Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by kamiran.asia

  1. just AntiRansomeware Rulles is setup in HIPS Rules as mentioned in ESET website. No other HIPS rules . you mean if we disable Endpoint Self Defense it will solve this problem ?
  2. Hi dear ESET Admins. In some endpoint we are facing this problem : ( Upgrading 7.0.579.0 to 8.0.1238.0 ) MSI (s) (40:9C) [11:01:33:439]: Product: ESET Management Agent -- Error 1921. Service 'ESET Management Agent' (EraAgentSvc) could not be stopped. Verify that you have sufficient privileges to stop system services. Error 1921. Service 'ESET Management Agent' (EraAgentSvc) could not be stopped. Verify that you have sufficient privileges to stop system services. Full Log is Attached. What can we do remotely for this problem ( except safemode and uninstaller tool ) ?
  3. Ok , Yes we use Run Command . But it was a special problem . Thank You.
  4. Hi Dears. We have a problem in upgrading agent 7.0.579 to V8 in one of our customers network. ESET Protect V8 show Agent v7.0.579 as Updated ! So Upgrade task will finish successfully without any changes !! Repository in Online. We install a New Server and transfer Database to new server , Problem is persist. Upgrading with GPO will work ! but Upgrade Task will not work because ESET says it is up-to-date !
  5. It seems that there is a problem in ISP , We will work on this problem , Thank You Very Much.
  6. Hi Dear Marcos and thank you for your rapid response as usual 😍 the Log is attached. logs.txt
  7. Hi Dear ESET Support. We have problem in our Mail Security For Exchange. As You can see in Screen Shot of Mail Security , Anti-Spam Connection is limited. We have ping connection to all these servers : h1-ars01-v.eset.com h1-ars02-v.eset.com h1-ars03-v.eset.com h1-ars04-v.eset.com h1-ars05-v.eset.com h3-ars01-v.eset.com h3-ars02-v.eset.com h3-ars03-v.eset.com h3-ars04-v.eset.com h3-ars05-v.eset.com
  8. As our test in our company ESET IDS can block Zerologon as this detection and block attacker IP for 1 hour :
  9. No Dear , Problem is Why IDS in 2008R2 did not block communication from attacker ip . attack will block but communication will not block for 1 hour for attacker IP. So hacker can attack over and over again. As you know when IDS block an IP address , All communications is block for 1 hour ( Ping , ... ) It seems that it is a bug or may be a lake of security in 2008 R2.
  10. Yes Dear , As you can see in the picture we have Network section and attack is detected and Attacker Ip is listed in Black list of IDS.
  11. Dear ITMan , This problem is just in 2008 R2 , In 2012 , 2016 , 2019 , ESET IDS Detect CVE-2020-1472 , and The Attacker ip Blocked ! while other Security vendors like kaspersky , bitdefender and mcaffe ( As we tested ) did not detect this attack. we use picuslabs tool for this attack test . https://github.com/picussecurity/picuslabs/tree/master/CVE-2020-1472 Zerologon Also we test Other CVE-2020-1472 scripts and the result was the same as picuslabs tools. the Question is why at 2008 R2 Attack is blocked but attacker IP not blocked even when it is listed in Blacklist IP list
  12. No Fresh Windows installation and then ESET installed with all in one installer. No items in questions .
  13. Full Screen Shot ... Attacker Pc : Server :
  14. is the attacker and CMD is from attacker PC. Attacker PC is my PC and Server is a VM. these two windows mix in one screen. 😊
  15. Hi Dears. We find s.th in file security v7 - 7.2 . If attacker blocked by IDS ( for Example Zerologon attack ) Ip will not block for 1 hour ! is this a bug or a problem in 2008R2 ? Best regards.
  16. No this ESMC was always at a Windows Server. Other Clients are Connected , This new installation did not connect. 😟
  17. Hi Dears. We have Client with agent 7.2.1266.0 could not connect to ESMC. The Logs is attached . The error is : AUTHENTICATION_FAILED (Error description: unable to authenticate entity) Best Regards. Logs.zip
  18. Hi Dear ESET Support. We find a special issue in V7.0 and 7.1 in some version of windows 10 : GUI will become Red with "Antivirus Protection is non-functional" Error in Protection Status. Real Time and all modules are work probably (As Screen Shots) but the AV is become Red in ESMC. This issue occurred in last 7 days and the solution is upgrading to V7.3. But is there any changing in that versions cause not support win10 any more in some circumstances ? Or it is a bug in those legacy versions ? Statistic of this issue is about 40% of all Win10 in network.
  19. Hi dears , Same Problem for many of our Customers. We Think that old Version of V7 ( 7.0 , 7.1 ) on Windows 10 have this problem , Repair old version will fix the problem or Upgrade to V 7.3 and restart is needed. But what is the problem ? It seems that there is problem in new updates.
  20. Hi Dears. One of our customers have a problem with Mail Security For Exchange. EMS block their own Server IP address in Germany with this error : Found on Cloud Blacklist. The IP is : We check the ip in over 100 blacklist sources but nothing found. What can they do ?
  21. Hi Dear Marcos and thank you for your rapid reply. Here is the requested logs : https://we.tl/t-SIJEPRtd04
  22. Hi Dear ESET admins. We Have Problem in a specific offline system, After install and first update from mirror or even online update Real-Time become not functional. (Endpoint 7.3.2039.0) System is scanned with online Scanner and seems to be cleaned. ESET Log Collector and SysInspector is attached. ees_logs.zip SysInspector-TKT-200728-134740.zip
  23. The problem was : 7.1.2064 will not work on Outdated Win7 . We install ESET Recommended updates for 7.3 , Then 7.1.2064 work Probebly ! Just 7.1.2053 work on outdated Win7 😐
  • Create New...