Jump to content


  • Posts

  • Joined

  • Last visited

About Palps

  • Rank

Profile Information

  • Gender
    Not Telling
  • Location

Recent Profile Visitors

741 profile views
  1. Same here, I have done the upgrade from EEA 7.0.2100.4 to EEA 7.1.2045.5 via the integrated software installation task via the ESET Management Center Console. I think this was the first time ever, that an ESET upgrade was working without any issues or any additional troubleshooting/configuration for our 600 clients. Let's see what happens when a new EMA version is released.
  2. Hello, @T3chGuy007 I had the same issue for each update of the Agent version sind the beginning of v6. Every time I have contacted the support but they couldn't help. I have figured out, that the HIPS Module is blocking the deletion/stop of the process ERAAgent.exe and the service EraAgentSVC. So as a result the agent cannot be updated. Currently I am doing the upgrade to EMA 7.0.577.0 and EEA 7.0.2100.4. For this I have changed the default policy for all clients, so that HIPS is disabled but not shown as Critical on the device itself, so that the users are not getting confused. Then I am waiting until they have rebootet and trying to do the Agent update from time to time. As soon as HIPS is disabled and a reboot has been done, the Security Management Center Components Upgrade task is working like a charm because the process and the service is not secured by the HIPS anymore. I have figured this out by myself as the support was never able to help me. Currently we are considering to switch to another AV solution. (Disabled HIPS) (Change application statuses) (Disable to show the issues on the client)
  3. Hello, I just wanted to confirm Zoltans info. EEA 7.0.2100.4 is working without any issues. The versions before had the update issue. Regards
  4. Hi @Marcos, do you have any feedback regarding my logs which i had uploaded?
  5. Hi Marcos, sorry for my late reply. Please find the new logs attached. eea_logs.zip
  6. Please find the logs attached. I have sent you the password via PM. eea_logs.zip
  7. Okay, but with v6 i dont get this errors. Here some more screenshots. Since last wednesday (14.11.) i have the same situation: The icon in the taskbar is doing the "scanning rotation" (like a radar) and there is written "Module upgrade in progress..." Also ESET Endpoint antivirus is showing "Updating product..." but the last successfull update was 19/11/2018 accorting to the "Update-Section": But as shown in the logs it still has the bad link to update server issue and is not showing that the detection engine has succesfully been updated. With v6 all is running smooth. Thank you for your help.
  8. It's because the ESET Kernel Dedection engine is updating but Update module not. Between 14/11/ and 16/11/ the update icon was circling the whole time. Only after a reboot the detection engine is updated sometimes.
  9. Hello togehter, as many of us i am currently in the migration phase from v6 to v7. Our environment is running an ESET Proxy at each location. I have done the migration steps as described in this KB article. Everyhting went quite well, the main server has been upgraded to ESET Management Center, the proxys as well as the policies have been reconfigured and our agents have been upgraded. The issue is, that when it comes to the upgrade of ESET Endpoint Antivirus to v7, the client is not updating the modules anymore. It seems that the detection engine can be updated, but not the modules of Endpoint Antivirus. With Endpoint Version 6.6.... everything is working fine. Do i need to do some reconfiguration of the endpoint policies? They have been configured to use the proxy servers for upgrades. I can not find anything regarding the endpoint policies in the ESET KB, only for the agent policies. Current config, which is working with Endpoint Antivirus v6.6... but not with v7.0...: Thank you very much. Regards PALPS
  10. Hello again, i am stuck again. I think i know the cause why the msiexec method is not working anymore. It was working on all machines where the user is a local admin (we have this kind of setup for engineering and quality members) but it's not working for users with normal user permissions because it can't execute the *.msi without admin permissions. Do you know a solution how to run the msiexec with elevated rights? I have also tried the other option with the "Remote Administrator Components Update" task, but it failed with the error "ReadUpgradeStatus: Upgrade of Agent from version '' to '6.5.522.0' failed. Unexpected updater service Win32ExitCode 0x435". Do you know something about it? I could not find anything on google. Thanks!
  11. Hi guys, you helped me a lot. I have to update the ERA Agent for about 500 devices. Previously I did the update with the script provided by @jimwillsher and @Phydeauxdawg but currently this is somehow not working anymore for me. Now I was searching for a way to update the agents and I personally never thought that this could be done with the "Remote Administrator Components Update" task. I have used this to update my server components but as @CMS already mentioned, I thought this task is server related and can not be used for the clients. I also think renaming the tasks somehow would help a lot. Thanks and regards!
  12. Thank you for your information. I checked our servers to do the steps you have mentioned above, but I couldn't find any HIPS message anymore. As it seems the issue has been resolved by itself. In the meantime I updated the agent and client versions via our ERA server, maybe this has solved the problem.
  13. Hi, just for information, we are still getting this messages, but as it seems there is no bad impact on any server functionality, so we forgot about it because there are more important topics. So until now every member who is accessing the servers just ignores the messages. I know that this is not the preferred solution but up to now the less time consuming.
  14. This solved the problem with the shadow copies. Thank you very much for your support!
  15. Thank you for your answer. Very appreciate it. I adapted the exceptions like you proposed. I will check tomorrow morning again if the threat was found again. I don't want to exclude the whole "beremote.exe" process because this is doing the backup and maybe it will detect some other threats also. We are using Symantec Backup Exec. The backup is running during the night and on the next morning I have the threat alerts on our client backup server due to the eicar test files reported by the real-time file system protection.
  • Create New...