Jump to content

Peter Randziak

ESET Moderators
  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by Peter Randziak

  1. @Camilo Diaz Sad to hear that, hopefully we will be able to resolve it with you. Thank you for the provided log files. From it it seems that the logs were collected, when the issue was not happening. In case you encounter the issue again please: 1. collect the logs when the issue occurs 2. record Sample of the esets_proxy during the load 3. Provide us with info, when the issue happens, if you are able to say that 4. How often do you face the issue Send me the logs / responses via the private message and I will open a ticket with our dev team to have it checked. Peter
  2. You can see the released versions of all ESMC components at https://support.eset.com/en/kb3690-which-version-of-eset-remote-administrator-or-eset-security-management-center-server-and-related-components-do-i-have the latest Web-Console version is, you can download it from https://www.eset.com/int/business/security-management-center/download/#standalone Peter
  3. @junyuanma the issue seems to be really strange to me. I would probably start with a reboot of the PC and wifi to see if the issue manifests after it... especially this part "I also noticed that my phone, which is under the same Wifi, also has difficulty openning pages when the issue happens. Pages can be loaded, but much slower than normal." does not make much sense to me... Peter
  4. @MRutkowski, thank you for the info. please remove the Cleaner 10001 from the modules folder (either just delete it or in case you have a backup of the original cleaner, restore it), it should not be used except of the issue verification. Let the product update, enable Self-defense back and reboot the system. Official fixing version 1211.1 is already available on the update servers. If the startup scan stucks again, provide us with a dump from ekrn.exe and let us know how long the scan had been running. Peter
  5. Glad the issue is resolved for you and thank you for keeping us posted. Peter
  6. Hello @itman, thank you for your submission, I contacted the lab and they decided to add the exe to detection as well Powershdll.exe - MSIL/Agent.SXW trojan Peter
  7. Hello @itman, the .exe itself is not malicious, it loads the .dll, which is being detected... Peter
  8. Hello guys, first I would like to thank all of you, who provided us with dumps and logs needed to analyze this issue and also to those, who helped us to verify the fix. The fix will be distributed via standard module updates, in few moments we will start with pre-release users, followed by batch for general public users and full release should happen tomorrow. All times are CEST and in case of any issues reported with the module, we may delay / cancel the release. We apologize for the inconvenience caused by this issue. Peter
  9. @deepblue2000 so can you please provide us with the logs as requested: Enable the logging, reproduce the issue, disable the logging and share with us the output so we can check it. Peter
  10. @funzee I downloaded them and sadly, you provided us process dumps, which does not hold the data needed to analyze the issue 😞 please proceed as Marcos suggested: So enable the logging, reproduce the issue, disable the logging and share with us the output so we can check it. Peter
  11. Hello, hmm it works fine for me, but you can download the attachment from this post: https://forum.eset.com/topic/24746-av-is-blocking-loading-webpages/?do=findComment&comment=117324 Peter
  12. Hello @mgn, it might be related to the issues reported at https://forum.eset.com/topic/24746-av-is-blocking-loading-webpages/ So if you would like to troubleshoot the issue with us, proceed in a following way: 0. Enable Startup scan 1. Disable Protected service and Self-defense under HIPS settings 2. Reboot your system 3. Download and apply https://forum.eset.com/applications/core/interface/file/attachment.php?id=18636 4. Reboot the system again 5. Download Procdump https://docs.microsoft.com/en-us/sysinternals/downloads/procdump 6. run it from an elevated command line with following parameters: procdump -ma -e 1 -n 10 ekrn.exe 7. If the issue occurs again, the dumps will be generated collect them, pack with output from ESET log collector, upload to a safe location and send me and @Marcos download details via a private message to check. Peter
  13. Hello guys, to what Marcos already requested please add recording of WFP events, to get it Run in admin CMD: netsh wfp capture start Reproduce the issue netsh wfp capture stop Collect C:\Windows\system32\wfpdiag.cab Thank you, Peter
  14. Hello guys, we are in contact with the dev team regarding this issue. To investigate it we need: 1. Output from ESET log collector 2. Process monitor log with advanced output enabled recording lasting at least tens of seconds 3. Procdump from ekrn in such state 4. Info if ESET updates are working or not If possible please pack the logs, upload them to a safe location and send send me, @TomasP and @Marcos the download details to we can check them. Peter
  15. Hello @Ger, in such case it is a one license ( just with multiple seats to be protected), which can have one one expiration date, so the license will expire in one year since buying / activation in case of boxed licenses. Peter
  16. Hello guys, in the Scheduler you can set update interval to 10 minutes, but the Updater checks the last attempt and in case the last update attempt was executed less than 10 minutes, it won't run again so practically 11 minutes is the shortest interval, which will work.. Peter
  17. Hello @Lucrat1ve, the ACT.33 error it is related to a situation when a license is used in a different country than what the license has on file. Some licenses have a country lock (based on the country it was bought in), as part of license leakage prevention program. Peter
  18. Hello @Jayce68, we had a short outage of the activation service today, not related to ESA and provisioning. I think the case would have to be tacked with support so they can check the logs to see what went wrong there... Peter
  19. Hello @bcraigie, first of all, please make sure you have the latest version installed, if not upgrade to the latest one to see if it resolves the issue. We do not have info about the OS used and the server roles, in recent cases I saw an issue with Samba and EncFS mount points used by it, do you use them? If yes try to make a performance exclusions for all of them in /srv/samba/ If above does not help, please use the log collector script, upload them to a safe location and send me a private message with download details an reference to this forum topic, I will check them with my colleagues. Peter
  20. Yes we have an update, the hotfix version should be available by the end of this month. Peter
  21. Hello @New_Style_xd, such entries are normal in the scan log, usually those files are locked or used by the operating system, see our KB article on that: https://support.eset.com/en/kb2155-error-notifications-in-computer-scan-log Peter
  22. Hello @zerowalker, I guess that might be the issue as the one port should be static, but the second one is usually generated randomly so make sure you put the port number to the correct destination i.e. local / remote. Or if the Miracast has an static IP you may allow all traffic from it... Peter
  23. This is an early announcement related to the end of life for ema.eset.com (EMA1). As we're completing the migration of MSPs to EMA2 (msp.eset.com), the aim is to phase out EMA1 completely by the end of the year. For more in-depth information and details, please consult the below links: ESET MSP Administrator V1 to V2 Migration Process FAQ: https://help.eset.com/ema/en-US/migration_faq.html ESET MSP Administrator versions feature comparison (EMA1/EMA2): https://www.eset.com/int/business/msp-administrator/ More about ESET MSP Administrator V2: https://help.eset.com/ema/2/en-US/ How to use EMA2 with your ESMC https://help.eset.com/msp_getting_started/en-INT/ There will be more detailed information about what this specifically means coming via the usual channels and you'll be informed about any action steps that may arise as part of this EOL initiative.
  24. Hello guys, thank you for your interest, we released GA version on Tuesday https://forum.eset.com/topic/22704-eset-endpoint-antivirus-for-linux-7-fully-released/ so I recommend to try out this version. Peter
  • Create New...