Jump to content


  • Posts

  • Joined


  1. Upvote
    sdnian gave kudos to gregarican in ESET Network Attack Protection (IDS) is non-functional   
    So I have Windows 10 Pro clients all running ESET Endpoint Antivirus v8.1.2031.0. Randomly after restarting their PC's I see one of these alerts fire up in my web console every 2-3 days.
    Reading other forum threads (such as -->   
    ) I don't think I'm an outlier with this. Yes, a reboot resolves the issue each any every time. But asking for my endusers to reboot their PC's after they just did and have gotten back into their business apps isn't reasonable. If this is a known issue, is there a fix via an update or anything?
  2. Upvote
    sdnian gave kudos to TheSkymanDC in ESET Network Attack Protection (IDS) is non-functional   
    This was never resolved for us.  The recommendation to turn on advanced logging was of no use as the reboot cleared the problem on that computer.  Randomly happens every few days.   I chatted with ESET Support and no one can give me a resolution.  Very annoying.
  3. Upvote
    sdnian gave kudos to Marcos in PowerShell/TrojanDownloader.Agent.DV trojan   
    Please delete in safe mode:
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{28CBB79C-CAFE-44EB-8276-8D73BF358244}
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27D70E29-CE41-4102-9013-381FDE9E441A}
    EFSW was installed on June 25, the threat was removed or cleaned before but not completely.
  4. Upvote
    sdnian gave kudos to Marcos in Endpoint Security Anti phishing non functional   
    Update (Feb 10, 16:30 CET):
    1, A fix tool that will replace ekrn.exe with a fixed version will be ready within today (Feb 10). The tool will need to be run on machines with affected ESET Security products that are malfunctioning. No restart should be needed to get the product work. The tool should work for affected Endpoint v5 as well as v6.5 products also on Windows XP and Windows Server 2003.
    2, If you have an affected version of the product and it still works alright, do not restart the computer yet. Tomorrow (Feb 11) we'll be releasing Antivirus and antispyware module which will patch ekrn to fix the issue.
    3, We should have 6.5 installers with a fixed ekrn.exe ready by tomorrow and will replace them in the repository too.
    4, After remedying the issue, please consider upgrading to the latest Endpoint v7.2 wherever possible. While Endpoint v5 and 6.5 products will work until they reach EOL, we strongly encourage you to use the latest version which not only addresses bugs and issues from older versions but also brings substantially better protection against current threats.
  5. Upvote
    sdnian gave kudos to MichalJ in Policy Setting - Exclusions   
    This is related to the new exclusions system. In case your policy has been converted from an old one, or you use older version of ESMC than 7.1, you will have the split of Performance & Detection Exclusions. If you create a new policy, you can only add performance exclusions to it, and detection exclusions would be handled via the new exclusions tab in the main menu. 
    So the one with detection exclusions is most probably a policy that included some detection exclsions (other than by path) before. The one which does not have them, is a policy which had not them defined before. 
  6. Upvote
    sdnian received kudos from pps in No need password to disable firewall in EES   
    The EES version is 7.1.2053. I've set a password protect in EES. When I right click the EES icon in the systray, click 'Pause firewall (allow all traffic)', a popup window appears asking for a password on the screen. Just ignore it, right click the EES icon to pause firewall again. Then the firewall been disabled now. It seems a bug, please check it.
  7. Upvote
    sdnian received kudos from Peter Randziak in Activation fail. ECP.20006   
    Thanks for @MartinK and @Peter Randziak help.
    I have found a solution to resolve this issue. The Sophos Firewall have a function - Web Proxy, it works as transparent proxy mode by default, after I added a rule to bypass transparent proxy for ESMC host, the product activation works well.
  • Create New...