Jump to content

Recommended Posts

Posted

Hoping for a quick response on this one!

 

I have a managed service client who I deployed v6 ERA to.  Everything has been working great, but they wanted to test the policy Security Product for Windows - Visibility - Invisible Mode as they want to truly make AV invisible to the end user (or as close to it as they can get).  So they applied the policy to a group of about 20 computers, and restarted them.  Now, the ekrn.exe process has stopped - that is to say, the computers came back from a reboot, and the ekrn.exe process didn't start. 

 

Is that how invisible mode works?  Are these computers still protected?  Or did something go wrong?

 

Thanks~

  • Administrators
Posted

Did you get an error message that ekrn.exe could not start? Do you see any such error in the system event log?

Posted

Maybe - I can look!  I thought perhaps this was because of the invisible mode policy.  I wasn't sure how it was supposed to work from the description and couldn't find a KB on it or anything in the user guide (that's not to say that there isn't anything, but maybe that I just missed it).  I'll check the logs

Posted

So, I'm waiting for a call back from this customer for permission to connect to one of these computers. 

 

Can anyone explain how Invisible Mode is supposed to work? 

  • Administrators
Posted

It's not clear what mode you mean by invisible as the following options are available: Full, Minimal, Manual, Silent. Perhaps you mean silent mode, don't you?

Anyways, regardless of what mode you choose egui.exe and ekrn.exe must remain running.

Posted

In the ERA v6, in Admin -> Policies, there is a pre-existing policy that comes with the ERA Web Console, so I'm assuming it was built by ESET.  The title of the policy is Security Product for Windows - Visibility - Invisible Mode

 

That is what I am referring to. 

Posted

Description: Disabled Notifications, Alerts, GUI, integration to the context menu.  No egui.exe will run.  Suitable for management solely from ERA.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...