Jump to content


  • Content Count

  • Joined

  • Last visited

Everything posted by sdnian

  1. EFSW cause clients to gain access to files very slow. If I disable 'real-time protection', the files can be opened quickly. For example: I've a simple excel file, just 10k bytes. If real-time protection was disabled, it just needs about 1.5 seconds to open it. But if real-time protection was enabled, it needs more than 12 seconds to open. I've tested EFSW in separate Windows Servers. It seems the issue happened in Windows 2003 SP2 x86 / 2003 R2 SP2 x64 only. In Windows 2008 SP2 x64 are okay. I used ESET File Security version is 6.2.12007.0. Second, EFSW cause Process Monitor cr
  2. Enable "Report non-ESET-installed applications" in ERA Agent policy.
  3. I capture the video to demo it, please take a look. https://youtu.be/T6g60_qPFF4
  4. Maybe it just happened in VM. I test it with VirtualBox (Host: Ubuntu 14.04 / 15.10, Windows 7 SP1) and Proxmox. Both have the same issue.
  5. I try to test this issue in different Windows. All 32bit OSs have not this issue. It always has a number in the 'Number of scanned objects'. Below OS I've tested. Windows XP SP3 32bit Windows 7 SP1 32bit But all 64bit OSs have the exact issue. Below OS I've tested. Windows 7 SP1 64bit Windows 8.1 64bit Windows 10 64bit Windows Server 2008 64bit So I wonder it's a bug. Could ESET confirm it? And I found a more eccentric thing. Before I scan memory, if I have to launch other programs, for example IE, notepad++, it could show a number. The screenshots in the below..
  6. I've check the settings. "Enable Smart optimization" is off in the In-Depth profile. And I click "Scan as Administrator" button to start scanning. Any other suggestion? Thank you. And I've uninstall and install EEA couple times. It's the same result.
  7. I try to scan memory with "In-depth scan". But no object be scan, the log show "Number of scanned objects: 0". It's all using default settings. I don't change any settings after install EEA. OS: Windows 7 Ultimate SP1 ESET Endpoint Antivirus v6.2.2021.0 Virus signature database: 12519 (20151105) Rapid Response module: 6962 (20151105) Update module: 1060 (20150617) Antivirus and antispyware scanner module: 1472 (20150930) Advanced heuristics module: 1162 (20150923) Archive support module: 1239 (20150929) Cleaner module: 1114 (20151004) Anti-Stealth support module: 1083 (20150819) ES
  8. Finally, I resolve my issue. I use "Device identifiers . Identifier value" to resolve it.
  9. I'd like to create a dynamic group template by computer name. But the rule has only two conditions: equal / not equal. Could I use others conditions like contains, has prefix, has postfix, has mask, regex, in, in (string mask) ? For example, all computers' name start with AA, then AA001, AA002, AA003... could be assigned into the dynamic group.
  10. Yes, there is a '5: Unknown' in the status field. Here is the SysInspector Log file -
  11. Use SysInspector Log Viewer in web console, I saw an unexpected error. How to resolve this problem? If I download the zip file of SysInspector Log and use SysInspector to open it. Everything is fine. Error description: *version :* *locale : en_US* *user.agent : Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36 (safari)* *document : https://xxx.xxx.xxx.xxx/era/webconsole/BF0B8C2FA57B6115455447CAF2D9D19C.cache.html* *url : https://xxx.xxx.xxx.xxx/era/webconsole/#id=REPORTS:id=SHOW_REPORT;r=00000000-0000-0000-7013-0000000
  12. Okay.. I know why is the problem.. Because I restore database from another ERA server. So the user 'era_user' already exists in SQL server. Thank you.
  13. I can't find out helpful information from log files. Could you take a look the log files, please? Thank you. Logs.zip
  14. I try to install ERA v6.2.171.0. I've an old ERA server want to move another one. So I backup the database in old server. And Install SQL express in new server. Then restore database into SQL in new server. Everything is fine so far. Then I run Setup.exe to install ERA Server.. But I got the below error message. And I found out a strange thing. I don't change anything in the new server. Just close the setup window. Then run it again. Second time it still failed. But third time, no found any error message. I could install finished. What problem is this? OS: Windows 2008 SP2
  15. Hello, Thanks for your reply. Could ESET consider to let the 'Threat' filed editable in ERA 6 policy? If so, that would be great. Sometimes, we want to enable detection of potentially unwanted/unsafe applications, but a few applications that we need to run also be detected. I known it's not FPs. So if we can just exclude specific threat, should help us to easy management ESET antivirus software. The threat string is not so hard to get, we could exclude it form any client first. Then copy it to right place.
  16. According your issue... If the client get the tasks from ERA server's policies.. It can be executed in any network, in company local network or out of company network. Because the tasks are stored in the client.
  17. "Update now" always use default update profile. If you want to use dual update profile, you have to setting a schedule task, for example "regular automatic update task". If you want to test it, you should run "regular automatic update" schedule task manual.
  18. In EEA/EES/EFSW, I can exclude file and specific threat name.. for example: But in ERA 6 policy, how to set the 'Threat' field ?
  19. Create dynamic group template, the expression like these..
  20. ESET has publish the news hxxp://kb.eset.com/esetkb/index?page=content&id=NEWS324&actp=RSS&locale=en_US today. I try it in Windows XP SP3 and EES 6.1.2227.0. First I've confirm the Internet protection module is 1173.9 (20150617). I found the IE 8.0.6001.18702 don't work. I also test with Google Chrome 43.0.2357.132 and Firefox 36.0.4. Both of them work well. So if the function don't support IE8 or I do something wrong ?
  21. There's absolutely no difference between Endpoint v5 and Endpoint v6. Even if it was possible to decode encrypted files, a dedicated stand-alone decryptor would need to be used. If be infected by Win32/Filecoder, could ESET provide any solution to decode encrypted files ?
  22. I'd suggest ESET give us a tool for easy to backup/restore ERA database, even let's to migrate ERA server from one server to another server. That would be great.
  23. I run the Web Console in Chrome v43.0.2357.81 in Ubuntu 15.04 (x64). The ERA Server is v6.1.437.0, OS is Windows 2003 SP2 x86.
  24. I'd like to get Agent Live Installers. In this screen, I click "GET INSTALLERS" button, but get nothing under "PACKAGES TO DOWNLOAD".. How to resolve the problem?
  • Create New...