Jump to content

Peter Randziak

ESET Moderators
  • Content Count

    2,003
  • Joined

  • Last visited

  • Days Won

    75

Everything posted by Peter Randziak

  1. Hello @itman, the .exe itself is not malicious, it loads the .dll, which is being detected... Peter
  2. Hello guys, first I would like to thank all of you, who provided us with dumps and logs needed to analyze this issue and also to those, who helped us to verify the fix. The fix will be distributed via standard module updates, in few moments we will start with pre-release users, followed by batch for general public users and full release should happen tomorrow. All times are CEST and in case of any issues reported with the module, we may delay / cancel the release. We apologize for the inconvenience caused by this issue. Peter
  3. @deepblue2000 so can you please provide us with the logs as requested: Enable the logging, reproduce the issue, disable the logging and share with us the output so we can check it. Peter
  4. @funzee I downloaded them and sadly, you provided us process dumps, which does not hold the data needed to analyze the issue 😞 please proceed as Marcos suggested: So enable the logging, reproduce the issue, disable the logging and share with us the output so we can check it. Peter
  5. Hello, hmm it works fine for me, but you can download the attachment from this post: https://forum.eset.com/topic/24746-av-is-blocking-loading-webpages/?do=findComment&comment=117324 Peter
  6. Hello @mgn, it might be related to the issues reported at https://forum.eset.com/topic/24746-av-is-blocking-loading-webpages/ So if you would like to troubleshoot the issue with us, proceed in a following way: 0. Enable Startup scan 1. Disable Protected service and Self-defense under HIPS settings 2. Reboot your system 3. Download and apply https://forum.eset.com/applications/core/interface/file/attachment.php?id=18636 4. Reboot the system again 5. Download Procdump https://docs.microsoft.com/en-us/sysinternals/downloads/procdump 6. run it from an elevated command line with following parameters: procdump -ma -e 1 -n 10 ekrn.exe 7. If the issue occurs again, the dumps will be generated collect them, pack with output from ESET log collector, upload to a safe location and send me and @Marcos download details via a private message to check. Peter
  7. Hello guys, to what Marcos already requested please add recording of WFP events, to get it Run in admin CMD: netsh wfp capture start Reproduce the issue netsh wfp capture stop Collect C:\Windows\system32\wfpdiag.cab Thank you, Peter
  8. Hello guys, we are in contact with the dev team regarding this issue. To investigate it we need: 1. Output from ESET log collector 2. Process monitor log with advanced output enabled recording lasting at least tens of seconds 3. Procdump from ekrn in such state 4. Info if ESET updates are working or not If possible please pack the logs, upload them to a safe location and send send me, @TomasP and @Marcos the download details to we can check them. Peter
  9. Hello @Ger, in such case it is a one license ( just with multiple seats to be protected), which can have one one expiration date, so the license will expire in one year since buying / activation in case of boxed licenses. Peter
  10. Hello guys, in the Scheduler you can set update interval to 10 minutes, but the Updater checks the last attempt and in case the last update attempt was executed less than 10 minutes, it won't run again so practically 11 minutes is the shortest interval, which will work.. Peter
  11. Hello @Lucrat1ve, the ACT.33 error it is related to a situation when a license is used in a different country than what the license has on file. Some licenses have a country lock (based on the country it was bought in), as part of license leakage prevention program. Peter
  12. Hello @Jayce68, we had a short outage of the activation service today, not related to ESA and provisioning. I think the case would have to be tacked with support so they can check the logs to see what went wrong there... Peter
  13. Hello @bcraigie, first of all, please make sure you have the latest version installed, if not upgrade to the latest one to see if it resolves the issue. We do not have info about the OS used and the server roles, in recent cases I saw an issue with Samba and EncFS mount points used by it, do you use them? If yes try to make a performance exclusions for all of them in /srv/samba/ If above does not help, please use the log collector script, upload them to a safe location and send me a private message with download details an reference to this forum topic, I will check them with my colleagues. Peter
  14. Yes we have an update, the hotfix version should be available by the end of this month. Peter
  15. Hello @New_Style_xd, such entries are normal in the scan log, usually those files are locked or used by the operating system, see our KB article on that: https://support.eset.com/en/kb2155-error-notifications-in-computer-scan-log Peter
  16. I guess under default settings that one should be sufficient, never had issues with Restart that personally. When it comes to Shut down, that is a different topic... Peter
  17. Hello @sk3y0n3, sure, there is a Random Delay Interval option in the Trigger for tasks send from ESMC Peter
  18. Hello @NW_Shawnee sure, there is a Random Delay Interval option in the Trigger for tasks send from ESMC btw. I would recommend to update the modules more often, than just once a day. Peter
  19. Hello @karlisi, Yes the full reboot is required, but the one which is done from the GUI should work. I checked it with the product expert and he hasn't seen such reports / behavior... Peter
  20. @salmmus you can send me the license key via a private message and I can provide you with the username and password needed. Peter
  21. Hello @R4fal, can you share the IP (you me send it to me over private message with a reference to this forum topic) or a sample of such message, if the issue persists so I can check it? Peter
  22. Hello Petr, I seen such bug reported when the RTP is disabled, is it your case? If yes, the issue should be fixed in the version 7.2. If not, please collect the logs once you encounter the issue and open a ticket with your local ESET support to have it checked. Peter
  23. Hello @szymonchaber Glad to hear that, thank your for the test and confirmation. I may not disclose the exact date, but should be during the next week, but do tell anyone Sure, that is understandable. Peter
  24. Hello @szymonchaber, as MichalJ mentioned, the ESET Endpoint Antivirus as product of lower tier does not have firewall at all, so based on that info we are not able to say if the fixes in the new version helped to resolve the issue. We have an RC version 6.9.60, please try the behavior with ESET Endpoint Security of that version, it is available at http://ftp.nod.sk/~mego/RC/6.9.60/ees_osx_en_0.dmg and let us know the results. Peter
×
×
  • Create New...