to start: I would also suggest enabling protocol filtering unless the server is not connected to the Internet. Otherwise it would not be protected to the maximum extent against Internet-borne threats. If you would like to protect ESET from being misconfigured, disabled or uninstalled by unauthorized persons, I'd also recommend enabling password protection as well as enabling detection of potentially unsafe applications.
  5. Did you disable or modify any of the email protection or protocol filtering related settings ?
  6. Please run a scan with ESET Online Scanner and let us know if it has found and cleaned some malware.
  7. Please carry on as follows: - make sure that you have the latest version of ESET CyberSecurity installed - use ESET Log Collector as per https://support.eset.com/kb3404/ to gather logs while reproducing the issue - raise a support ticket with your local customer care and provide them with the archive generated by the log collector tool.
  8. Only ESET staff has access to attachments permitted. Alternatively you can upload the archive to a safe location and drop me a personal message with a download link.
  9. Please provide me with logs collected with ESET Log Collector from such machine.
  10. You can disable particular application statuses here: By the way, what is the reason for disabling HIPS? By doing so you'll also disable several other protection features, including Ransomware shield.
  11. Firewall settings are not per-user; you can export EIS configuration and import it later if you want.
  12. What product are you attempting to download? Via a browser or ESMC?
  13. I would suggest raising a support ticket and providing a Wireshark log from an attempt to create a mirror. In order to substantially reduce the amount of downloaded data, I'd recommend using an http proxy instead.
  14. Please provide logs collected with ESET Log Collector from the machine in question.
  15. You can run update manually or wait until the product updates automatically to the latest version 12.2.30. The previous version had certain issues and was not released to all users.
  16. Please try running the Uninstall tool in safe mode (https://support.eset.com/kb2289/), then install ESET from scratch.
  17. You'll need to generate and re-deploy agent on clients so that the current peer and CA certificates are used. Normally you should backup the db and certificates, create a snapshot of the VM and then upgrade it to ESMC via an ERA component upgrade task. Clients would then connect to the ESMC server seamlessly.
  18. After a computer restart the root certificate should be imported in the trusted root CA certificate store anyways so there should be no issues then.
  19. 1, Connect to the Internet. 2, Install and activate a 30-day trial version.
  20. I'd prefer running a drive scan first. While it is true that real-time protection should detect and blocked most malware, I can image some hiding in installers that might not be detected by real-time protection and would require the AMSI scanner which was first added in Windows 8.1.
  21. Please refer to https://forum.eset.com/topic/19453-disable-roaming-warnings/
  22. Since the case requires reproduction, I'd suggest raising a support ticket with your local customer care and providing them with step-by-step instructions, including information about the proxy server you use. As long as SSL filtering works (which may be a problem if HTTPS communication is intercepted and scanned on the proxy), ESET should display an html-formatted notification.
  23. ESET shouldn't. Let's try it out, you can activate a fully functional 30-day license after installation. However, I'd recommend installing ESET Internet Security which also contains the network attack protection module that protects your machine on network level from malware that exploits vulnerabilities in network protocols to proliferate further over network. If necessary, create a new topic since this one is intended only for posting suggestions for future versions.
  24. Please elaborate more on it. What website are you referring to? You check also check the certificate at https://www.ssllabs.com/ssltest/
  25. Please uninstall ESET v8 and download and install the latest v12.2.30.
  • Create New...