Erlend
Members-
Posts
36 -
Joined
-
Last visited
Everything posted by Erlend
-
Server security module updates 04.01.24
Erlend replied to Erlend's topic in ESET Products for Windows Servers
this is on citrix pvs, windows booted over the network and cached on local storage. so uninstall requires updating the image and retesting that's why the question was so generic. -
hi any module updates released today, that should interfere with general stability off network connectivity?
-
Hi, as stated it Citrix PVS, so non-persistent, only option is to update the image with one of the following changes: -downgrade FS to the previous version 7.3.12005 (re-install with this version) -uninstall FS, not an option -uninstall component, by component HIPS, Network protection we have 6 other images with older version of FS without the issue.
-
Hi After upgrading file security from 7.3.12005 to 7.3.12006 we are experiences a high number of hang during reboot from network. (Citrix PVS) any known issues with this version that would cause this ? since this is non-persistent there are no logs as standard, and we would need to redirect the needed logs to persistent storage.
-
File security 7.2 - false positive? - .NET SDK - 5.0.102
Erlend replied to Erlend's topic in Malware Finding and Cleaning
ok, thanks, is this fixed in new definition's ? -
Hi anyone else encountered this being reported as infected? triggered during windows update. Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here 26.01.2021 14.53.10;Real-time file system protection;file;C:\Program Files\dotnet\packs\Microsoft.NETCore.App.Host.win-x64\5.0.2\runtimes\win-x64\native\apphost.exe;Win64/Patched.U trojan;deleted;NT AUTHORITY\SYSTEM;Event occurred on a new file created by the application: C:\Windows\System32\msiexec.exe (9D336636A328D5B3F315093D86E4199A0FD7A5FC).;0DBB86B65FBBB41660DF36ABA0CED8FA4048FD7F;12.12.2020 03.44.18 26.01.2021 14.53.20;Real-time file system protection;file;C:\Program Files\dotnet\sdk\5.0.102\AppHostTemplate\apphost.exe;Win64/Patched.U trojan;deleted;NT AUTHORITY\SYSTEM;Event occurred on a new file created by the application: C:\Windows\System32\msiexec.exe (9D336636A328D5B3F315093D86E4199A0FD7A5FC).;0DBB86B65FBBB41660DF36ABA0CED8FA4048FD7F;12.12.2020 03.44.18
-
hostnames for ESET LiveGrid and ESET License servers
Erlend replied to Erlend's topic in ESET Products for Windows Servers
unassigned the default policy File Security for Windows Server - HTTP Proxy Usage now. i will report back how it goes after a few days. -
hostnames for ESET LiveGrid and ESET License servers
Erlend replied to Erlend's topic in ESET Products for Windows Servers
it's set in the default policy: File Security for Windows Server - HTTP Proxy Usage -
hostnames for ESET LiveGrid and ESET License servers
Erlend replied to Erlend's topic in ESET Products for Windows Servers
hm, yes i see that now it's configure to connect via the ESET management server. -
hostnames for ESET LiveGrid and ESET License servers
Erlend replied to Erlend's topic in ESET Products for Windows Servers
Hi again @Marcos, we see both activation errors and live grid communication errors at random how can we figure out what the issues is? -
hostnames for ESET LiveGrid and ESET License servers
Erlend replied to Erlend's topic in ESET Products for Windows Servers
ok, thank you! -
ok, yes that's the internal ESET server.
-
logs. efsw_logs.zip
-
what do i need to include in ESET Log Collector?, don't won't to upload any unnecessary information here.
-
the servers are connected directly not via proxy the issues seems to be intermittent, sometimes it's ok if i check for updates 5 times one of them can be ok are there any logs i can check on the client, to see what source is used for updates?
-