Jump to content

ashley

Members
  • Posts

    8
  • Joined

  • Last visited

About ashley

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Great Britain
  1. Just wondering when uPCU updates are coming? I know there has been talk of this happening soon for ages. A firm date would be nice to have. Also will this include the management agent too?
  2. ESET seem to be dragging their heels on the issue, the HIPS module keeps getting superseded and never actually released to ga, why is it taking so long? A timeframe for business users would be nice please
  3. I am not a home user, when it is going to be relased for ESET Endpoint?
  4. H Guys, I can also confirm that I have seen it happen at start up too but not as often. Just an update for you. ESET requested a memory dump which I have provided. They say that while they have had a few reports they havn't got the required level of information to try to resolve this as they havn't been able to reproduce this. I though this was a bit strange as it was easily reprocducable on a vanilla install of Windows 10 within a virtual machine. Anyway the developers have acknowledged reciept and I have been told they have raised this as a prioity. I urge anyone else that has this issue to report it to the ESET help desk and ask to link it to my ticket - 182652. The more reports they have about this the better...
  5. Hello kingoftheworld. I have a ticket logged #182652. Actually they got back to me today and the developers have asked what the HIPS support module version is on affected PC's which I duly gave them (version 1244) so I'm now waiting on them. I have previously given them process monitor traces of when the problem actually occurs and asked them to replicate the issue. May I ask where you are with your case and your case number? so I get them to group it under the same issue. Thanks. If anyone else has any case numbers feel free to post these too. Ashley.
  6. Hello All, I'm wondering if anyone has come across an issue with ESET Endpoint AV. Basically ever since migrating everyone over to Windows 10 Pro version 1511 from Windows 7 we found that upon occasion when a user logged out they received a black screen with a cursor. If you wait a number of minutes the login screen would return. This is a VERY intermittent issue but always seems to occur at the most inconvenient times of switching user. Obviously this is unusual and unwanted behavior. PCs have latest available Windows Updates from August. I uninstalled and updated to the latest available ESET Endpoint 6.4.2014.0. Still problem persisted. I started to question my image or 3rd party software contained within I even updated the display drivers to the latest available with no luck. So to rule that out I created a Virtual Machine (using VMware) from a fresh ISO install of Windows 10 Pro version 1511. Windows Update performed. No other 3rd party software installed apart from VMware Tools and latest version of ESET Endpoint installed and rebooted. Funnily enough the problem still persisted. After reading a post on the forums about a user having issues with HIPS I turned my attention to this. With self-defense disabled I could not replicate the issue. So turned it back on enabled logging of HIPS and checked the logs. I noticed that some aspect of winlogon was being blocked which raised my suspicion... And thus I created a rule for the following Rule Settings: Rule Name - Allow Winlogon Action - Allow Operations affecting: Applications - Ticked Enabled - Ticked Source Applications: C:\Windows\System32\csrss.exe C:\Windows\System32\svchost.exe Application Operations: Terminated/suspends another application - Ticked Modify state of another application - Ticked Specific Applications: C:\Windows\System32\winlogon.exe Since adding this rule I no longer have this issue anymore. Has anyone else experienced an issue like this? Is this a known bug in ESET Endpoint AV? I suspect that due to the intermittent nature of the problem and the fact that most people don't log out too frequently it is understandable it hasn't been picked up yet. I'm concerned that adding this rule may lower security in some way. Thanks.
×
×
  • Create New...