Jump to content

Version 15.0.21.0


Recommended Posts

  • ESET Insiders

 

In the above version, the Live Grid does not work at all, with every new build, new surprises and once again the question, what is going on with you? From build to build bug, at some point it's enough!!!

Link to comment
Share on other sites

  • Administrators

There were no changes in LiveGrid made in recent versions. Please carry  on as follows:

  1. Enable advanced logging under Help and support -> Technical support
  2. Reproduce the issue
  3. Disable logging
  4. Collect logs with ESET Log Collector and provide the generated archive.
Link to comment
Share on other sites

  • Administrators

Please try to run ELC once again, for some reason it looks like the archive was split into multiple volumes but ELC generates only a single-volume archive:

image.png

If I skip this, many files are empty.

Link to comment
Share on other sites

Since you use the firewall in Interactive mode, make sure you don't have a rule that is blocking inbound and outbound traffic for ekrn.exe. You can also check for connectivity; i.e. ping, to the following IP addresses:

Quote

To use the online reputation database (ESET LiveGrid):

Ensure the following ports are open: TCP 80, TCP 53535, UDP 53535

The IP addresses below have to be enabled for HTTP port 80

Access to your local DNS server is required for DNS queries on UDP port 53

Hostnames

h1-c01.eset.com

h1-c02.eset.com

h1-c03.eset.com

h1-c04.eset.com

h1-c05.eset.com

h3-c01.eset.com

h3-c02.eset.com

h3-c03.eset.com

h3-c04.eset.com

h5-c01.eset.com, 38-90-226-11.ptr.eset.com

h5-c02.eset.com, 38-90-226-12.ptr.eset.com

h5-c03.eset.com, 38-90-226-13.ptr.eset.com

IP addresses

91.228.166.45

91.228.166.46

91.228.165.43

91.228.165.44

91.228.166.52

91.228.167.137

91.228.167.43

91.228.167.46

91.228.167.103

38.90.226.11

38.90.226.12

38.90.226.13

Domains used by ESET LiveGrid:

Hostnames

a.cwip.eset.com

ae.cwip.eset.com

avcloud.e5.sk

c.cwip.eset.com

ce.cwip.eset.com

dnsj.e5.sk

dnsje.e5.sk

i1.cwip.eset.com

i1e.cwip.eset.com

i3.cwip.eset.com

i4.cwip.eset.com

i4e.cwip.eset.com

u.cwip.eset.com

ue.cwip.eset.com

c.eset.com

a.c.eset.com

u.eset.com

i1.c.eset.com

i3.c.eset.com

i4.c.eset.com

i5.c.eset.com

These IP addresses need to be enabled for HTTP port 80. Also, access to your local DNS server is required for DNS queries on UDP port 53.

https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-eset-product-with-a-third-party-firewall#esetlivegrid

Edited by itman
Link to comment
Share on other sites

  • ESET Insiders
2 hours ago, itman said:

Since you use the firewall in Interactive mode, make sure you don't have a rule that is blocking inbound and outbound traffic for ekrn.exe. You can also check for connectivity; i.e. ping, to the following IP addresses:

https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-eset-product-with-a-third-party-firewall#esetlivegrid

Itman the ports are all released, since the firewall will probably be a bit spinning, even that is nothing new!

 

Itman there must be something wrong, because if Live Grid is not reachable, it is actually reported in Esets Gui, but none of it is reported.

Edited by SlashRose
Link to comment
Share on other sites

  • Administrators

Diagnostic logging didn't show any issues with LiveGrid:

18.12.2021 17:31 ESET Kernel Anonymous statistical data was transferred to ESET.
18.12.2021 17:31 ESET Kernel Detection Engine was successfully updated to version 24477 (20211218).
18.12.2021 16:54 ESET Kernel Anonymous statistical data was transferred to ESET.
18.12.2021 16:54 ESET Kernel Detection Engine was successfully updated to version 24476 (20211218).
18.12.2021 10:52 ESET Kernel Extended logging stopped and logs were created.
18.12.2021 10:51 Update Updater: retval = 0x5003, failures: 0, profile: @My profile, trigger: ConfigChange
18.12.2021 10:51 ESET Kernel Extended logging started.
18.12.2021 10:51 Update Updater: Switch modules type retval = 0x00005007 [NOT NEED]
18.12.2021 9:50 ESET Kernel Anonymous statistical data was transferred to ESET.
18.12.2021 9:50 ESET Kernel Detection Engine was successfully updated to version 24475 (20211218).
16.12.2021 16:45 ESET Kernel Detection Engine was successfully updated to version 24466 (20211216).
16.12.2021 13:32 ESET Kernel Anonymous statistical data was transferred to ESET.
16.12.2021 13:32 ESET Kernel Detection Engine was successfully updated to version 24465 (20211216).
16.12.2021 12:48 ESET Kernel Anonymous statistical data was transferred to ESET.

How does the issue manifest?

Link to comment
Share on other sites

1 hour ago, SlashRose said:

Itman there must be something wrong, because if Live Grid is not reachable, it is actually reported in Esets Gui, but none of it is reported.

Are you stating that Eset GUI shows no alert about LiveGrid not accessible, but you see no Eset submission entries to LiveGrid in Eset Event log?

Or, you have LiveGrid submission Event log entries, but you are not receiving any Eset popup notifications for these submissions?

There was an issue in the initial release of ver. 15 about the LiveGrid submission popup notifications not being shown which I reported in the forum. It has been subsequently fixed and I am now receiving submission popup notifications.

Edited by itman
Link to comment
Share on other sites

  • ESET Insiders

Here the Screenshot! And do you notice Marcos, no matter what, it always comes that everything is ok, for what then the constant creation of the logs?

 

Live Grid.JPG

Edited by SlashRose
Link to comment
Share on other sites

2 hours ago, SlashRose said:

Here the Screenshot! 

This doesn't show anything related to your problem. You didn't answer my previously posted questions.

As it stands right now, I have still no clue as to what your LiveGrid issues are. Perform this test: https://www.amtso.org/feature-settings-check-cloud-lookups/ . If Eset generates a detection alert for it, LiveGrid is functioning properly.

Edited by itman
Link to comment
Share on other sites

  • Administrators

Just to make sure, did you continue as follows?

- enabled advanced logging
- opened Running processes
- after a while disabled adv. logging ?

In case when there's a problem with LG communication (e.g. if network is disconnected), the following is logged:
"encrypted Http LiveGrid request to c.eset.com ended up with error 21202"

Also the SysInspector log that you generated with ELC contains LiveGrid data so it doesn't look like a communication problem. Please let us know if the CloudCar test file is detected upon download as itman asked.

Link to comment
Share on other sites

  • ESET Insiders
8 hours ago, itman said:

This doesn't show anything related to your problem. You didn't answer my previously posted questions.

As it stands right now, I have still no clue as to what your LiveGrid issues are. Perform this test: https://www.amtso.org/feature-settings-check-cloud-lookups/ . If Eset generates a detection alert for it, LiveGrid is functioning properly.

Are you sure ESET detects this? I have LiveGrid enabled and nothing is detected.

Link to comment
Share on other sites

  • ESET Insiders

The file as seen in the screenshot is recognized, but why time LiveGrid this image from the previous post????

Marcos I had as from the log yes to be seen, the extended logging activated!

 

@Itman, No Itman, I get as above written, neither in the Gui a warning displayed, nor in the event log, Itman you can see from the screenshot but that something is going wrong in Live Grid, but what is the question now?

Eset.JPG

Edited by SlashRose
Link to comment
Share on other sites

1 hour ago, SlashRose said:

Again, you can see that it doesn't really work.

OK. I now understand your issue.

Eset is not populating LiveGrid reputation status data; on the Connected Network Connections display, or on any other display it appears. Aside from that issue, it appears LiveGrid is functional as evidenced by your installation detecting AMTSO Cloudcar test.

Refer to the below screen shot and verify the highlighted setting is enabled:

Eset_Reputation.thumb.png.0b169ff030e6717389ea814a44be7ba7.png

If this setting is enabled, you might have to reinstall Eset to get this feature working again.

Link to comment
Share on other sites

2 minutes ago, itman said:

If this setting is enabled, you might have to reinstall Eset to get this feature working again.

Another factor here is it appears you are using a VPN and that might be interfering with the LiveGrid data download. As a test, disable VPN and determine if LiveGrid reputation data is now being populated in your installation.

Link to comment
Share on other sites

At this point, it appears to me something is corrupted with your ver. 15.0.21 installation. I again recommend uninstalling it after exporting your existing settings, then reinstall it and import your previously saved settings.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...