HugoKornelis 0 Posted June 2, 2019 Share Posted June 2, 2019 (edited) For some time now I am running into an issue with ESET Endpoint Protection. When I hover over the system tray I see a red warning symbol on the ESET icon. When I then open the window I see red marks on the protection status and on the settings. (See screenshots in the attachments; as you see I use the Dutch localization). I cannot re-enable the features, they simply don't work. Only a restart of the computer helps to get everything to a green status again. But then later (sometimes hours, sometimes days) I see the same problem again. I have not been able to find any log or other file that helps me find out WHY these features keep disabling. It also does not help that ESET does not alert me when the features are turned off, so I only notice that I am not protected when I choose to look at the icons in the system tray. Since ESET is obviously able to detect that some of its features are not working, why doesn't it pop up an alert as soon as this happens? Is there any way for me to find out why these features are constantly being disabled? And, more important, to prevent this from happening? Thanks in advance! EDIT: Forgot to mention: I am currently on version 6.6.2046.1. And I did a full, deep scan of my computer the previous time I noticed this, May 30 17:06. No threats were found. (And that was after a restart so the status was showing green for all features at that time). Edited June 2, 2019 by HugoKornelis Added version info Link to comment Share on other sites More sharing options...
Administrators Marcos 5,406 Posted June 2, 2019 Administrators Share Posted June 2, 2019 Is there any reason why you stick with EP6.6 and haven't upgraded yet to the latest v7.1? Please do so, if possible. Should the issue persist, please carry on as follows: - enable advanced network protection logging in the advanced setup -> tools -> diagnostics - reboot the system - disable logging - gather logs with ESET Log Collector - upload the generated archive to a safe location and provide me with a download link. Link to comment Share on other sites More sharing options...
bbahes 29 Posted June 3, 2019 Share Posted June 3, 2019 Maybe related....but I have one client (Endpoint v7) that has this alert in ESMC: Link to comment Share on other sites More sharing options...
Administrators Marcos 5,406 Posted June 3, 2019 Administrators Share Posted June 3, 2019 56 minutes ago, bbahes said: Maybe related....but I have one client (Endpoint v7) that has this alert in ESMC: Seems to be the same issue probably with registering callouts to Windows Filtering Platform. Please provide logs from the machine as per the instructions above. Link to comment Share on other sites More sharing options...
bbahes 29 Posted June 3, 2019 Share Posted June 3, 2019 1 minute ago, Marcos said: Seems to be the same issue probably with registering callouts to Windows Filtering Platform. Please provide logs from the machine as per the instructions above. What user did in the end is restarted machine. After that alerts went away. We talked to user and he told us that he did not shutdown notebook in Start > Shutdown way but he just closed lid. After he resumed notebook from sleep state this alert started. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,406 Posted June 3, 2019 Administrators Share Posted June 3, 2019 So it happened just once or he or she can reproduce it by closing and opening the lid at any time? Link to comment Share on other sites More sharing options...
bbahes 29 Posted June 3, 2019 Share Posted June 3, 2019 1 minute ago, Marcos said: So it happened just once or he or she can reproduce it by closing and opening the lid at any time? We did not try to reproduce problem. I will ask user to repeat same process and give you feedback. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,406 Posted June 3, 2019 Administrators Share Posted June 3, 2019 An important remark for those who have installed an older version of Endpoint 6.6 recently. If you don't want to upgrade to the latest Endpoint v7.1 for a reason, make sure to install the latest v6.6. Older v6.6 versions contain an eelam driver with an older certificate so if you have recently installed it on Windows 8.1 or newer it won't be able to load modules. Link to comment Share on other sites More sharing options...
Recommended Posts