Jump to content

Real-time file system protection is non-functional 


robg
 Share

Recommended Posts

I think this is the same problem I had previously that resolved itself. 

 

 

What seems to happen is after the Agent has been updated then until a user, any user, logs in it will say real-time file system protection is disabled. If i log in and get the logs it will show nothing is wrong.

ESET Endpoint Antivirus ESET, spol. s r.o. 7.3.2039.0 204 yes 7.3.2039.0  Up-to-date version en_US
ESET Management Agent ESET, spol. s r.o. 7.2.1266.0 389 yes 7.2.1266.0  Up-to-date version en_US
Real-time file system protection is non-functional  This functionality could not be started and your computer is not protected against some types of threats.
Link to comment
Share on other sites

  • Administrators

Please carry on as follows:
- in the adv.setup -> tools -> diagnostics, change the dump type to Complete and click OK
- click Create (dump) in the same setup panel
- collect logs with ESET Log Collector and upload the generated file here.

Link to comment
Share on other sites

Can i zip it up with 7 zip and attach it here, tried to run log collecter and it failed with 

2020 Aug 13 14:33:33 Operating system Running Task started  
2020 Aug 13 14:33:33 ESET Management Agent Starting Starting task  
2020 Aug 13 14:32:01 Operating system Failed Log collector archive is too big to be transferred. Log collector output exceeded 150MB and will not be transferred
Link to comment
Share on other sites

  • Administrators

C:\ProgramData\ESET\ESET Endpoint Antivirus\Diagnostics\ is empty, ie. a dump of ekrn was not generated via the advanced setup -> tools -> diagnostics -> create (dump).

Link to comment
Share on other sites

  • Administrators

The dump looks ok and real-time protection appears to work. Could you test it with the eicar test file? If you temporarily pause web access protection and download eicar, is it detected by real-time protection?

https://secure.eicar.org/eicar.com

Link to comment
Share on other sites

Thanks for looking at it, Yes it is detected when I log in and test it. The Real-time file system protection is non-functional warning on ESMC also clears as soon as any user local or domain with any permissions logs into a machine so it looks like a false positive from ESMC or something in our setup that is blocking something ESET needs to do until a user logs on that is causing the agent to report to ESMC that real-time is not functional when it is. Remote powershell sessions don't clear the warning but RDP do.

 

ESET Security Management Center (Server), Version 7.2 (7.2.2236.0)
ESET Security Management Center (Web Console), Version 7.2 (7.2.230.0)
Copyright (c) 1992-2020 ESET, spol. s r.o. All Rights Reserved.

End-user license agreement

CentOS (64-bit), Version 7.8.2003
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...