NobelDwarf
Members-
Posts
27 -
Joined
-
Last visited
About NobelDwarf
-
Rank
Newbie
Profile Information
-
Location
U.K.
-
NobelDwarf reacted to a post in a topic: Issue with our ESET Endpoint & Server Security for ESET PROTECT Advanced
-
NobelDwarf started following Some Information not showing , Issue with our ESET Endpoint & Server Security for ESET PROTECT Advanced , ESETFDE dlpfde.sys causing issues and 7 others
-
Hi, Last night we had 212/220 used for our Endpoint & Server Security license and an auto-activation task to activate any agent that comes online. This morning, we received alerts for an invalid task, which was our auto-activation task, saying the licence was an issue. So, I checked our license page it's now showing 0/220 but the lifeguard is still the original 212/220. Both Protect Portal and EBA show 0 for the security license is this a bug or did something happen to all of my activations? Thanks
-
NobelDwarf reacted to a post in a topic: ESETFDE dlpfde.sys causing issues
-
NobelDwarf reacted to a post in a topic: ESETFDE dlpfde.sys causing issues
-
Hi Ashley, Thanks for the clarification are there any effects of removing your driver from the DumpFilters until this is fixed for the machines that have already been upgraded? As we currently have 5 machines updated and having this issue until the fix is out in January? Thanks
-
Hi, I have machines updated with Windows 11 24H4 either by Windows update or fresh from the ISO. Once the ESET FDE is installed it stops the machine from shutting down, when you click on the shutdown button on the start menu it shows the shutdown screen for a couple of seconds then the screen goes off but it goes into sleep mode. If you move the mouse it wakes up but if you hold shift + shutdown it fully shuts down. After doing some investigation I found it's the dlpfde.sys driver causing it used in HKLM\SYSTEM\CurrentControlSet\Control\CrashControl\DumpFilters which has "dumpfve.sys and dlpfde.sys" listed it creates an error in the event logs as you can see in the screenshot below. Machines using the older version of Windows 11 23H2 don't have these issues and don't show the error in event logs. Once I change the DumpFilters reg key, remove your dlpfde.sys and leave the default windows one of dumpfve.sys it allows the machine to work normally again by allowing shutdown
-
Is there any way of making a tasking using the ASAP trigger to have no expiry date? I used to be able to make the date year 2200 but now it's locked to 6 months so every 6 months have to change 20 tasks' expiry dates to keep the task going.
-
NobelDwarf reacted to a post in a topic: Protect Cloud Interface Changes
-
NobelDwarf reacted to a post in a topic: Surface Pro 9 FDE
-
Hi @Kstainton, It's using FDE V1.4.58.0 with End Point Security V11.0.2044.0. The first issue I had before it started to encrypt was that issue you linked in your last post which allowed the encryption process to start but then it restarted to do the system check which started the flashing Windows Logo until I turned off Secure Core. Thanks
-
Hi, Not sure if you know but I just like to post about it here. I am setting up a new Surface Pro 9 with UEFI Firmware 12.200.143.0 then started the FDE which made the system no longer able to boot which just shows a flashing Windows logo. Going by this forum post it seems to have the same issue once I turn off Secure Core it allows it to boot but if it's turned on it stops it from booting, is this the same bug with the Surface Pro 9 as it was with the Surface Laptop 5? Thanks
-
NobelDwarf reacted to a post in a topic: New Surface BIOS update breaks FDE and renders laptop unbootable!
-
NobelDwarf reacted to a post in a topic: New Surface BIOS update breaks FDE and renders laptop unbootable!
-
Full Disk Encryption - Recovery Password has reached its usage limit
NobelDwarf replied to NobelDwarf's topic in Encryption
All the machines have the same policy that I have attached screenshots below, is there a way to make sure that it doesn't happen again? As far as I am aware it's set to allow 5 recovery password usage then set a new one. It has worked before on multiple machines which all use the one policy across the whole network of 88 machines. This is the first time seeing this error and have reset the passwords before after the index code went from all 0s to 002. -
Full Disk Encryption - Recovery Password has reached its usage limit
NobelDwarf replied to NobelDwarf's topic in Encryption
Hi @Kstainton, Thanks for the update but if the password has reached its limit why did it, not generate a new one like the other laptops we have on the network? As they rest will allow 5 usages then issue a new code. Thanks. -
Hi All, I currently have a laptop encrypted with Full Disk Encryption and the user has locked the account out but when I tried to go to password recovery it reported "Your recovery password has reached its usage limit. Please contact your Administrator" It doesn't allow you to type any passwords in just the popup and when you click ok it just takes you back to the menu. What is the way to fix this issue or is it just to unencrypt the disk? Thanks
-
NobelDwarf reacted to a post in a topic: PUA Blacklist Block
-
We use the remote desktop software called Splashtop to connect to our machines but the client is getting blocked sometimes due to PUA Blacklist blocking the connection, which today the detections logs are being spammed by the blockage of the same domain. Should it be blocked since the software is genuine and used by others? URL is https://54-229-177-32.relay.splashtop.com IP is 54.229.177.32 Going by their documentation it uses wildcards for the subdomain so the numbers do not stay the same. Sorry if this isn't the correct way to report this issue, if it is can you tell me the correct way? Thanks
-
NobelDwarf reacted to a post in a topic: Full Disk Encryption ignoring policy
-
Hi, I have a policy for all my devices to be used for Full Disk Encryption which is set to not allow end users to change passwords without the recovery code. I had it set to change the password setting to disable which I noticed today that end users are still able to change, doing a test by editing the policy to force disabled to see if users are still able to change it. With the policy having this set or forced it still allows the user to change the password. They are all running the latest version of 1.4.52.0 of the software and use all the same policies.
-
Sebastiaan reacted to a post in a topic: Endpoint Encryption and BitLocker
-
Hi All, I have noticed a couple of my machines are now not reporting information back from the agent to the server. Some have been installed for a while and two are now one of them is a new machine, The one that has been installed for a while isn't reporting back its IP, and one I reinstall the agent on is not reporting any hardware info but it does with software install and is running the task. It also now doesn't show the encryption panel. On the other one, everything is there apart from what CPU it has. All three of these machines are not showing on reports now either where I have selected all none mobile devices which they did show before. All of them are reporting back the software list, are running tasks that are sent out to them and the status for the ESET agent comes back all green. Is there anything that not working on these that would cause this issue?
-
Excluded IP address for Email Protection
NobelDwarf replied to NobelDwarf's topic in ESET Endpoint Products
Hi Marcos, Thanks for getting back to me so the only way is to white list the domains/emails in the global address list if need it not be marked as spam for everyone? -
Hi All, I am trying to add a group of IPs to the Excluded IP Address in "Web & Email" Protocol Filtering but when a email is received from that ip range it still gets auto moved to spam with tag [SPAM] added is there a way to whitelist the ip range so any emails sent from that ip is whitelisted.