ichkriegediekriese
-
Posts
38 -
Joined
-
Last visited
Posts posted by ichkriegediekriese
-
-
Hi
I did install ESET File security without network components as we had issues the other day.
I used the following link/guide:https://help.eset.com/ees/8/en-US/installation_command_line.html
and the following command:
msiexec /qn /i efsw_nt64_full.msi ADDEXCLUDE=Network,Firewall,IdsAndBotnetProtection,WebAndEmail,ProtocolFiltering,WebAccessProtection,EmailClientProtection,Antispam,WebControl
How can I verify that the modules are indeed not installed?
thx
-
Hii
According to this article:
Eset EDTD is now available for on premise users and non Enterprise license volumes.
I have updated ESMC to ESET Protect server, updates my endpoints ans EDTD works fine on the endpoints (non servers) but I get a licensing error on my servers (EDTD is not licensed) - I noticed the workstations being already 8.1 and the serves still 8.0 - is that the reason?
Licenses type is: ESET endpoint + file security
thx
-
On 1/13/2021 at 10:11 PM, Marcos said:
Please carry on as follows:
- enable advanced oper. system logging under Tools -> Diagnostics in the adv. setup
- reproduce the issue
- disable logging
- collect logs with ESET Log Collector
- delete C:\ProgramData\ESET\ESET Security\Diagnostics\esetperf.etl
- disable protocol filtering in the adv. setup
- re-enable adv. OS logging
- repeat the test procedure; the issue shouldn't occur
- disable logging, re-enable protocol filtering
- upload logs collected with ESET Log Collector as well as the second esetperf.etl to a safe location and drop me a pm with download links.ok, Ill get back to you on this and try to collect the logs
-
Hi
I just spent a day looking after our 10GB performance of our server. Something seemed odd and iperf showed max. 1,8Gbps on average instead of the expected 4-5gbps.
After screwing around with NIC settings, scratching my head and then checking SRIOV without getting anywhere i removed ESF and tadaaa 4,5gbps via iperf.
I found this thread:
has there been any resolution for it, has anyone tried installing ESF without Network protection?
thx
-
45 minutes ago, Marcos said:
Could you please point me to the setting that doesn't work? I've also discussed it with a colleague who is well versed in Linux but he's not aware of having web filtering in Endpoint for Linux either:
Hi, I guess I am using an older V6 profile then?
EDIT:
Yes that's it! - I created that profile last year and just re-assigned it to the new Ubuntu VM.
The new V7+ profile doesn't have that setting...
-
25 minutes ago, Marcos said:
It doesn't work with http sites too or only with https sites?
Thy for gettig back to me so quickly. Doesn't work with both.
-
Hi
Thx everyone to keep the topic up. Iwas bus and just checked the status of ESET on my Ubuntu 20.04 LTS install.
The notifications from ESET show up correct, that is nice now. The GUI lacking is well, unusal ut for now this isn't too bad for me.
However the webfilter still is not functional for me - I can browser any site which is under the "denied" group in my ESMC policy and the exact same setting work just fine on any Windows installation.
What kind of logs are needed to resolve this?
-
4 hours ago, Marcos said:
According to https://help.eset.com/eeau/7/en-US/?system_requirements.html Ubuntu 20 is not supported yet. A new version of ESET Endpoint for Linux with support for Ubuntu 20 LTS is going to be available within a few weeks' time.
Ok, thx. With that in mind I can live with the current state.
-
Hi, since I seemingly cant edit my post here is an update:
After purging ESET and re-installing it somehow file detection works, it cleans the EICAR file.
However webcontrol still is not working and I can load all pages even though certain should be blocked.
-
Hi
I am running Eset Endpoint on the newest ESMC console and I am currently testing a Ubuntu install on LTS 20.04.
I have installed Eset Endpoint 7 o the system and it seems it is running fine, however it is not doing anything.
I can download and open the EICAR file and the webfilter does not block any pages - I have setup a simple rule to block a specific page and it is always loading. I have about 4 years experience with ESET via ESMC/ERA and this is really driving me nuts....Installation:
Ubuntu LTS 20.04 on HyperV running Azure Kernel
Console output which implies the install seems to be correct:
systemctl status eea.service ● eea.service - ESET Endpoint Antivirus Loaded: loaded (/lib/systemd/system/eea.service; enabled; vendor preset: e> Active: active (running) since Mon 2020-08-03 21:12:08 CEST; 34s ago Process: 8657 ExecStartPre=/opt/eset/eea/lib/install_scripts/check_start.sh> Process: 9350 ExecStartPost=/bin/sleep 2 (code=exited, status=0/SUCCESS) Process: 9374 ExecStartPost=/opt/eset/eea/lib/install_scripts/launch_gui_al> Main PID: 9349 (startd) Tasks: 35 (limit: 1001) Memory: 279.5M CGroup: /system.slice/eea.service ├─9349 /opt/eset/eea/sbin/startd ├─9352 /opt/eset/eea/lib/logd ├─9353 /opt/eset/eea/lib/sysinfod ├─9354 /opt/eset/eea/lib/updated ├─9355 /opt/eset/eea/lib/licensed ├─9356 /opt/eset/eea/lib/confd ├─9362 /opt/eset/eea/lib/oaeventd └─9373 /opt/eset/eea/lib/scandAny ideas?
-
12 hours ago, Marcos said:
It would be theoretically possible to speed up scanning by splitting files on separate physical disks and running several scans of each disk at once. Reading a lot of data from various locations on a disk would rather slow down scanning since the harddisk heads would have to move back and forth to read from various files at a time on the disk.
Try disabling scanning of archives and run complete scans less frequently.
Hi Marcos
Its all SSD and I am sure that the disks aren't the limiting factor here.
Can I change the standard interval via ESMC or do I need to go to the GUI?
-
Hi
Every once in a while ESET File Sec. does a scan of all the files on the file server. However this takes about 36 hours for the 100 million files and it is reading them at around 500 - 700 files/s.
The array is capable of reading about 10 to 20 times of that data on a pure 100% random read - so ESET could go a lot faster and the CPU load is not even 100% on a single thread.Is there any way to release the brakes of ESET a little bit to get that finished within a day?
-
Hi
I have Eset Endpoint Advanced license purchased2 years ago and valid until 2020 and when I activate Eset Dynamic Threat Defense it's says it is not licensed.
How can I upgrade my license so that threat defense works?
-
1 hour ago, Marcos said:
You need to run it with elevated administrator rights.
I am logged in as Administrator - should that not be elevated enough 😀 ?
1 hour ago, Marcos said:If ekrn is crashing, a dump should be generated automatically in the C:\ProgramData\ESET\ESET Security\Diagnostics folder
The folder:
C:\ProgramData\ESET\ESET File Security\Diagnosticsis completely empty.
1 hour ago, Marcos said:The best would be to configure it to generate complete application memory dumps in the advanced setup -> tools -> diagnostics if it doesn't crash immediately.
OK, I changed that but I still don't see any dump files in the diagnostic folders.
-
7 hours ago, Peter Randziak said:
Hello @ichkriegediekriese,
is the product i.e. ekrn.exe process crashing?
If yes, can you please take a crash dump via procdump -ma -e ekrn and provide me with it to check?
In uninstaller you may choose which products will be uninstalled, moreover I don't think that the uninstaller supports ESMC 🙂, in case you would like to be 120% sure, you may do a ESMC backup.
Regards, Peter
Hi, thx for your help.
However procdump reports "access denied" when I try the command
-
Hi!
We have 3 Windows 2012 server running ESET File server Security v. 7.0.12016.
On one server the Windows service "ESET service" keeps restarting in a loop and the ESET GUI does not load . In EMC the server is listed as "security product not running".
I tried removing ESET File Security on that server via Software->remove and reinstalling it with an AIO installer but both methods failed.
Any suggestions here how to fix this?
I am afraid that when I use the uninstaller tool in Windows safe mode it will also remoce the ESET EMC which is alos installaed on that very server.
thx for any help
-
On 11/26/2018 at 8:40 AM, satellite360 said:
Pleased to report that upgrading to Management Agent 7.0.577.0 resolved the problem. Thanks.
I also had issues with persistent old ERA entry and no new v7 product would install. Additionally uninstall of v6 ERA failed even manually.
But the new ERA .577 installed just fine after clearing the above posted reg-keys and after that Endpoint Sec. also installed without a hitch. Finally!
-
1 hour ago, Marcos said:
If you have many clients with a slow Internet connection, you can use an HTTP proxy to cache update files so that in an ideal scenario only one client downloads them and the others will download them from the proxy cache. However, since ESET uses very small update files for clients who update on a regular basis, I don't think that there would be a problem even if more clients were updating at a time.
Yea I use a proxy.
One possibility would be trigger 1 PC 1st and then the others like 10 minutes later.
Whats the std update cycle time for the signature updates?
-
16 minutes ago, Marcos said:
ESET products search for new module updates on an hourly basis by default.
Thx, but it doesnt pop up n this search:
hxxp://support.eset.com/search/?search=+module+update+hourly
-
Hi
Well the title pretty much says it whats the best way to update the virus signature every hour? My best idea was a task via cron - but does that overload my internet connection
if all clients update at the exact same time?
-
Although it's not officially supported, it often works. My 0.02$
Seems to work for me :-)
-
No, it is not possible to use wildcards in the path. We are tracking this as an improvement, however it won´t be done in Endpoint 6.5
Although it's not officially supported, it often works. My 0.02$
Ok, I have set the path and will test it.
-
Hi
Some of our PCs use Thunderbird for emails. Since Thunderbird isn't officially supported AV pops up with found viruses inside Thunderbird's folder and file structure - deleting those file would sometimes result in loss of emails.
So the way to go would be an exception for AV scan but since the users differ the path would also be different for each user.
So I came up with an exception path like this:
C:\Users\*\AppData\Roaming\Thunderbird\*.*
Would that work?
-
Please collect logs using ESET Log Collector as per the instructions at hxxp://support.eset.com/kb3466/, upload the output archive to a safe location (e.g. your ftp server, Dropbox, etc.) and pm me the download link.
Have you tried disabling ESET Personal firewall in the advanced setup and disabling protocol filtering to see if it makes a difference?
ok, thx
Will troubleshoot that over the next days
Installation without network modules - how to check?
in ESET Products for Windows Servers
Posted
So this means it is still installed - right?
Server is on a pretty good protectted LAN, so havin basic AV is enough as the ESET integration does degrade the latency