Jump to content

Erlend

Members
  • Posts

    36
  • Joined

  • Last visited

About Erlend

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Norway
  1. this is on citrix pvs, windows booted over the network and cached on local storage. so uninstall requires updating the image and retesting that's why the question was so generic.
  2. hi any module updates released today, that should interfere with general stability off network connectivity?
  3. hi, yes we generate the test file with a script and write it to a folder on c:. test was triggered for devices with 9.x but not with 10.x was working for 10.x yesterday
  4. Hi whit the current definition version eset server security 10.0.12014.0 is not reacting to eicar test file. it was working yesterday with the same program build, only changes are module updates. v9 still detecting eicar test file.
  5. disabling HIPS 7.3.12006 seems to resolve the issue, but we use HIPS with 7.3.12005, so something must have changed. we will run some more tests, but HIPS seems to be the source of the issue.
  6. local support have always been slooooow, and eset log collector won't help, since it's non persistent.
  7. Hi, as stated it Citrix PVS, so non-persistent, only option is to update the image with one of the following changes: -downgrade FS to the previous version 7.3.12005 (re-install with this version) -uninstall FS, not an option -uninstall component, by component HIPS, Network protection we have 6 other images with older version of FS without the issue.
  8. Hi After upgrading file security from 7.3.12005 to 7.3.12006 we are experiences a high number of hang during reboot from network. (Citrix PVS) any known issues with this version that would cause this ? since this is non-persistent there are no logs as standard, and we would need to redirect the needed logs to persistent storage.
  9. Hi anyone else encountered this being reported as infected? triggered during windows update. Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here 26.01.2021 14.53.10;Real-time file system protection;file;C:\Program Files\dotnet\packs\Microsoft.NETCore.App.Host.win-x64\5.0.2\runtimes\win-x64\native\apphost.exe;Win64/Patched.U trojan;deleted;NT AUTHORITY\SYSTEM;Event occurred on a new file created by the application: C:\Windows\System32\msiexec.exe (9D336636A328D5B3F315093D86E4199A0FD7A5FC).;0DBB86B65FBBB41660DF36ABA0CED8FA4048FD7F;12.12.2020 03.44.18 26.01.2021 14.53.20;Real-time file system protection;file;C:\Program Files\dotnet\sdk\5.0.102\AppHostTemplate\apphost.exe;Win64/Patched.U trojan;deleted;NT AUTHORITY\SYSTEM;Event occurred on a new file created by the application: C:\Windows\System32\msiexec.exe (9D336636A328D5B3F315093D86E4199A0FD7A5FC).;0DBB86B65FBBB41660DF36ABA0CED8FA4048FD7F;12.12.2020 03.44.18
  10. unassigned the default policy File Security for Windows Server - HTTP Proxy Usage now. i will report back how it goes after a few days.
×
×
  • Create New...