sdnian gave kudos to gregarican in ESET Network Attack Protection (IDS) is non-functional
So I have Windows 10 Pro clients all running ESET Endpoint Antivirus v8.1.2031.0. Randomly after restarting their PC's I see one of these alerts fire up in my web console every 2-3 days.
Reading other forum threads (such as -->
) I don't think I'm an outlier with this. Yes, a reboot resolves the issue each any every time. But asking for my endusers to reboot their PC's after they just did and have gotten back into their business apps isn't reasonable. If this is a known issue, is there a fix via an update or anything?
sdnian gave kudos to TheSkymanDC in ESET Network Attack Protection (IDS) is non-functional
This was never resolved for us. The recommendation to turn on advanced logging was of no use as the reboot cleared the problem on that computer. Randomly happens every few days. I chatted with ESET Support and no one can give me a resolution. Very annoying.
sdnian gave kudos to Marcos in PowerShell/TrojanDownloader.Agent.DV trojan
Please delete in safe mode:
EFSW was installed on June 25, the threat was removed or cleaned before but not completely.
sdnian gave kudos to Marcos in Endpoint Security Anti phishing non functional
Update (Feb 10, 16:30 CET):
1, A fix tool that will replace ekrn.exe with a fixed version will be ready within today (Feb 10). The tool will need to be run on machines with affected ESET Security products that are malfunctioning. No restart should be needed to get the product work. The tool should work for affected Endpoint v5 as well as v6.5 products also on Windows XP and Windows Server 2003.
2, If you have an affected version of the product and it still works alright, do not restart the computer yet. Tomorrow (Feb 11) we'll be releasing Antivirus and antispyware module which will patch ekrn to fix the issue.
3, We should have 6.5 installers with a fixed ekrn.exe ready by tomorrow and will replace them in the repository too.
4, After remedying the issue, please consider upgrading to the latest Endpoint v7.2 wherever possible. While Endpoint v5 and 6.5 products will work until they reach EOL, we strongly encourage you to use the latest version which not only addresses bugs and issues from older versions but also brings substantially better protection against current threats.
sdnian gave kudos to MichalJ in Policy Setting - Exclusions
This is related to the new exclusions system. In case your policy has been converted from an old one, or you use older version of ESMC than 7.1, you will have the split of Performance & Detection Exclusions. If you create a new policy, you can only add performance exclusions to it, and detection exclusions would be handled via the new exclusions tab in the main menu.
So the one with detection exclusions is most probably a policy that included some detection exclsions (other than by path) before. The one which does not have them, is a policy which had not them defined before.
sdnian received kudos from pps in No need password to disable firewall in EES
The EES version is 7.1.2053. I've set a password protect in EES. When I right click the EES icon in the systray, click 'Pause firewall (allow all traffic)', a popup window appears asking for a password on the screen. Just ignore it, right click the EES icon to pause firewall again. Then the firewall been disabled now. It seems a bug, please check it.
sdnian received kudos from Peter Randziak in Activation fail. ECP.20006
Thanks for @MartinK and @Peter Randziak help.
I have found a solution to resolve this issue. The Sophos Firewall have a function - Web Proxy, it works as transparent proxy mode by default, after I added a rule to bypass transparent proxy for ESMC host, the product activation works well.