Jump to content

sdnian

Members
  • Posts

    184
  • Joined

  • Last visited

  • Days Won

    1

sdnian last won the day on October 5 2023

sdnian had the most liked content!

About sdnian

  • Rank
    Newbie
    Newbie

Profile Information

  • Gender
    Male
  • Location
    Taiwan

Recent Profile Visitors

3,091 profile views
  1. On computers with EEA installed, the window appears a few seconds after executing cmd, and then the window closes automatically. If I disable Deep Behavioral Inspection or add c:\windows\system32\cmd.exe to the exclusion list, cmd will run normally. Tried pre-releases update, still the same situation. What can I do to solve this problem? Windows 10 22H2 x64, EEA 11.0.2044 (Deep behavioral inspection support module 1150)
  2. Thanks @jia_yang reply. I mentioned AnyDesk just as an example. Using a firewall to block network connections or blocking hash-based file are among the methods. However, personally, I don't consider these good approaches for users of ESET Inspect. Given that using ESET Inspect allows us to detect when a client executes certain programs and ESET Inspect also has the capability to block files, why are there limitations on functionalities like KillProcess? For instance, within ESET Inspect's built-in rule: "AnyDesk Remote Desktop Silent Installation [D0443]", this rule can detect silent installations of AnyDesk, and it's set to perform actions like KillProcess. However, when this event is triggered, it doesn't block the installation or execution of AnyDesk. Shouldn't it be blocked immediately if someone unauthorized attempts this?
  3. Is it possible to prohibit the execution of a particular program? Depending on specific conditions such as file name, digital signature, company name.... etc. instead of a hash value. Example: I want to disable the use of anydesk on my company's computers, is there a way to do this?
  4. I submitted a support ticket last Friday, but no any response so far. The logs you mentioned is below, can you see what the problem is? Or pass it on to the appropriate person? Thanks! Logfile.zipeea_logs.zip
  5. I'm trying to install VC_redist 2008 sp1, and I'm getting the following error message. If I disable real-time file system protection, the installation will be successful. I tried installing VC_redist 2022 and did not encounter this problem. The system is Windows 11 22H2 x64 , EEA 10.1.2046.0. How to fix this issue?
  6. Sorry... The problem is fixed. It's the primary dns server in the ESET PROTECT server don't work.
  7. I've an ESET PROTECT v10.0.1128 and ESET Bridge 1.0.37. All clients use this proxy server. After the antivirus software been installed, it can't been activation. I found some logs.. Access.log: 172.1.3.51 - - [04/Feb/2023:15:19:19 +0800] "CONNECT edf.eset.com:443 HTTP/1.1" 502 150 "-" "-" Error.log: 2023/02/04 16:03:24 [error] 6892#7452: *954 proxy_connect: edf.eset.com could not be resolved (2: Server failure), client: 172.1.3.211, server: , request: "CONNECT edf.eset.com:443 HTTP/1.1", host: "edf.eset.com:443" 2023/02/04 16:03:24 [error] 6892#7452: unexpected DNS response for edf.eset.com I run a test in the ESET PROTECT server.. Get 502 error. > curl.exe --proxy hxxp://172.1.3.105:3127/ https://edf.eset.com/edf curl: (56) Received HTTP code 502 from proxy after CONNECT But if don't use proxy.. the connection is fine. > curl.exe https://edf.eset.com/edf <?xml version="1.0" encoding="utf-8"?><ecp:message xmlns:ecp="hxxp://www.eset.com/2012/02/ecp"><ecp:response><code>20101001</code><message>invalid http method</message></ecp:response></ecp:message> So.. how to fix the Bridge DNS resolved problem? Thank you! access.log error.log
  8. Hello, Over the past two days, different customers have been responding that after installing EEA/EFSW, the product activation failed with the error code: ACT.0. I tried to connect to https://edf.eset.com/edf and it looked fine, and I got the following content: <?xml version="1.0" encoding="utf-8"? ><ecp:message xmlns:ecp="hxxp://www.eset.com/2012/02/ecp"><ecp:response><code>20101001</code><message>invalid http method</message></ ecp:response></ecp:message> How to solve this problem? Thanks!
  9. @Peter Randziak The issue persists. I've collect logs, please take a look if what kind of wrong? trace.log agent.zip eea_logs.zip
  10. I have a Windows 7 SP1 been installed Agent 9.0.1144 and EEA 9.0.2046. After the installation, it can connect to ESET Protect, and I can see the successfully applied policies on the console, everything are normal so far. However, when I check the settings from the client, there is no policies settings been applied. Uninstall and reinstall Agent and EEA, the issue is still exist. There is an error in the trace.log: Error: CEssConnectorModule [Thread 103c]: Set policy failed: CNodcommChannel: Send request failed with 14, Command failed - Make sure that Agent runs with Administrator privileges. How to fix it?
  11. I've installed EFSW 6.5.12018 in windows server 2003, but can't activated the product, the error code is ECP.20006. I've testing 6.5.2132.6 in XP, it's the same issue. In the same environment, I installed EFSW 9.0.12012 in Windows Server 2019 and it can be activated. Please help to fix this problem, thank you. ECP.zip
  12. Please help to clean this trojan, thank you! eea_logs.zip
  13. I have the same situation. After some troubleshooting, I found that it was the "License interval check" setting, originally I set it to limited, but after changing it to Automatic the warning disappeared. https://help.eset.com/eea/8/en-US/idh_config_license.html
×
×
  • Create New...