Jump to content

Security Product for Windows - Visibility - Invisible Mode - Help?

LocknetSSmith
 Share

Recommended Posts

LocknetSSmith

LocknetSSmith 6

Posted
Posted

Hoping for a quick response on this one!

 

I have a managed service client who I deployed v6 ERA to.  Everything has been working great, but they wanted to test the policy Security Product for Windows - Visibility - Invisible Mode as they want to truly make AV invisible to the end user (or as close to it as they can get).  So they applied the policy to a group of about 20 computers, and restarted them.  Now, the ekrn.exe process has stopped - that is to say, the computers came back from a reboot, and the ekrn.exe process didn't start. 

 

Is that how invisible mode works?  Are these computers still protected?  Or did something go wrong?

 

Thanks~

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,074

Posted
  • Administrators
Posted

Did you get an error message that ekrn.exe could not start? Do you see any such error in the system event log?

Link to comment
Share on other sites
LocknetSSmith

LocknetSSmith 6

Posted
  • Author
Posted

Maybe - I can look!  I thought perhaps this was because of the invisible mode policy.  I wasn't sure how it was supposed to work from the description and couldn't find a KB on it or anything in the user guide (that's not to say that there isn't anything, but maybe that I just missed it).  I'll check the logs

Link to comment
Share on other sites
LocknetSSmith

LocknetSSmith 6

Posted
  • Author
Posted

So, I'm waiting for a call back from this customer for permission to connect to one of these computers. 

 

Can anyone explain how Invisible Mode is supposed to work? 

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,074

Posted
  • Administrators
Posted

It's not clear what mode you mean by invisible as the following options are available: Full, Minimal, Manual, Silent. Perhaps you mean silent mode, don't you?

Anyways, regardless of what mode you choose egui.exe and ekrn.exe must remain running.

Link to comment
Share on other sites
LocknetSSmith

LocknetSSmith 6

Posted
  • Author
Posted

In the ERA v6, in Admin -> Policies, there is a pre-existing policy that comes with the ERA Web Console, so I'm assuming it was built by ESET.  The title of the policy is Security Product for Windows - Visibility - Invisible Mode

 

That is what I am referring to. 

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...