Danutak 3 Posted September 10, 2021 Share Posted September 10, 2021 This is constant after last update all ports udp/TCP , 80,443,53535 are open the vpn is off still not updating, What is going on, Do not tell me to do the log , tried it does nto work for me, Windows10 64 b Link to comment Share on other sites More sharing options...
itman 1,742 Posted September 10, 2021 Share Posted September 10, 2021 Perform this cloud connectivity test: https://www.amtso.org/feature-settings-check-cloud-lookups/. Eset should detect as shown in the below screen shot: Link to comment Share on other sites More sharing options...
Danutak 3 Posted September 10, 2021 Author Share Posted September 10, 2021 (edited) 3 hours ago, itman said: Perform this cloud connectivity test: https://www.amtso.org/feature-settings-check-cloud-lookups/. Eset should detect as shown in the below screen shot: Yes it dl the cloud.exe. the same screen except the Tread removed . I have no idea what it means, but it is not all the time tat it is not accessing live grid, Just few times a day , It should not do it . Never before I had any problem with eset, thank you very much If you are able to download this file successfully, your anti-malware product is NOT configured correctly to use cloud-based resources, or DOES NOT conform to industry best practice. So what should I do now? Edited September 10, 2021 by Danutak Link to comment Share on other sites More sharing options...
New_Style_xd 69 Posted September 10, 2021 Share Posted September 10, 2021 13 minutes ago, Danutak said: Yes it dl the cloud.exe. the same screen except the Tread removed . I have no idea what it means, but it is not all the time tat it is not accessing live grid, Just few times a day , It should not do it . Never before I had any problem with eset, thank you very much If you are able to download this file successfully, your anti-malware product is NOT configured correctly to use cloud-based resources, or DOES NOT conform to industry best practice. So what should I do now? It could also be that you are not connected to the internet, so it looks like that. Link to comment Share on other sites More sharing options...
Danutak 3 Posted September 11, 2021 Author Share Posted September 11, 2021 I am connected to the internet, It is the friggin last update Link to comment Share on other sites More sharing options...
Administrators Marcos 5,235 Posted September 11, 2021 Administrators Share Posted September 11, 2021 Please enable advanced logging under Help and support -> Technical support, then repeat the test with CloudCar. Next disable logging, collect logs with ESET Log Collector and upload the generated archive here. Link to comment Share on other sites More sharing options...
Danutak 3 Posted September 11, 2021 Author Share Posted September 11, 2021 I had eanabled sorry I have no idea how to make logs Link to comment Share on other sites More sharing options...
itman 1,742 Posted September 11, 2021 Share Posted September 11, 2021 2 hours ago, Danutak said: I had eanabled sorry I have no idea how to make logs Follow instructions given here: https://support.eset.com/en/kb3466-how-do-i-use-eset-log-collector . Link to comment Share on other sites More sharing options...
itman 1,742 Posted September 11, 2021 Share Posted September 11, 2021 14 hours ago, Danutak said: Yes it dl the cloud.exe. the same screen except the Tread removed . Sometimes it takes a few secs. for Eset to connect to its cloud servers and the detection alert to appear. Repeat the AMTSO test but wait at least 10 - 20 secs. for the Eset alert to appear. Link to comment Share on other sites More sharing options...
Solution itman 1,742 Posted September 11, 2021 Solution Share Posted September 11, 2021 19 hours ago, Danutak said: This is constant after last update all ports udp/TCP , 80,443,53535 are open the vpn is off still not updating, Also make sure you haven't created any Eset custom firewall rule that conflicts with the default ekrn rule that allows all inbound and outbound traffic for ekrn.exe. Of note is ekrn.exe needs constant TCP access to port 8883. Link to comment Share on other sites More sharing options...
Danutak 3 Posted September 11, 2021 Author Share Posted September 11, 2021 (edited) 7 hours ago, itman said: Follow instructions given here: https://support.eset.com/en/kb3466-how-do-i-use-eset-log-collector . thank you so much , How long it takes to generate the logs, so far is gray and can not change It shows the filtered binary can not change to original binary from disk, or save it. I changed first and it showed in my folder , I have no idea if that is what Marcos need . Thank you for your link to tutorial essp_logs.zip Edited September 11, 2021 by Danutak Link to comment Share on other sites More sharing options...
Danutak 3 Posted September 11, 2021 Author Share Posted September 11, 2021 6 hours ago, itman said: Also make sure you haven't created any Eset custom firewall rule that conflicts with the default ekrn rule that allows all inbound and outbound traffic for ekrn.exe. Of note is ekrn.exe needs constant TCP access to port 8883. TCP port 8883 is open thank you, you are kind and helpful. I do appreciate it Link to comment Share on other sites More sharing options...
Administrators Marcos 5,235 Posted September 12, 2021 Administrators Share Posted September 12, 2021 9 hours ago, Danutak said: thank you so much , How long it takes to generate the logs, so far is gray and can not change It shows the filtered binary can not change to original binary from disk, or save it. I changed first and it showed in my folder , I have no idea if that is what Marcos need . Thank you for your link to tutorial. Unfortunately the uploaded file is 0 bytes in size. Please try uploading it again. Link to comment Share on other sites More sharing options...
Danutak 3 Posted September 12, 2021 Author Share Posted September 12, 2021 Yes the log collector does not work at all, but I had seen advice about port 8883, opened it and from this moment my software updates correctly. Maybe this was a problem, It is updating for 12 hours with no problem itman I think you were right! Thank you so much Link to comment Share on other sites More sharing options...
ESET Insiders SlashRose 25 Posted September 12, 2021 ESET Insiders Share Posted September 12, 2021 35 minutes ago, Danutak said: itman I think du hattest Recht! Vielen Dank itman is almost always right, is here the best man on forum. Danutak 1 Link to comment Share on other sites More sharing options...
Danutak 3 Posted September 12, 2021 Author Share Posted September 12, 2021 1 hour ago, SlashRose said: itman is almost always right, is here the best man on forum. He is a jewel in this forum, I do appreciate help I always get here Thank you everyone Link to comment Share on other sites More sharing options...
itman 1,742 Posted September 12, 2021 Share Posted September 12, 2021 (edited) What I beleive the issue here is you have created a bunch of custom firewall rules and they were interfering with required ekrn.exe network communication. Note that Eset firewall rules are parsed from the rule set in top to bottom order. It is always best to always add custom rules at the bottom of the existing default rule set, which is done by default, unless you fully understand what you are doing. The only exception to this are unblocking rules created by the Eset Network wizard and when deploying those, best to review the rules created. Of note is these wizard created rules are permissive ones in that a possible firewall vulnerability could be created. Edited September 12, 2021 by itman Link to comment Share on other sites More sharing options...
Danutak 3 Posted September 12, 2021 Author Share Posted September 12, 2021 3 hours ago, itman said: What I beleive the issue here is you have created a bunch of custom firewall rules and they were interfering with required ekrn.exe network communication. Note that Eset firewall rules are parsed from the rule set in top to bottom order. It is always best to always add custom rules at the bottom of the existing default rule set, which is done by default, unless you fully understand what you are doing. The only exception to this are unblocking rules created by the Eset Network wizard and when deploying those, best to review the rules created. Of note is these wizard created rules are permissive ones in that a possible firewall vulnerability could be created. I thought it is solved , finally i got the log uploading now Thank you Itman Maybe Marcos will see it , No I am not that knowledgeable. I trust in software , that all. I do not understand how exactly it works. Sorry essp_logs.zip Link to comment Share on other sites More sharing options...
Recommended Posts