Kurt234 0 Posted December 6, 2023 Share Posted December 6, 2023 On 11/30/2023 at 9:44 AM, Marcos said: The Configuration module 2099.6 addresses storing files in users' roaming folders (AppData/Roaming) which didn't turn out sufficient. The next version of the Configuration engine should help in cases when the whole user profile is deleted on logoff. M_CNFENG-1821 Hi, when is the next version released? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted December 6, 2023 Administrators Share Posted December 6, 2023 Configuration module 2099.7 addressing the issue is going to be released on the pre-release update channel today, with gradual release on the regular update channel to follow then. Link to comment Share on other sites More sharing options...
BobK 1 Posted December 9, 2023 Share Posted December 9, 2023 On 11/30/2023 at 8:44 AM, Marcos said: The Configuration module 2099.6 addresses storing files in users' roaming folders (AppData/Roaming) which didn't turn out sufficient. The next version of the Configuration engine should help in cases when the whole user profile is deleted on logoff. M_CNFENG-1821 Yes! can confirm still a really irksome issue on Configuration Module 2099.6 and Endpoint Security 11.0.2032.0 win 1110.0.22621 Build 22621. Link to comment Share on other sites More sharing options...
ESET Staff JozefG 10 Posted December 9, 2023 ESET Staff Share Posted December 9, 2023 Please try to switch to prerelease update channel. There is configuration module 2099.7, which should help with the issue. It is scheduled to be released on Monday. Link to comment Share on other sites More sharing options...
IT-user 1 Posted December 11, 2023 Author Share Posted December 11, 2023 On 12/9/2023 at 11:43 AM, JozefG said: Please try to switch to prerelease update channel. There is configuration module 2099.7, which should help with the issue. It is scheduled to be released on Monday. If you've switched to the prerelease channel, could you easily switch back to normal channel? I don't want my clients to run sort of beta-software. Only to solve this annoying problem, I think it would be helpful to go to pre-release channel. Link to KB article on how to change update channel. Link to comment Share on other sites More sharing options...
Jamie Reader 0 Posted December 19, 2023 Share Posted December 19, 2023 Hi folks, I'm seeing this issue in our office with a handful of users. We have just migrated up from 10.x to 11.x to see if that fixed the issue (now we have the configuration module 2099.7). Sadly it still seems to be an issue on our machines Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted December 19, 2023 Administrators Share Posted December 19, 2023 2 hours ago, Jamie Reader said: Sadly it still seems to be an issue on our machines Does switching to the pre-release update channel make a difference with the Configuration module 2099.8? Link to comment Share on other sites More sharing options...
Kay Wokke 0 Posted December 21, 2023 Share Posted December 21, 2023 Over here we have exactly the same issue on our HP laptops a handfull of users experience those problems. Right now i change to pre-release update channel but it won't download the 2099.8 im still on 2099.7 Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted December 21, 2023 Administrators Share Posted December 21, 2023 1 hour ago, Kay Wokke said: Over here we have exactly the same issue on our HP laptops a handfull of users experience those problems. Right now i change to pre-release update channel but it won't download the 2099.8 im still on 2099.7 The Configuration module 2099.8 is available on the pre-release update channel for server products. It is not clear what issue you are referring to since 2099.7 should address the issue with locked temporary user profile folders. To my best knowledge, 2099.8 addresses one more type of ekrn crashes. Link to comment Share on other sites More sharing options...
Andrej Kuk 0 Posted December 21, 2023 Share Posted December 21, 2023 We have the same issue. Only on some HP laptops. Seems that apply only on one model Probook 450 G8. Got to be some preinstalled software that conficts with Eset. Tried to stop some HP services form startup but the issue still presist. If the user logs fast it wont let him log. If user waits few mintues before entering password it logs on normaly. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted December 21, 2023 Administrators Share Posted December 21, 2023 1 hour ago, Andrej Kuk said: Tried to stop some HP services form startup but the issue still presist. If the user logs fast it wont let him log. If user waits few mintues before entering password it logs on normaly. Do you have the issue even with the Configuration module 2099.7? Link to comment Share on other sites More sharing options...
Andrej Kuk 0 Posted December 21, 2023 Share Posted December 21, 2023 8 minutes ago, Marcos said: Do you have the issue even with the Configuration module 2099.7? yes, we are on 2099.7 Link to comment Share on other sites More sharing options...
hack-the-planet 0 Posted December 27, 2023 Share Posted December 27, 2023 Same here, Have the problem persists since several weeks, also after updating to the mentioned "fixed" version. Here are the details: Event Logs: User hive is loaded by another process (Registry Lock) Process name: C:\Program Files\ESET\ESET Security\ekrn.exe, PID: 4104, ProfSvc PID: 2512. User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 1588, ProfSvc PID: 2512. Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account. DETAIL - Access is denied. Eset-Module-Versions: See attached file. Hope you can fix it finally, as it is extremely annoying to loose time every day with restarting and hoping that the problem does not appear at the next start. Thank you, Michael Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted December 27, 2023 Administrators Share Posted December 27, 2023 3 hours ago, hack-the-planet said: Same here, Have the problem persists since several weeks, also after updating to the mentioned "fixed" version. Please raise a support ticket since it will need to be investigated by developers. Link to comment Share on other sites More sharing options...
hack-the-planet 0 Posted December 28, 2023 Share Posted December 28, 2023 18 hours ago, Marcos said: Please raise a support ticket since it will need to be investigated by developers. Hi Marcos, I created a Support ticket and hope they will solve it soon. Link to comment Share on other sites More sharing options...
Jamie Reader 0 Posted January 3 Share Posted January 3 Yeah I've created a support ticket too, but not had any response or confirmation Link to comment Share on other sites More sharing options...
hack-the-planet 0 Posted January 4 Share Posted January 4 I just got a reply, they try to waste even more time instead of start solving the problem: They asked what the issue is, although I sent the link to this forum and my post above. Annoying! Link to comment Share on other sites More sharing options...
hack-the-planet 0 Posted January 6 Share Posted January 6 Hey Marcos It looks like I have no chance to reach a true engineer at the support: After wasting time they just replied about collecting the data with a logger and forcing the problem to happen. Obviously, this is not possible since it happens before login what makes clear the support does not even understand what the issue is. (due to some reason they answered in German, so I cannot just copy their text here). So I kindly ask you to report the problem internally to true engineers, I cannot waste more of my valuable time with them. And additionally it is unreasonable to wait longer with even starting to solve this issue! Thank you for your support in this matter. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted January 7 Administrators Share Posted January 7 18 hours ago, hack-the-planet said: it happens before login Honestly it is not clear to me why Windows would load and unload user's registry hive before login. The issue that we solved was with releasing the handle upon logoff. How can we reproduce it? Link to comment Share on other sites More sharing options...
hack-the-planet 0 Posted January 7 Share Posted January 7 I would try to investigate and solve the issue with Microsoft. They must know why and when the registry is loaded before login. Here are the details of the machine: HP EliteBook 840 14 inch G10 Notebook Processor 13th Gen Intel(R) Core(TM) i7-1370P 1.90 GHz Installed RAM 32.0 GB (31.6 GB usable) Product ID 00355-61118-13693-AAOEM System type 64-bit operating system, x64-based processor Pen and touch No pen or touch input is available for this display Edition Windows 11 Pro Version 23H2 Installed on 24/11/2023 OS build 22631.2861 Experience Windows Feature Experience Pack 1000.22681.1000.0 Maybe relevant: Bitlocker is enabled. Issue occurs with and without being connected to dockingstation, as well as on battery and on AC. So it is also not related to an ethernet connection. It does not occure at every start (fortunately), so to be able to work, logging in to the temporary profile and then restart the Notebook (mostly once is enough) allows to properly login. I didn't (yet) observe anything which can force the problem to happen. The computer has some SMB network drives connected, as well as some network printers. Acronis True image (V 2020, Build 38600) is also installed. Device is NOT member of an AD and is NOT connected to a Microsoft account (despite Microsoft aggressively forces to do so). Maybe other affected customers can provide details too. Maybe there are some correlating things which may give more insight (assuming not all Win 11 users suffer from the problem). Thank you. Link to comment Share on other sites More sharing options...
Jamie Reader 0 Posted January 8 Share Posted January 8 On 1/7/2024 at 11:05 AM, hack-the-planet said: ... Maybe relevant: Bitlocker is enabled. Issue occurs with and without being connected to dockingstation, as well as on battery and on AC. So it is also not related to an ethernet connection. It does not occure at every start (fortunately), so to be able to work, logging in to the temporary profile and then restart the Notebook (mostly once is enough) allows to properly login. I didn't (yet) observe anything which can force the problem to happen. The computer has some SMB network drives connected, as well as some network printers. Acronis True image (V 2020, Build 38600) is also installed. Device is NOT member of an AD and is NOT connected to a Microsoft account (despite Microsoft aggressively forces to do so). ... Interestingly, ours are all HP machines, all running bitlocker, some are on docking stations, some not. Same that ours are also not connecting to AD/domains or Microsoft accounts, but have SMB networking and VPN connections. Similarly we have some Windows 10 and 11 machines impacted, but it's all sporadic and not every time the machines boot. Link to comment Share on other sites More sharing options...
Andrej Kuk 0 Posted January 8 Share Posted January 8 No BItlocker here. Clients connecting to AD. Same as Jamie said, it doesnt happen every time, and surely doesnet happen when you wait before entering pass at logon. I have a laptop from the same HP G8 series which was deleted and freshly installed without HP software, no problems on that one. Hope that helps. Link to comment Share on other sites More sharing options...
ESET Staff JozefG 10 Posted January 8 ESET Staff Share Posted January 8 On 1/7/2024 at 9:49 AM, Marcos said: Honestly it is not clear to me why Windows would load and unload user's registry hive before login. The issue that we solved was with releasing the handle upon logoff. How can we reproduce it? Since some time ago (around Win10 RS3), windows automatically logs you in and immediately locks, so you are unlocking your PC not logging in. That could be why the hive is loaded before what you see as login. @Andrej Kuk @Jamie Reader@hack-the-planet what are the products used and their versions? Peter Randziak 1 Link to comment Share on other sites More sharing options...
IT-user 1 Posted January 9 Author Share Posted January 9 Hello, Here is also some relevant info about our environment: HP laptops (mixture probooks + Elitebooks) with Windows 11 pro with bitlocker enabled NOT domain/AD joined - no microsoft account Eset products: Endpoint security 10.1.2058.0 Configuration module 2099.7 Detection Engine 28539 The problem is less present since I've started this topic (early November) but it still persists for some users. Let me know if you need more information. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,257 Posted January 9 Administrators Share Posted January 9 Could you try switching to the pre-release update channel at least some of the troublesome machines to check if the issue persists with the latest Configuration module 2099.8? Link to comment Share on other sites More sharing options...
Recommended Posts