FRiC
-
Posts
83 -
Joined
-
Last visited
Posts posted by FRiC
-
-
Does setting update mode to Auto-update mean the endpoints will update to the latest releases (e.g. 8.0.2039) without having to create a task? I created a task to update to 8.0.2039 and about half of my endpoints still required a reboot. Much better than all requiring a reboot, but still.
And a month seems a bit long.
-
I have the same issue too and my PC's that are affected can't be rebooted right now. (Their next reboot window is early next month.) Will this issue affect any other functionality? Thanks.
-
In case anyone runs into this problem in the future. The reason was that Windows Defender Antivirus was disabled by GPO. It had always been disabled so maybe something in Windows 10 changed recently. Changing the policy to Not Configured fixed everything.
-
Sorry, the machine wasn't rebooting by itself. I was rebooting it manually to see if the problem would go away when I changed settings (regional format mentioned above). The computer also got shut down at the end of the work day. I could run the log collector on another computer if necessary.
-
@JozefG Hi, the ESET Log Collector log is over 100 MB so I've uploaded here. If there's an alternate file transfer site I should use please let me know. Thanks.
-
@JozefG Do you mean it's just a display issue in Windows Security Center? EES seems to be working fine otherwise. I would've never noticed the issue if I had not sat down at a user's computer on a completely unrelated issue and happened to see the red cross on the WSC tray icon.
-
@Marcos Yeah, we're based in Southeast Asia and it's Buddhist year 2563 here. The date format is set by regional format and if I change the format to English (US) the date automatically changes from 28/10/2563 to 10/28/2020. Just to be sure I tried changing regional format but the problem persists.
@JozefG ETL files attached. Thanks.
-
Hi, it appears integration module is at 1026.1. Security providers says ESET Security is turned off. I tried restarting some of the computers experiencing this issue and it seems to come and go randomly. I'll check on more computers.
-
I noticed today that some of our computers are showing no virus provider in Windows Security. EES is current 7.3.2041.0 and there's nothing obvious in ESMC or in the logs.
It seems random since all of our computers are domain joined Windows 10, Version 2004 and there doesn't seem to be anything special about the ones that are showing this warning. Anyone seeing anything like this?
Thanks.
-
We use deployed Windows and I've noticed the same thing. It also happens if Windows is updated to a new release and before the user logs in.
Edit: I just noticed this recently, so not sure if this is something new. Another new thing I noticed is that it's now harder to drag computers into another group since the group panel scrolls too early and too fast.
-
Or you could probably block all by default, and create five policies (USB1-5) and assign to each PC which ones are needed.
-
17 hours ago, Brambb said:
Also I notice that the reboot also needs to be a 'warm reboot', we have a lot of clients who TURN OFF and next day TURN ON (shutdown, cold start) but this does NOT trigger ESET to do the module update or whatever the reboot is required for. Users actually need to do the 'warm reboot' for the message to cleared and update to be fully complete.
That's Windows 10 fast startup. Disable it in settings or in GPO to make shut downs behave "normally".
-
I think the release notes for 7.3.2032 should read compatibility with future Windows 10 major update due in H1 2020 and not 2021.
-
Not sure if related, but I'm upgrading to 7.2.2055 and suddenly the clients are trying to access ESMC by the IP address instead of the hostname and yeah, they blocked themselves again. I tried whitelisting *:2222/* and it seems to work so far. 🤞
-
Thanks for the quick response. I had these computers configured this way since we bought ESET early this year and this issue only started recently. Strangely enough they didn't all start happening on the same day and it didn't affect all computers. Anyway I've added https://esmc to the whitelist and temporarily disable EES...
Update: and all is well now. I just find it somewhat strange that I've been running this for nine months, and now suddenly I have to whitelist https://emsc/
-
Windows 10 Pro, ESET Endpoint Security, ESMC, all latest versions.
I have some computers that have all websites blocked except for some necessary Windows update and ESET update sites whitelisted. They connect to the local ESMC server called simply "esmc". A few days ago I noticed they stopped connecting to ESMC and upon checking the logs I discover that https://esmc is blocked. Has there been a change to how ESET communicates with ESMC? Should I whitelist the local ESMC server?
-
Update to this issue:
I couldn't figure out the problem, so I just created a rule to whitelist the HDD. I noticed afterwards that the HDD appears to Windows as a removable device, i.e. it has a removable icon in the task bar and can be removed like a USB drive, even though in the device manager it appears as a normal HDD. Which is probably why ESET sees it as a removable device and tries to block it, but since the first partition is the boot drive and likely can't be blocked, it ended up blocking the second partition.
-
There is only one HDD in the computer: ST3500418AS as attached.
C works normally and D is access denied. Thanks.
-
Hi, I'm using device control to block removable drives, I blocked "disk storage" which seems to work fine for everyone except one particular machine where it blocked the second partition of the internal hard drive. Am I missing something obvious or should I choose another type of device instead of "disk storage"? Portable device maybe?
The computer is Windows XP 5.1.2600 running ESET Endpoint Security 6.5.2132.2.
Thanks in advance for any help.
-
Thanks for the help, the fast startup setting was it. I thought I remembered there's a setting in Win 8/10 but couldn't remember what it was. But then I think the "automatically reboot PC if necessary" option should also reboot the PC before performing the upgrade, so it won't be stuck at waiting for restart.
-
Yes, I figured I don't want the clients to automatically reboot since users may be working, but then all the clients became waiting to be restarted even after computers had been switched off and rebooted.
Edit: In some cases the upgrades are successful, but esmc still prompts that clients should be restarted.
-
EES 7 was recently updated from 7.0.2073.1 to 7.0.2091.0 and ESMC started prompting me that users' computers need to be restarted before updates can be installed. I was a little surprised that I had to manually reboot the computers either physically or through ESMC's reboot function before updates can be installed. Even if the computers are turned off at the end of the day they didn't count as restarts. Am I missing something obvious or is this by design?
-
12 hours ago, MartinK said:
Actually that is different problem. Adapters should be shown in the same order/priority as configured in system. Could you please check that physical adapter is first in list?
Thanks, didn't realize that's the problem. I don't want to hijack this thread, but is the priority of the network adapter configured by manually setting the metric (doesn't work) or is there another way?
-
Yeah, I have the same issue where the virtual network adapters created by vmware are shown in esmc instead of the actual physical adapter. Hope fixed soon.
Rebooting and future changes
in ESET Endpoint Products
Posted
Thanks for the info. Will try auto-update next time. Incidentally my latest update to 8.0.2039 did not go smoothly. I've done the upgrade task countless times without any problems but this time a number of computers (out of 100+) could not complete the update. Had to remove (some even in safe mode) and reinstall.