Erlend
-
Posts
36 -
Joined
-
Last visited
Posts posted by Erlend
-
-
hi
any module updates released today, that should interfere with general stability off network connectivity?
-
-
-
yes, i asked if i could upload them in this thread or another way?
-
just upload the files in the post?
-
hi, yes we generate the test file with a script and write it to a folder on c:.
test was triggered for devices with 9.x but not with 10.x
was working for 10.x yesterday
-
Hi
whit the current definition version eset server security 10.0.12014.0 is not reacting to eicar test file.
it was working yesterday with the same program build, only changes are module updates.
v9 still detecting eicar test file.
-
disabling HIPS 7.3.12006 seems to resolve the issue, but we use HIPS with 7.3.12005, so something must have changed.
we will run some more tests, but HIPS seems to be the source of the issue. -
8 minutes ago, Marcos said:
There are no such known issues. Does temporarily disabling real-time protection in the advanced setup and/or disabling HIPS and rebooting the server make a difference? If not, try temporarily uninstalling EFSW to make sure that it actually resolves the issue; otherwise you'll need to look for the root cause elsewhere. If you confirm that EFSW is somehow causing the issue, please open a support ticket with your local ESET distributor and provide your findings as well as logs collected with ESET Log Collector for a start.
A complete memory dump from the freeze will be most likely needed to determine the cause.
local support have always been slooooow, and eset log collector won't help, since it's non persistent.
-
Hi, as stated it Citrix PVS, so non-persistent, only option is to update the image with one of the following changes:
-downgrade FS to the previous version 7.3.12005 (re-install with this version)
-uninstall FS, not an option
-uninstall component, by component HIPS, Network protectionwe have 6 other images with older version of FS without the issue.
-
Hi
After upgrading file security from 7.3.12005 to 7.3.12006 we are experiences a high number of hang during reboot from network. (Citrix PVS)
any known issues with this version that would cause this ?
since this is non-persistent there are no logs as standard, and we would need to redirect the needed logs to persistent storage.
-
ok, thanks, is this fixed in new definition's ?
-
Hi
anyone else encountered this being reported as infected?
triggered during windows update.
Time;Scanner;Object type;Object;Detection;Action;User;Information;Hash;First seen here
26.01.2021 14.53.10;Real-time file system protection;file;C:\Program Files\dotnet\packs\Microsoft.NETCore.App.Host.win-x64\5.0.2\runtimes\win-x64\native\apphost.exe;Win64/Patched.U trojan;deleted;NT AUTHORITY\SYSTEM;Event occurred on a new file created by the application: C:\Windows\System32\msiexec.exe (9D336636A328D5B3F315093D86E4199A0FD7A5FC).;0DBB86B65FBBB41660DF36ABA0CED8FA4048FD7F;12.12.2020 03.44.18
26.01.2021 14.53.20;Real-time file system protection;file;C:\Program Files\dotnet\sdk\5.0.102\AppHostTemplate\apphost.exe;Win64/Patched.U trojan;deleted;NT AUTHORITY\SYSTEM;Event occurred on a new file created by the application: C:\Windows\System32\msiexec.exe (9D336636A328D5B3F315093D86E4199A0FD7A5FC).;0DBB86B65FBBB41660DF36ABA0CED8FA4048FD7F;12.12.2020 03.44.18
-
unassigned the default policy File Security for Windows Server - HTTP Proxy Usage now.
i will report back how it goes after a few days. -
it's set in the default policy: File Security for Windows Server - HTTP Proxy Usage
-
hm, yes i see that now it's configure to connect via the ESET management server.
-
Hi again @Marcos, we see both activation errors and live grid communication errors at random
how can we figure out what the issues is? -
-
Hi
what's the hostnames for ESET LiveGrid and ESET License servers?
-
ok, yes that's the internal ESET server.
-
-
what do i need to include in ESET Log Collector?, don't won't to upload any unnecessary information here.
-
the servers are connected directly not via proxy
the issues seems to be intermittent, sometimes it's ok
if i check for updates 5 times one of them can be ok
are there any logs i can check on the client, to see what source is used for updates?
-
Hi
any know issues with updates at the moment?
Server security module updates 04.01.24
in ESET Products for Windows Servers
Posted
this is on citrix pvs, windows booted over the network and cached on local storage.
so uninstall requires updating the image and retesting
that's why the question was so generic.