tmuster2k

This will suppress the change of the protection status on clients but it will not prevent ESET from asking Windows about missing updates. Also this will not affect the messages that appear in the ERA console. based on customers description of : " however I am still being alerted to "Operating system is not up to date" when looking at the clients. " . what I was taking from this is that he possibly remoted into one of the systems in question and pulled up the ESET GUI locally on that machine and the protection status was showing the message about OS updates. So yes I was assuming the local machine as opposed to the ERA itself.

LIke Marcos said I would highly recommend uninstalling your Version 4.x clients. The majority of systems that get hit with Ransomeware are V4 systems or current systems on V5 or V6 that have had LIVEGRID or HIPS disabled locally or in policy.

Have a customer who uses Unidesk to deploy out the ESET software. Customer went through steps outlined in >> hxxp://support.eset.com/kb3725/?viewlocale=en_USand the agent and ENDPOINT do get installed. When checking the status.html for the agent its all green and reports checking into the ERA6 server but when looking at the ERA6 console itself the computer just shows as unmanaged. confirmed its not in lost and found and doesn't appear as internal ip address. I pushed out agent multiple times like when doing with orphaned agents but still does not check in. The other issue is that the ENDPOINT AV GUI is not complete as the "Update" and "Computer Scan" category are not present. Is this possibly a incompatibility with his Unidesk deployment software and ESET ? ERA 6.3 with agent 6.3 >> ENDPOINT AV 6.3

The V6 update is not within the ERA 4 or 5 Console. Version 6 is not an updated to Version 5.x . Version 6.x is a whole new product (web based). I also do no recommend upgrading over the top on Version 4.x Workstations to version 6. You will want to uninstall Version 4 >> reboot and then install Version 6.x form ERA 6. I also do not recommend exporting and importing Version 5.x policies over to Version 6.x as some of these do not match with that product like the Mirror Update Policy. Version 6.x uses a Caching proxy but unless you are about 100 computers or more you do not need it. ------------------------------------------------------------------------------ Welcome to ESET Remote Administrator 6.x hxxp://support.eset.com/erainstall/ Version 6.x Business Edition products - YouTube Videos (deployment and configuration assistance): https://www.youtube.com/watch?v=Npd619mzc8s&list=PLHxeNUYCjBXLadGq4QyjzD1Gb91NBAlLR Upgrading from ERA 5 to ERA 6 (ESET Remote Administrator Migration Tool (ERA Migration Tool info) hxxp://support.eset.com/kb3607 How do I install ESET Remote Administrator on a Domain Controller or Microsoft Small Business Server? (6.x) hxxp://support.eset.com/kb3671/?locale=en_US How do I deploy the ESET Remote Administrator Agent? (6.x) hxxp://support.eset.com/kb3595/?locale=en_US (AGENT LIVE INSTALLER- Recommended for Workgroup environments) What's new in ERA 6: hxxp://support.eset.com/kb3590/ ERA 6 online user guide: hxxp://help.eset.com/era/6/en-US/ Which ports does ESET Remote Administrator use? (6.x) hxxp://support.eset.com/kb3608/?viewlocale=en_US How do I deploy the ESET Remote Administrator Agent? (6.x) hxxp://support.eset.com/kb3595/ How to perform a push uninstall of previous versions of ESET: hxxp://help.eset.com/era/6/en-US/client_tasks_software_uninstall.htm?zoom_highlightsub=uninstall ESET Remote Administrator Push Installation Requirements and Checklist hxxp://support.eset.com/kb82/ Deploy or upgrade ESET endpoint products using a push install (6.x) hxxp://support.eset.com/kb3605/ How do I create a dual update profile configuration in ESET Remote Administrator? (6.x) hxxp://support.eset.com/kb3621/ Network Configuration Requirements for allowing clients to connect to ESET Remote Administrator remotely (WAN IP) hxxp://support.eset.com/kb3304/ How do I open the ESET Remote Administrator Web Console? (6.x) hxxp://support.eset.com/kb3695/?viewlocale=en_US - The licenses for your products are now managed through the License Administrator. For an introduction to License Administrator, please click or copy/paste the following link into your web browser: ------------------------------------------------------------------------------ ESET License Administrator User Guide hxxp://download.eset.com/manuals/eset_ela_userguide_enu.pdf ESET License Administrator Help hxxp://help.eset.com/ela/en-US/index.html

I know it is kind of confusing but you have to do it in one other place on the POLICY. USER INTERFACE >> STATUSES >> Application statuses >> EDIT >> Uncheck "Operating System is not up to date" and Save. Force this policy.

10 is how many computers they have total in this SOHO network. Most of the systems are on windows 7. ESS is not in play here as it is happening when we install NOD32 as well. I do have wireshark log for now if that can shed any light on this issue. Will PM this - @Marcos

I have never run into this issue with ESET and very baffled by what is going on. Any computer that is introduced to this network (10 computers- 4 have ESET and 6 on windows defender-win 10) with ESET is installed, stops internet connectivity for the other workstations on network. I have had customer even isolate one system with ESET and the NOD32 program and same issue. If customer reboots the router the internet connectivity comes back but only for about half hour max. My Troubleshooting: 1. Had customer monitor network for half a day with no systems with ESET installed and they did not have to reboot the router and internet connectivity held firm. 2. Called customer back once we confirmed network connectivity was good, and with ESET installed within 30minutes he cannot get online and other users started to report they also cannot get online. This was with NOD32 V9. 3. Ping to any ip or URL just gives back "ping request could not find host x.com. Please check the name and try again. There is no "request timed out" at all. 4. Set a static dns on the NIC of 8.8.8.8 and now able to ping ip's and hostnames on the internet but still cannot get online with the browser. Google Chromes spits out message about wrong DNS configuration. 5. I disabled each module of ESET>> Real time, web access, protocol filtering etc. and still cannot ping out. 6. If I put the ip address of a website into the address bar It still cannot resolve. 7. We uninstalled NOD32 and rebooted. 8. Set the Wireless NIC back to "obtain DNS Automatically" and everything is fine. PING and can get online with no problem. I have a wireshark log that I can PM if someone wants to look into this. I am at a point where the tech wants to just have the customers get rid of ESET. Any help would be greatly appreciated on this end.

I have seen this issue with Windows XP only. Go into services and disable the windows automatic update service. You might as well have this disabled as you are running XP. See if this helps.

I have not received any feedback the resolved the issue. I have the customer on version 8.x.

There could be a rogue agent reg key causing the install to fail: [HKEY_CLASSES_ROOT\Installer\Products\ Then search for: ESET Remote Adminsitrator Agent The identifier is different per machine DELETE THE WHOLE KEY AND THEN install again.

The download folder is now complete. Last Friday most of it was missing but seems to have been take care of. BTW.. All your links are showing 404 ERROR. 404ERROR 404ERROR

The only folder in the installers folder is for Apache_HTTP. There is no all-in-one installer.

I had customer log out of standard user account and log in with domain admin credentials and the settings were still locked. How can you get access to these settings ?

Version 16 is not on the list. Probably did not know the correct uninstall string to take it out thus the false positive from the ERA.

Bump.

Is there an unlock tool, specifically for ESET FILE SECURITY 6? Customer currently cannot do safemode because this is a terminal server and clients are connecting. we tired to force a policy just specifically for this computer to remove password and no go. the agent is checking in fine to the ERA6. I have tried unlock tool from KB but says it is for wrong product (for home) and also tried the unlock tool for ESET ENDPOINT AV's but no go.

Any feedback from the logs?

Not only did I do 2289 I made sure manually that there were no ESET remants after 2289. Need more suggestions.

User upgraded to Version 9.x and now cannot complete a full windows backup. ERROR code that comes up is 0x8078011E . We have done all kinds of exclusions and the only thing that works is disabling real time protection. I even excluded the different volume shadow copy directories. example: \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy1 \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2 and on the way down. If you google this error code it is made clear that its a known issue with AV software and windows backup. This is the only time I have run into this with ESET and it's only happened with Version 9.x. If I have customer go back to V8 the backup performs as normal. I have procmom logs avail to send via PM if needed.

Will do. Should have the logs ready for you manana. Thanks, Marcos.

My customer reports that a lot of his end users are complaining that after the upgrade to version 9.x (fresh install after uninstall) that the bank reconciliation process takes much longer than it did with V8. "after you select all of the transactions that have cleared, then you hit the finish button, it was taking more than a minute to finalize.When I disabled the Eset real time protection, it took less than a second" This is for the Quickbooks 2014 ACCOUNTING Version. If customer excludes his user profile: c:\users\Joe then there is no issue. I haven't been able to drill down anymore than this directory. None of these issues happened with V8 and no exclusions were even set in the advanced settings. They are also having a slowdown with older version of Wordperfect since upgrade to V9. I will be doing callback with customer in a few days and just wanted to start this to get any input before my callback.

pm sent

Bump- Nada?

Would you recommend HIPS- Smart Mode to Home users with little technical knowledge? Yes as Smart mode normally doesn't ask the user at all. What do you define as "highly suspicious operation" ?

I have had several customers report that after upgrading to Version 9.x, they can no longer get VSD updates when they could on V8. Ping to update.eset.com and tracert is all good. Uninstalled V9 and going back to V8 resolves the issue. Is there a specific reason for this?