Jump to content

ESET Internet Security: ESET Firewall status update in Windows Security Center failed

taquionbcn
 Share

Recommended Posts

taquionbcn

taquionbcn 0

Posted
  • Author
Posted (edited)

Hi,

Quote

Is your computer in domain? 

yes, at CERN domain but it has been at this domain for the las 2 years

Quote

Per the below screen shot, verify that Windows Security Service is running and its Startup type is set to Manual

Done, it is in manual and running

image.thumb.png.92da1402712ff87583a861ac97d67160.png

If i disable the protection from the system tray icon i get the above result.

image.thumb.png.b68997dc9d9243f85a131d9991e66c09.png

If I do it from the Advanced setup it seems to work and stop using nod32 to start using windows defender.

image.thumb.png.722cb609878d1eedded6f901208e25f0.png

and then back to normal.

image.png.8df24dd980becf95f86c8cf7a6243518.png

What is not shown in the static image is that the above options are flickering as if there where updated every 5 seconds

 

Edited by taquionbcn
Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted
2 hours ago, taquionbcn said:

What is not shown in the static image is that the above options are flickering as if there where updated every 5 seconds

It really appears everything is OK with Windows Security Center and Eset's registration of itself within.

I would think that this flickering you are observing is more related to an issue with your graphics card/chip. Or possibly an issue with the driver/s it is using.

Link to comment
Share on other sites
taquionbcn

taquionbcn 0

Posted
  • Author
Posted

 

Quote

I would think that this flickering you are observing is more related to an issue with your graphics card/chip. Or possibly an issue with the driver/s it is using.

I don't think so, no other flicker anywhere and I do intense use of the nvidia this days, for simulations with cuda and gaming , also if I disable nod32 real -time and windows defender is enabled(automatically) as shown in the second figure of previous post there is no flicker.

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted
36 minutes ago, taquionbcn said:

 

I don't think so, no other flicker anywhere and I do intense use of the nvidia this days, for simulations with cuda and gaming , also if I disable nod32 real -time and windows defender is enabled(automatically) as shown in the second figure of previous post there is no flicker.

Are you still getting update errors in the Eset Event log?

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted (edited)

At this point, I would say that something in Windows Security Center is corrupted preventing Eset from properly registering there. Also whatever the issue is, it appears that Eset is indeed being initialized in WSC correctly but Eset is not recognizing this and is creating the log entries being observed.

Another possibility is there is an issue for some reason with Eset's ELAM driver. Win 10 verifies that this driver is loaded and functioning properly and this activity is factored into WCS initialization processing.

There also might a permissions issue in regards to Eset being able to access WSC settings, possibly in the Registry, to properly initialize itself in WSC.

I have searched for articles on how to repair WSC and have come up empty. There are articles on how to reset Windows 10 security settings back to default that you might want to try. The final alternative is to run a Win 10 Repair which will keep all your files in place. You will however have to reinstall all your apps including Eset.

Edited by itman
Link to comment
Share on other sites
  • ESET Staff
JozefG

JozefG 9

Posted
  • ESET Staff
Posted

According to provided PML we know what causes  this access denied.

It is wscsvc failing to open these registry keys on read/write disposition 

HKLM\SOFTWARE\Microsoft\Security Center\Provider\Av\{885D845F-AF19-0124-FECE-FFF49D00F440}
HKLM\SOFTWARE\Microsoft\Security Center\Provider\Fw\{B066057A-E576-007C-D591-56C163D3B33B}

@taquionbcn can you please check the permissions for these registry keys? Both of these keys should inherit permissions from Av and Fw keys respectively. On my virtual machine it looks like this for Av and similarly for Fw.

image.png

Link to comment
Share on other sites
taquionbcn

taquionbcn 0

Posted
  • Author
Posted

ok, that works, windows security windows stop flickering and the events logs of nod32 is not throwing  the status update failure.

Thanks!

Link to comment
Share on other sites
itman

itman 1,659

Posted
Posted (edited)

I see other issues here.

As far as these keys are concerned:

13 hours ago, JozefG said:

HKLM\SOFTWARE\Microsoft\Security Center\Provider\Av\{885D845F-AF19-0124-FECE-FFF49D00F440} HKLM\SOFTWARE\Microsoft\Security Center\Provider\Fw\{B066057A-E576-007C-D591-56C163D3B33B}

My Groups or use names correspond exactly to what @JozefG posted. Any other entries there are suspect. You might want find something that will set your registry permissions back to Win 10 defaults. Or proceed with a Win 10 repair or fresh install.

Edited by itman
Link to comment
Share on other sites
taquionbcn

taquionbcn 0

Posted
  • Author
Posted

Hi @itman changing the permissions that @JozefG said did the trick.

When this crisis is passed and I go back to my office I will do a fresh install to do a clean up, this W10 has been installed for 2 years, that's to much time for windows 😉

Thanks.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...