Jump to content

Campbell IT

  • Posts

  • Joined

Everything posted by Campbell IT

  1. That would explain why I see changes this morning in the console. I had about 25 machines left to upgrade to get rid of this message and this morning, on most of them, the alert is gone.
  2. It's out now. I was in the process of updating all of our workstations to 7.3.2044 and now all of a sudden this morning, 7.3 has been replaced by 8.0. I sure wish ESET would let us choose which version we want to install when we click the "Update ESET Products" button. At least leave the latest version and one version prior to that. I think we're all smart enough to know the difference and can make that decision for ourselves. I had to create an installation task to finish my rollout instead of being able to click the update button.
  3. Well, you have a bug then, because we have had several machines that I did not upgrade manually, but they upgraded on their own. I discovered this because I noticed there was an alert on a machine. The alert was that the machine needed to reboot to complete an upgrade. I had not upgraded the machine manually and I am the only one who administers the ESET server. I asked the user to reboot and after they did, the version was upgraded to 7.2.2055. This was while we were on ESMC 7.1.
  4. Well, I have 3 machines that until late last week, were on 7.2.2055 that are now on 7.3.2032. One of these machines is my workstation. All 3 of them had ZERO shutdowns after our weekly scan until yesterday when I was sitting in front my computer and watched it with my own two eyes as a prompt came up telling me it was going to shut down after the scan. I was able to cancel it, but the other two machines shut down as I was testing to see what would happen and I did not intervene. I get that there is a bug in 7.3.2032. So tell me how upgrading to 7.3.2032 did not cause the issue?
  5. I just experienced this on my machine. Fortunately, I was in the office today, so I was able to stop it from rebooting. My big concern is that we have had a few computers automatically upgrade themselves without any intervention on our part. Is there a way I can prevent any other machines from automatically upgrading? I currently have 3 machines on 7.3 and would like to keep it that way until this issue is fixed. I have a lot of people working remotely and not much manpower available to turn machines back on.
  6. I got a message that I could not send a PM to you. It doesn't matter, though. I was successful with my upgrade after I stopped the EraServerSvc service. Now I get to re-learn how to deploy the Agent.
  7. How do I send the log to you? It has hostname and IP address info in it, which I do not want to make public.
  8. The clients are checking in every 5 minutes. AD synchronization only occurs once a day.
  9. I reviewed the logs myself and found these entries: Error 1921. Service 'ESET Security Management Center Server' (EraServerSvc) could not be stopped. Verify that you have sufficient privileges to stop system services. Info 1920. Service 'ESET Security Management Center Server' (EraServerSvc) failed to start. Verify that you have sufficient privileges to start system services. I do have sufficient privileges. Should I manually stop the service before I attempt the upgrade?
  10. It failed a the ESMC upgrade. I tried to send you a PM with the logs attached, but it said you can't receive messages. How do I securely upload logs to you?
  11. I attempted to upgrade our ESMC 7.1 server to 7.2 by downloading the installer, running it on the server and choosing "Upgrade All Components". It upgraded SQL Express OK, then it took quite a while on the next step and then failed with a 1603 and 1708 error. Prior tests of this process on a snaphshot copy of our server worked flawlessly. Any help is appreciated.
  12. Please have an option to block automatic upgrades as you have described above. While it sounds good in principle, unless reboots are forced, you could end up with computers that have pending reboots for weeks. We struggle with getting our users to log off, let alone reboot. Plus, if there is an issue with an upgrade in our environment, we would need to be able to prevent the upgrade from happening on more computers. Thanks.
  13. I had several machines detect HTML/ScrInject.B and for weeks, the detections would show up as unresolved. I finally got some time where the user would let me work on the system for a couple of hours and the only way I could find to actually get the detections to resolve was to run an in-depth scan with cleaning. It baffles me because these detections were reported after a smart scan. If there is some other easy (albeit, not intuitive) way do resolve detections, I would love to hear it. Thanks.
  14. I have found after working with ESMC 7.x for some time that the only way to permanently resolve detections is to run an In-depth scan with cleaning after a detection has occurred. Is there a way to configure ESMC so that when a desktop reports s detection, an in-depth scan with cleaning is scheduled automatically?
  15. No, I installed ESMC 7 fresh some time ago and upgraded to 7.1.717.0 in the last few months.
  16. How do I know what detections have been resolved and no longer need my attention? I have set the filter to the Preset filter "All unresolved threats" and it shows all threats back to Oct 2019, even those that have a check in the column "Resolved". If they are resolved and I set the ESET Preset filter "All unresolved threats", why is it showing me resolved threats? It is very difficult to tell what computers need to be examined more closely. Also, what does ESET consider as an action taken? Because that filter also shows detections back to Oct 2019 if I select "All threats without action taken". Is this a browser issue? I am using FIrefox 75.0
  17. Never mind. Now I see there is another tab. Everything was so easy in 5.x. Even after 18 months + of using 7.x, I still get stumped. It really needs to be redesigned and streamlined.
  18. Using ESMC 7.1.717.0, trying to figure out the process for deleting detections from the quarantine on a client. For the life of me, I cannot figure out how to do this. I get an alert that there is a detection that has not been resolved, so I look at the detections and click on Show Details. It shows me the details of the detection and has the client name in the upper left. I click on the Show Details button below the client name and it takes me to the details of that client. It lists the detections for that client, so I click on Show Details and it takes me right back where I started. Can we please just have a button to delete items from quarantine? This product is so overly complicated it's making me start to think of alternative products.
  19. That's what I am doing with existing machines, but this GPO is for new machines being added to our domain. I updated the agent installer so that the new machines would have the latest agent. I think I have found the problem, though. It has to do with Hardened UNC paths in Windows 10. I had to put in an exception for the UNC path that our GPOs run from.
  20. I successful set up an agent deployment GPO last year. It worked on many machines, but now I that I have updated to ESMC 7.1, I needed to update the agent installers, so all I did was to download the latest 32 and 64 bit agents and replaced the old ones in my deployment folder without updating the install_config.ini file. It doesn't seem to be working reliably. Any ideas? The certificate hasn't changed.
  21. Thanks, Michal. Off the top of my head, having to click on the computer name, then click Show Details seems to me to be too much clicking. If you are looking at the details of a lot of machines, it gets to be a lot of clicking. Since you now have the box next to the computer name (with the 3 stacked dots) that brings up the same menu choices as clicking on the computer name, how about making a click on the computer name just go directly into the details? Just a thought.
  22. We won't use tags and it just clutters up the view. It's not just at the top, it is in the side panel where the groups are. It keeps coming back when I change views. I have to re-hide it every time. The other issue with the new look is that it doesn't remember that I want to left side panel to be collapsed. Every time I log back in, it is expanded again. This version has added more clicks to an already click-heavy application. Is it possible that it is a browser issue? I am using Firefox 71.
  23. Just upgraded to the latest ESMC. Is there any way to permanently disable Tags? They just take up space and every time I use a computer name filter, that view has the Tags pane. I don't ever want to see it, but now I am forced to close it every time I filter on a computer name.
  24. In our environment, the most frequent cause of agent deployment failure is that the Windows Firewall is on. Another one is the time being incorrect on the client. Check your firewall & time sync.
  • Create New...