Jump to content

8bit

Members
  • Content Count

    18
  • Joined

  • Last visited

Profile Information

  • Location
    USA

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. The ESET notification would pop up every time Google Chrome was opened. Google.com is the startup page and no websites needed to be visited in order to generate the notification. A CRX file was trying to connect to a domain called googleusercontent.com It wasn't due to a specific website being visited. If the Chrome browser was closed, no detections were logged. Deleted those folders did the trick. Thanks for sharing.
  2. I had a PC that was constantly sending out notifications that JS/Mindspark.G had been found and connection terminated so I followed the instructions below but that did not resolve my issue completely. Every time I opened Chrome the notification would pop up on the desktop and via the SMC. https://support.eset.com/en/kb6551 I also had to completely uninstall Google Chrome following the instructions below: 1. Go to your software list, and uninstall Google Chrome from the list 2. Go to this location and delete: C:\Users\YOUNAME\AppData\Local\Google\ 3. Go to this location
  3. I completely agree sreece! I see no reason as to why we just can't click on the outdated agents in the dashboard and have it update them. I have to export a list of outdated agents then go back and add them to a task to push out the updates. Seems like a bug to me. Again, I'm seeing the same things you are. I haven't tried pushing out a new agent to all of my devices regardless of version. I wasn't sure if it would cause a problem or not.
  4. Within the Security Management Center, I have a widget on my dashboard that shows a graph with the number of up-to-date and outdated Agent, Endpoint and Server. If I select on the Endpoint and choose to Update installed ESET products, it works fine but if I select on the Agent graph and select Update Installed ESET products here it gives me a message stating: "No ESET products that can be updated automatically have been found." Why is this? I have to either go through all of my endpoints to figure out which ones need upgrading or simply set a server task to update them all, which I don't
  5. I may have spoke too soon. My peer certs along with installers that contain a wildcard of * work but the certs and installers that use an IP address do not and all of the PC's that I've tested have access to the ERA server via IP address.
  6. Martin, It's now working! I went back and created a new CA then went to settings and changed the default certificate to the newly created cert. That allowed me to created the install .bat file and so far, agents are connecting to my ERA. Thank you for your help!
  7. Id like to start from scratch in regards to my CA and Peer Certs. What's the best course of action to do this? I plan to push out a new Agent installer for all devices once I have this working. Thanks for any help you can provide.
  8. Thank you again Martin for your help. I'm about to pull my hair out at this point trying to create a basic Peer Cert using server name or IP. I keep getting the following error message: "Failed to get installers: Specified certification authority certificate was not found" I've tried the CA that was setup during installation and a new CA I created to no avail. I have another installer using a Peer cert with * for hosts and it works - 7 clients using it right now. I'd like to use a more secure certificate than using a wildcard but for some reason I'm hitting a wall. I've sea
  9. Our setup is ~200 devices that all exist on our LAN on multiple subnets. If I understand you correctly, if I'm only connecting agents to our ERA on our LAN, then using a certificate may be overkill? Servers should use them regardless. Am I understanding you correctly? Also, When creating a cert I've tried entering the ERA server's IP (static) and server name to no avail. How do I properly setup the cert? I found a guide in the ESET knowleadgebase but it was scarce on details. Thank you again for the excellent support!
  10. We can mark this post as solved. I did as you suggested MartinK and checked the server logs and the problem appears to have been caused by the certificate I created for the Agent Installation. If I used the IP of the ERA server or FQDN the client's connect to ERA was closed but if I used an * it worked like a charm. I found a similar thread today where a few people had the exact same issue but no resolution was provided. As long as I can use the cert where I inserted the * and it works, I would say this thread should be marked Solved. Thank you for your help!
  11. I've pushed out the new agent installation .bat file to several PC's in our organization and they are able to update their virus definitions but I'm unable to 'see' them from my ERA. DNS, firewall, etc does not appear to be the issue. Any help would be greatly appreciated. I've modified the server.city for security reasons. SchedulerModule 2018-Jul-06 19:09:28 Received message: RegisterSleepEvent AutomationModule 2018-Jul-06 19:10:03 Trigger: Tick ALLOWED [UUID=00000000-0000-0000-7006-000000000001, TYPE=REPLICATION]
  12. Ah! Per the logs the connection failed due to incorrect/unknown certificate or key format Remote machine is not trusted. I have a CA on my ERA. Clearly I've missed a step Many thanks again for your help!
  13. My Agents still aren't reporting in or being seen by ERA. See the steps below that were taken: Generated a new Certificate for Agents with a new passphrase Setup a new Agent Installer selecting the new cert I just created Downloaded the BAT file Pushed out the BAT file successfully to two PC's and also ran it on a third manually to ensure installation (using PDQ deploy instead of GPO) BAT file uninstalls the previous agent install and installs the new one Network ports are not being blocked between PC's and ERA server and DNS is working properly
  14. Thank you for your quick response Michal. I'll have to generate a new cert and push out those agents. Regards,
  15. We recently had a catastrophic failure of a server and couldn't restore it so we had to reinstall ESET Remote Admin. The agents are of course still installed on all of our PC's and servers and once the installation was complete I see all of them in the Rogue section. To keep things organized, I synced our AD to a group folder within Computers but those show no information. Unknown modules for all AD accounts. What is the best way to move forward to get my ESET agents pulled back in properly? Will I have to manually move all of my rogue devices? Thanks!
×
×
  • Create New...