kit 2 Posted December 11, 2015 Share Posted December 11, 2015 Hi All, I have about 17 computers in ERA that are reporting what I believe to be false security warnings. When I view the security notifications in ERA, it says that "Windows Security Center indicates that the feature is not installed or is not running properly" for both Anti-Virus and Firewall. When I check ESET on these computers locally, the protection status say Maximum Protection on all of them. Windows Security Center also does not report any issues. Is there any reason why these security warnings are displaying in ERA? For what it's worth, these are all new computers that were recently set up. They are all running Windows 7 with v6.2.190.0 of the ERA Agent and v6.2.2033.0 of EES. Thank you Link to comment Share on other sites More sharing options...
Administrators Marcos 3,878 Posted December 12, 2015 Administrators Share Posted December 12, 2015 Did you install Endpoint v6 over an older version or it was a clean install? Link to comment Share on other sites More sharing options...
kit 2 Posted December 14, 2015 Author Share Posted December 14, 2015 Hi Marcos, This was a clean install on brand new computers that were recently set up with a fully patched version of Windows 7. Thank you Link to comment Share on other sites More sharing options...
ESET Staff MartinK 351 Posted December 15, 2015 ESET Staff Share Posted December 15, 2015 Hello, Could you plese temporarily disable HIPS protection in EES and verify whether it helped? Link to comment Share on other sites More sharing options...
kit 2 Posted December 15, 2015 Author Share Posted December 15, 2015 Hi MartinK, it doesn't look like I can disable HIPS from the GUI, which means it would need to be disabled from within our policy in ERA. Unfortunately, the way our policy is set up, if I disable HIPS, it will disable it for all computers. Is there an easier way to do this? Link to comment Share on other sites More sharing options...
ESET Staff MartinK 351 Posted December 16, 2015 ESET Staff Share Posted December 16, 2015 Hi MartinK, it doesn't look like I can disable HIPS from the GUI, which means it would need to be disabled from within our policy in ERA. Unfortunately, the way our policy is set up, if I disable HIPS, it will disable it for all computers. Is there an easier way to do this? There is no need to modify your configuration. We are almost sure it is the same issue as we received reports some time ago and are currently investigating. Unfortunately we do not know yet any workaround nor reason why it happens only on specific machines -> but it has no impact on security of your endpoints. For now you will have to ignore those warnings. In case you want to suppress them, special configuration policy can be created for "ESET Remote Administrator Agent" with changes in section "Advanced -> Operating system -> Report network firewall issues" and "Advanced -> Operating system -> Report virus and spyware protection issues". I would recommend to attach this specific policy only to affected client until this issue is resolved. Link to comment Share on other sites More sharing options...
kit 2 Posted December 16, 2015 Author Share Posted December 16, 2015 Thank you for the update MartinK. If there is anything I can do to help investigate or troubleshoot further so that we can find a resolution, please let me know. Link to comment Share on other sites More sharing options...
Recommended Posts