Jump to content

ESET Endpoint Protection constantly disabled - why?


Recommended Posts

For some time now I am running into an issue with ESET Endpoint Protection.

When I hover over the system tray I see a red warning symbol on the ESET icon. When I then open the window I see red marks on the protection status and on the settings. (See screenshots in the attachments; as you see I use the Dutch localization). I cannot re-enable the features, they simply don't work. Only a restart of the computer helps to get everything to a green status again. But then later (sometimes hours, sometimes days) I see the same problem again.

I have not been able to find any log or other file that helps me find out WHY these features keep disabling. It also does not help that ESET does not alert me when the features are turned off, so I only notice that I am not protected when I choose to look at the icons in the system tray. Since ESET is obviously able to detect that some of its features are not working, why doesn't it pop up an alert as soon as this happens?

Is there any way for me to find out why these features are constantly being disabled? And, more important, to prevent this from happening?

Thanks in advance!

2-6-2019 15-36-21.png

2-6-2019 15-36-37.png

 

EDIT: Forgot to mention: I am currently on version 6.6.2046.1. And I did a full, deep scan of my computer the previous time I noticed this, May 30 17:06. No threats were found. (And that was after a restart so the status was showing green for all features at that time).

Edited by HugoKornelis
Added version info
Link to comment
Share on other sites

  • Administrators

Is there any reason why you stick with EP6.6 and haven't upgraded yet to the latest v7.1? Please do so, if possible. Should the issue persist, please carry on as follows:

- enable advanced network protection logging in the advanced setup -> tools -> diagnostics
- reboot the system
- disable logging
- gather logs with ESET Log Collector
- upload the generated archive to a safe location and provide me with a download link.

Link to comment
Share on other sites

  • Administrators
56 minutes ago, bbahes said:

Maybe related....but I have one client (Endpoint v7) that has this alert in ESMC:

image.thumb.png.d7c0d98aa4f881bced93e033a02a93f2.png

Seems to be the same issue probably with registering callouts to Windows Filtering Platform. Please provide logs from the machine as per the instructions above.

Link to comment
Share on other sites

1 minute ago, Marcos said:

Seems to be the same issue probably with registering callouts to Windows Filtering Platform. Please provide logs from the machine as per the instructions above.

What user did in the end is restarted machine. After that alerts went away. We talked to user and he told us that he did not shutdown notebook in Start > Shutdown way but he just closed lid. After he resumed notebook from sleep state this alert started.

Link to comment
Share on other sites

  • Administrators

So it happened just once or he or she can reproduce it by closing and opening the lid at any time?

Link to comment
Share on other sites

1 minute ago, Marcos said:

So it happened just once or he or she can reproduce it by closing and opening the lid at any time?

We did not try to reproduce problem. I will ask user to repeat same process and give you feedback.

Link to comment
Share on other sites

  • Administrators

An important remark for those who have installed an older version of Endpoint 6.6 recently. If you don't want to upgrade to the latest Endpoint v7.1 for a reason, make sure to install the latest v6.6. Older v6.6 versions contain an eelam driver with an older certificate so if you have recently installed it on Windows 8.1 or newer it won't be able to load modules.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...