Jump to content

Search the Community

Showing results for tags 'realtime protection'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • ESET General Forums
    • ESET Announcements
    • General Discussion
    • Forum FAQ's and Rules
    • Submit a virus, website or potential false positive sample to the ESET lab
    • Quick questions by guests (registration not required)
    • WeLiveSecurity.com
  • ESET Home User Products
    • ESET Internet Security & ESET Smart Security Premium
    • ESET NOD32 Antivirus
    • ESET Cyber Security (for Mac)
    • ESET Cyber Security Pro (for Mac)
    • ESET NOD32 Antivirus for Linux Desktop
    • ESET Products for Mobile Devices
    • Web portals
  • Malware Detection and Cleaning
    • Malware Finding and Cleaning
    • ESET Standalone Malware Removal Tools
  • ESET Business User Products
    • Customer Research Opportunity
    • Gartner Peer Insights review invitation
    • ESET Cloud solutions
    • ESET Endpoint Products
    • ESET Products for Windows Servers
    • ESET Products for Linux Servers
    • ESET Products for Mobile Devices
    • Remote Management
    • ESET INSPECT (Detection and Response)
    • ESET Products for Virtualized Environments
    • Encryption
    • ESET Licensing for Business
    • Other ESET business products
  • ESET Beta Products
    • ESET Beta Products for Home Users
    • ESET Beta Products for Business Users
  • Slovak and Czech forums
    • ESET NOD32 Antivirus, ESET Internet Security a ESET Smart Security Premium
    • Produkty pre mobilné zariadenia
    • Vírusy a iné hrozby
    • Ostatné


  • Files
    • Early Access
    • Miscellaneous
    • Outlook plugin BETA
  • ESET Cyber Security 7 BETA
  • ESET Bridge BETA

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






User type

  1. Hi dear ESET Admins. We have this problem in a 20012 R2 Server , Clean installation not solve the problem ( Even with ESET Uninstaller in safe mode ) File Security 7.3 & 7.2 has the same issue. ESET Log Collector Log is attached. What can do for this problems ? Best regards. efsw_logs.zip
  2. hi, our client Processes I/O Read bytes is showing high Ekrn process running and effect the client pc peformance. our client using eset endpoint security Version 5.0.2265. Is this a normal processes?
  3. Hi All, Wondering if you can point me in the right direction. I've seen a few of these alert in my environment and I've done a scan on the systems that have generated this alert. They've all come up clean and I cannot find any additional info on this. Is ESET aware of this alert? What can I do to prevent this alert? Thanks in advance!
  4. The short version: 1. It seems that managed Mac clients are only partially honoring exclusions. a. Eicar test files placed in excluded directories are being ignored, as expected. b. Files in excluded directories are still being scanned on access, which is not as expected. 2. Unmanaged Mac clients appear to be honoring exclusions correctly. The long version: My MacBook Pro is affectionately referred to by my colleagues as the "Wind Tunnel" because its fans are constantly going at high speed. And its fans are constantly going at high speed because my managed ESET client is constantly scanning files in directories that have supposedly been explicitly excluded from scanning. A good example is Backblaze's working directory. Since Backblaze is constantly updating its indexes, logs, etc, there's always a lot of churn going on, so I've explicitly excluded Backblaze's working directory… /Library/Backblaze.bzpkg/*.* …via policy (as specified in numerous Knowledgebase articles). And I can tell the exclusion is working (at least in part) because when I place a copy of the Eicar test file in the /Library/Backblaze.bzpkg/ folder (or one of its sub-folders), the ESET client ignores it. But the moment a Backblaze backup kicks off, my managed ESET client starts scanning every file that is accessed in Backblaze's supposedly-excluded working directory, pegging the CPU, and causing the fans on my MacBook Pro to start screaming. Here's a screenshot that shows both the exclusion in the client, as well as the client completely ignoring that exclusion: The same is true of Time Machine backups, as well. Even though I've gone to great lengths to exclude every possible permutation of Time Machine path and volume name, ESET starts churning through every accessed file in those supposedly excluded directories/volumes the moment a Time Machine backup starts. I've only seen this behavior with managed clients. If I install a standalone version of the exact same client with the exact same exclusions, the exclusions work as expected. Even with Backblaze and Time Machine backups happening simultaneously, files in those excluded directories never show up in the scanned objects stream and my fans hum along quietly. But the moment I connect the ESET client to a Remote Administrator server, the scanned objects stream becomes a raging torrent of files in directories that it should be ignoring, and my fans kick into overdrive. I've tried adding/removing policies, creating new policies from scratch, and applying those policies at different levels in the group hierarchy. I've tried uninstalling and reinstalling the client multiple times, as well as going from managed to unmanaged and back again. I've also tried different syntax permutations for the exclusions (including two wildcard symbols (*.*), one wildcard symbol (*), and no wildcard symbol at the end of the path), but the problem remains. Any ideas? I'm out of them…
  5. Dear All, Does ESET logs an event log entry if someone disable the "Real time file system protection" and re-enables it. If yes, where would I be able to find the date and time of such event. Best regards, Nalaka
  6. I have ESET NOD32 v9.0.349.14 64bit Any special protections against ransomware
  7. Real-time file system protection keeps disabling my LastPass Chrome browser extension. How do I add this to an exclusions list or whitelist so that this does not happen. Disabling real-time protection in the meanwhile... Many thanks for your assistance..
  8. Hi We are having problem with Eset File Security 6 running on a Windows Server 2008 conflicting with IIS. When the realtime protection is enabled it appears that Windows can't start any w3wp processes to handle webrequests. When the realtime protection is disabled the w3wp process can started and requests can be handled. When the w3wp process have been start it is possible to enable realtime protection again without it interfering started w3wp processes. I've tried, and gotten the same behavior, with version 4.5 of File Security and version 6 of Endpoint security. Don't know if it's relative but the directory for all website on the server is placed on on a drive with the mapping D:\ Adding the path to the folder containing all site to the exclusion list makes no difference Both server and anti-virus are running 64-bit software
  9. Hello Team After install Eset V.9 or V8 new builds on Windows 8.1 Pro System Hang On Startup. I troubleshoot startup all is ok when i disabled eset service (ekrn.exe) or rename ekrn.exe also check try to delay but same issue system hangs on startup. i attach some log to you form sys inspector please check it & reply me soon. Regards Vimarsh.P Intel_NUC.zip
  10. Hi, How can I block websites using ESET Web Control feature with proxy connection enabled on the clients??
  11. We are developers of internet radio website putinradio.com. We faced a problem with Eset Security. We have HTML5 webpage with <audio> tag on it. Audio source stream points to stream.putinradio.com:8000/mystream We have Icecast server 2.4.1 running on stream.putinradio.com:8000 When user opens the page on putinradio.com and clicks play button, ESET warning window popups with message "Address has been blocked" It blocks audio stream as well as JSONP callback to hxxp://stream.putinradio.com/sse?callback=radio_get_np_callback We would like to know if we can prevent this window popup on default user settings Maybe we need to recofigure our servers somehow? Browsers tested: Firefox/Crome/IE ESET version: ESET Smart Security 7 (v. 7.0.325.1)
  12. Hi guys, I did installing eset endpoint 6 on a file server Windows Server 2008 R2. After installation, all users are with extreme slowness in opening and saving office files, specifically Word and Excel. Deactivate the real time the problem is solved, but as it is a server can't leave it disabled. Can ur help me?
  13. By coincidence I've noticed that the build version of the realtime protection module appears to be quite a bit older than all the other modules. The date for the build version of highlighted module is dated all the way back from 06-08-2015, while all the other module build dates are from 2016. From a casual observation that just seem sort of outdated and a little odd? I'm not sure if this matters in any way, but I'd just like to verify if this really is the latest version and if my Eset NOD32 Antivirus 9 program is all up to date. *My program version is in Danish, but I'm certain that the experts can tell what the various translations are supposed to be* Operating system: Windows 7 Home Premium 64-bit version 6.1.7601 SP1 NOD32 version: NOD32 Antivirus version 9.0.381.2 (Danish language UI) Virussignaturdatabase: 13756 (20160705) Modulet Hurtigt svar: 8293 (20160705) Opdateringsmodul: 1064 (20160324) Antivirus- og antispywarescannermodul: 1491 (20160630) Avanceret heuristikmodul: 1170 (20160425) Arkivunderstøttelsesmodul: 1251 (20160627) Rensemodul: 1123 (20160606) Anti-Stealthsupportmodul: 1098 (20160525) ESET SysInspector-modul: 1259 (20160406) Beskyttelsesmodul til realtidsovervågning af filsystemet: 1010 (20150806) Modul til oversættelsessupport: 1500 (20160623) HIPS-supportmodul: 1236 (20160704) Internetbeskyttelsesmodul: 1256 (20160606) Databasemodul: 1082 (20160601) Konfigurationsmodul (33): 1240.4 (20160406) LiveGrid-kommunikationsmodul: 1021 (20160310) Særligt renseprogram: 1012 (20160405) Registrering af rodsæt og rensningsmodul: 1003 (20160508) Modul for netværksbeskyttelse: 1191 (20160630) "Beskyttelsesmodul til realtidsovervågning af filsystemet: 1010 (20150806)" is the one I'm concerned with. Thanks in advance.
  14. I just started to re-install my Window 7 Ultimate Had a couple of experiments during this errors, so i will jump in a bit on how i know it was ESS. So when i finish installing my fresh O.S. the first program i installed is mozilla, and then Chrome. It works fine, up until i installed ESS and it Crashes my Chrome ! I spend time searching around the block how to fix this issue, but no avail. I do not know if its the f5 or HIPS, or Firewall. Anybody who can help me with this? Please? Thank you.
  15. We have a custom inline script that obscures a mail to address but ESET and some other endpoint products are knocking it down. The code is: <script type="text/javascript"> <!-- var s=" =b!ujumf>#Fnbjm!Tbsbi#!isfg>#nbjmup;tbsbiAtbsbitjohjoh/dpn#?Tbsbi=0b?"; m=""; for (i=0; i<s.length; i++) m+=String.fromCharCode(s.charCodeAt(i)-1); document.write(m); //--> </script> Because we are purposely trying to utilize this javascript, how can we whitelist this? Machine details of the threat are below: [redacted] COMPUTER DESCRIPTION John Ball THREAT NAME JS/Kryptik.AD THREAT TYPE trojan SEVERITY Warning OCCURRED 2016 Jun 2 08:30:18 THREAT HANDLED Yes RESTART NEEDED No ACTION TAKEN cleaned by deleting ACTION ERROR OBJECT TYPE file OBJECT URI [redacted]/test.html CIRCUMSTANCES Event occurred on a newly created file. SCANNER Real-time file system protection ENGINE VERSION 13585 (20160602) PROCESS NAME C:\Windows\notepad.exe USER NAME [redacted]
  16. Until recently I used Windows 7 / Em Client / McAfee anti-virus. I then changed to Windows 10 / Em Client / McAfee anti-virus. No problem. I then swapped McAfee for ESET Endpoint and Em Client seems to have stopped working. So I tried Thunderbird and that works ok with Endpoint. I'm therefore tempted to think Endpoint is blocking Em Client. However, if I temporarily turn off Endpoint completely, or turn off IMAP protocol checking, Em Client still doesn't seem to work. So could Endpoint still be getting in the way somehow, or is the fact that Em Client stopped working at the same time as I switched from McAfee to Endpoint a red herring? Thanks in advance for any ideas.
  17. Hi ESET Community, ESET AU support is taking a little bit longer than I'd like to get back to me (because I'm admittedly rather impatient.) I am currently investigating rolling out ESET EndPoint antivirus to a domain of 50+ computers. We have a document containing what ESET identifies as Win32/Kryptic.EMBF that I'm currently using for testing, as we had a PC recently infected via this document. When emailled to me yesterday, this document was collected from my email and moved to infected items (which I expect). The copy in a folder on my desktop was also picked up and removed when accessing the directory in question. I subsequently installed EndPoint antivirus on my Manager's machine with the same policies, and did the same as a demonstration, however unfortunately, it was not picked up in his email, nor in a folder on his desktop. What is more worrying is that my manager has re-sent the file to me today, and while it was previously detected on this PC, in this case it was not detected by ESET EndPoint Secuirty. I have also saved and opened the infected document with no interference from ESET. No alterations have been made to the configuration of my PC the item has not been marked as safe no directories are ignored Email scanning is enabled Realtime protection is enabled Document scanning is enabled Both PUA options are enabled Detection of suspicious applications is enabled. Scanning the file manually, the log entries are as follows:
  18. Hello, I have this issue for few months already. Few times a week, my Mac partially freezes for a minute or so. It looks like it freezes every IO request because GUI is usually working (I can move windows, switch desktops...), but any action which involves IO freezes (starting a new application, anything with on-disk cache, and so on). I have 8 GB RAM and usually, I have 1 to 3 GB of swap used. Switching to a long-time minimized (likely swapped) application sometimes hangs too, and here and there it happens when waking up from sleep. I verified that it is not happening when Real-time Filesystem Protection is disabled. ESET CSP reinstall did not help. Logs contain no entry around the time of the freeze, I'm not running any test at the moment... Is there a way to enable more verbose logging? Or what else I should try? Installed CSP version: OSX: 10.11.4 Mac: early 2015, 8 GB RAM Thanks.
  19. Hi there, I appear to be having some issues with my Antivirus software and although everything worked fine on my previous laptop that had Windows 7, this new laptop, which has Windows 10, can't seem to have functioning protection at all. As you can see from the three images below, it says basically everything is not functioning and that a reinstall is needed. Unfortunately, reinstalling, repairing, downloading from two different web browsers, and trying to set everything back to default has resulted in the same non-function notifications. I have windows defender turned off entirely as well as restarted my computer after each uninstall. It seems nothing I am doing fixes this and it's basically like saying I paid for a product that does not work. I've also had a notification saying that the "User rule file contains no data". Apologies if I haven't found the exact same same issues elsewhere posted and just made some kind of duplicate, but I couldn't find anyone else having this exact issues, only similar ones. Any help on the matter would be greatly appreciated and if any more information is needed, please let me know so this can get this sorted out. https://i.imgur.com/VsmUsRT.jpg hxxp://i.imgur.com/YXcPvwJ.png hxxp://i.imgur.com/PrDCh6y.png hxxp://i.imgur.com/vpKJeeZ.png (The last two images above are after doing a repair, it goes back to just two errors, but when clicking on the non-function parts, it says everything is enabled but nothing appears to be working.) Also, sorry for lack of image in the text, I don't know the BBCodes used here. I am on Version 9.0.375.0
  20. So, there's supposedly an exploit to Apple Quick Time that has every one, including the government saying we should immediately uninstall Quick Time. From what I understand, the exploit relies on Quick Time (V7.3 and higher) playing content that causes malware to be loaded. I have a number of programs that need to have QT running so I can't really afford to summarily uninstall it. Fortunately, I and the programs I use don't need to use the external-media playing functions of QT. That, and I've disabled it as a default multi-media player in general. My question is what are the known workarounds are available until ESET has either protection implemented or a statement regarding protection availability.
  21. Hello, i need to download something using MS SDM, it's just file download via port 80, but it's look like ESET checks every byte, which is very annoying, how can i temporarily stop it? I dont care about cpu usage, thats fine, almost idle. But HDD is between 60-90 % and the download even crash sometime and i think it's because of that. Thx for reply
  22. Hi Everyone My first question/contribution to this forum please: I'm using Smart Security 8 - have done so for without problems until today.. But today, under Update menu, I’ m getting: Virus signature database update ended with an error Undocumented serious error (0x101a) Product update Installed version: 8.0.319.0 is up to date What's happening please? Solution? Please help this senior Luddite. Cheers
  23. Hello Eset We are getting Many Of Issue From Our Partner & Customer That ESET Not Resolve Shortcut Malware/Virus Issue Properly. There is two Issue Regarding USB Removable Drive. 1. System Slow & Flash Drivers Cant open @ Scan Time & SlowDown While We Select Scan Now For Removable Media.(Mostly In Scandisk Pendrive) 2. Regarding Shortcut Virus/Malware. ESET May be Detect and Clean Virus if any But Still Hidden Data Not Shown and Short Cut Link Not Deleted Like Other Antivirus Do. We are Using ESET USB Fixer Utility To Manually Unhide Data. But It is Not Possible at Client Place. We Know about USB Fixer And Using But How Client Know That? If Other Anti Virus Clean Virus and Unhide Folder/Data and Remover Unwanted Shortcut So Why Not ESET? This is Hot Issue in Our Area and because of That Many Partner Switch in Other Anti Virus Software. Dear ESET Team Take Immediate Action and Add. Shortcut Virus / Malware Removal and Unhide Data In Updates So Client Easily Clear Virus and Also Get Data Back. Thanks & Regards Vimarsh Panchal
  24. Im afraid of have a virus and i purchase NOD32. Finishing the installation several problems show off
  • Create New...