Jump to content

Zdenko Rendic

  • Posts

  • Joined

About Zdenko Rendic

  • Rank

Profile Information

  • Location

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Backupsoftware ist not running, its just installed. Veeam Backup & Replication was installed and removed last year and swissbackup24 is only installed from the start, but has no backup job active. at my Home PC I have no Backup Software installed, with the same Issue. I will see if it happens again.
  2. I hope it does help you, because I removed eset and installed it again 2 hours ago. By deactivating eset I meant I stoped the Antivirus until restart eea_logs.zip
  3. Hello Strange things in the last 2 days. I have Eset Endpointvirus 8 on my Business HP Laptop on Win10 2004 and ESET Nod32 latest version on Win10 Home on Private Gaming pc. Latest Win Updates were made on the Windows PC's and in the last 2 Days i could not work with the devices. On the Business Laptop Browser could not open, they just had a white window, Outlook had 30 sek to open, "run as admin" needs also around 30 sek to ask me for the Password. The device had 3-5% CPU, free RAM and has an SSD. Deactivating HIPS did not help, I had to deactivate ESET for the device to work again normaly. after that, everything was fast again. Home Pc allmost the same, Playing Diablo 3 was not possible, eather I could not Log in the Game or the change from one Map lvl to another took around 40-60 seconds. Other games the same, VERY VERY slow, but CPU ist not at 100%. Deactivating ESET resolves the Issue. Any ideas ?
  4. Ok, I found the solution. After upgrading ERA 6.x to 7.x I rebootet it once, and I had this Error with the Cert. I rebootet the ERA one more time, and had the Problem that I could not log in, error: "Not connected". I used following solution to fix the log in Problem: https://support.eset.com/kb6760/ Note: this Login problem happens only if you update all the Packages over the Webadmin Console (https://xxx.xxx.xxx.xxx:10000) Now the the Cert error was gone and I could Push ESET Agent and Products to the Clients.
  5. Ok thx, I just started one for the test, and it scohuld upgrade to version 7. But the Problem is that I cant push ESET Agent to a NEW Client, because it gives me the same error, that the Cert or the Cert password is wrong. In that case I cant use the component upgrade task, because it is a new client, right ? The German Error tells me, the the Certificate is wrong or has a wrong passwort....
  6. Hello I Sucessfully Upgradet ESET ERA 6.4.304.0 with the Upgrade task to ESET SMCS 7.0.471.0. (cent OS) After that I wanted to push the new Agent to the clients, but now it needs a Cert-passwort to do so. I never used any Password for the certifiacate in the old Version, but now I need one? my Question is: -> Is there some standard Password that ERA 6.x uses for its Certs, and what is it ? -> or can I just write a new password new for the Cert ? Best regards Zdenko Rendic
  7. Hello On 3 different Terminal Server was ESET File Security 6.4 and 6.5 installed and still the crypto virus was not detected and crypted all files the user had access to. My Question is, is there something I can do about it,like Configuring the ESET the proper way ? What could help us block the crypto Viruses better ?
  8. Yes please, I wounder if the Push mechanism ist working better with the latest smb problems (win 10 deactivates smb1, push not possible) Also the lizence problems, where Notebooks take several of them cause of the network change Home / Business LAN/WLAN
  9. Hello In last few Weeks I came a long a strange problem: New and fresh installed Windows 10 Clients, with the last March 2018 Windows updates, deactivated Firewall, all working shares, FQDN and so on, the ERA fails to push the agent. ERA is version 6.5.417.0, ESXi VM. The error in the logfiles says: + mount -t cifs -o domain=*replaced*,username=Admin '//*replaced*/ADMIN$' /tmp/era_remote_deploy_wn_y6OOsPH64GoN6CJP/cifs mount error(112): Host is down Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) * [Exit code = 32] + LANG= I noticed that the Windows 10 client with this problem has somehow removed the support for SMB 1.0/CIFS Datashare under the windows features, maybe via Windows update. After I enable it again and reboot the windows 10 System , the agent push works again: My question is: is there a way to fix this problem from ESET ERA side? maybe by changing the hightest protocol or something ? I found this older Post from Dimitris Bastas: " I am running the latest version of ERA (version Following MartinK suggestions I changed a line in the file /var/opt/eset/RemoteAdministrator/Server/Scripts/UnixWindowsNetworkRemoteInstall.sh Specifically the line LANG= mount -t cifs -o "${mount_domain_option}username=$ERA_RD_WN_USERNAME" "$remote_cifs_share" "$local_cifs_mount" becomes LANG= mount -t cifs -o "${mount_domain_option}username=$ERA_RD_WN_USERNAME,vers=2.0" "$remote_cifs_share" "$local_cifs_mount" After that i run the command /sbin/restorecon -F -R -v /var/opt/eset/RemoteAdministrator/Server and I tried to deploy the agent to one of the Windows 7 machines. This workaround worked for me and I wish that a change will be made to the ERA webconsole interface, so that a user can tell that a windows computer has SMB version 2, before the agent can be installed remotely. Thank you very much for the help. " I edited this UnixWindowsNetworkRemoteInstall.sh file, and it also working for me, but this is not the fine English art to fix this Problem. for exampl,e what happes with this manual edit after an ERA update?
  10. Hello A BIIG Question about "deactivate them via the ELA portal" I did this, deactivated the double licenes that were older, after that the ESET Endpoint Antivirus on the client that had the double license was deactivated. For me it is not clear which entries I can delete. Can you tell me which I could deactive on this picture ? I deactivated the one with the exclamation mark and the ESET was also deactivated on his client. Its a Dell XPS 13 Notebook, and it pop-ups every few days double in the ELA portal using 2 Licenses, why is this happening? I allready deleted both of them, and Activated his Endpoint Antivirus over ERA, 2-3 days later they are double again. The Person takes this laptop from the Office where the ERA is installed to his Home office every day. This is not the only Client, there are 3-4 more that show up double, allways the same Clients. I also De-installed the whole Eset Antivirus from this CHMOEI02 Notebook, and pushed it again from the ERA, again it shows double.
  11. So for people that have same issue, do the following: Start VM in recovery Windows Mode, press F8 and look that you get into the CMD Launch regedit Load Hive SYSTEM (D:\Windows\System32\Config\SYSTEM), give him some random name you want ADD following: HKEY_LOCAL_MACHINE\{Loaded_Hive_Name}\ControlSet001\Control\SessionManager\BootExecute and HKEY_LOCAL_MACHINE\{Loaded_Hive_Name}\ControlSet002\Control\SessionManager\BootExecute to value autocheck autochk * PvsVmBoot Unload hive Restart VM Update Eset to the newest version The BootExecute Value is probably there buz its missing the line under "PvsVmBoot"
  12. Thank you for your answer, now I understand it how it works. Best Regards Zdenko Rendic
  13. Hello I created an offline All-in-one Setup File inclunding the Endpoint Antivirus (6.6.2049.0), License, ERA Certificate, Parent Group, Agent and self created Policy. After that we deploy the File with PDQ Deployment, everything works fine, the client appears in the Eset ERA, has the Product and Agent Installed. But the Clients does not get the Policy, I have to log inside the Eset Era to manualy assign the Policy, even if I defined the policy creating the offline setup. Why ist that not working ?
  14. Thanks MartinK, now it works! I just connected with Putty to the ERA Ip and put these 2 Lines: iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT service iptables save Best Regards Zdenko
  • Create New...