Jump to content

GregA

Members
  • Content Count

    28
  • Joined

  • Last visited

Everything posted by GregA

  1. We have about 1500 end points. Since we don't know which one/s will have the issue next, would it hurt to enable Diagnostic for all end points for a while and leave other settings as the default, or would it create super huge logs and cause an issue?
  2. Windows 7 and Windows 10. ESET A/V version 7.3.2032, 7.3.x, ESET Agent version 7.2.1266.0 I am seeing various random users complain their ESET is out of date and they are then blocked from connecting to our Corp network VPN as it checks to ensure A/V is up to date. This is random. I don't know how long this has been an issue since we just started looking into it. Looking at the remote Workstation or Laptop ESET tools, log files, Events.. it shows the updates just stopped running at a certain date. No errors after that date and no tries as far as the log shows. What would cause the au
  3. Update... The file C:\windows\system32\slmgr.vbs actually exists on the system that I was looking at. Even though it shows in the Quarantine on both the local ESET GUI, and in the ESMC.
  4. Ok, I went to one of the computers and pulled up the ESET End Point Security GUI. Went to tools, quarantine, restore, enter the ESET GUI password, yes allow UAC, restore file from quarantine failed. File attempted to restore: C:\windows\system32\slmgr.vbs
  5. What do you mean by manually restore? ESMC is not manual and that is the only method I have been trying because it is multiple computers. I go to ESMC, Quarantine, Find the all computers with the hash causing the issue, try restore, one computer at a time, or multiple computers, same issue as described above in my post. So no, it does not work. Task log... Task failed: CNodcommChannel: Send request failed with 14, Command failed - Make sure that Agent runs with Administrator privileges. This is a little concerning as an admin. If ESET can't restore a system file like this, what would
  6. That is not the case however. Try restore this... file://C:\windows\system32\slmgr.vbs And get this.... Task failed: CNodcommChannel: Send request failed with 14, Command failed - Make sure that Agent runs with Administrator privileges. Am I in the wrong forum? Should I be posting this in Remote Management section instead since it's multiple computers?
  7. How do you define fix? People are not able to restore these from quarantine. Will the restore work after the fix rolls out?
  8. Same here, luckily only about 30 computers. But the files are fairly important, as they are used to add the Windows 7 extended ESU license each year. C:\windows\system32\slmgr.vbs C:\windows\sysWOW64\slmgr.vbs Task failed error: CNodcommChannel: Send request failed with 14, Command failed - Make sure that Agent runs with Administrator privileges.
  9. Will there be any version of ESET endpoint available that will work on Windows XP after the end date for the older products?
  10. This is one of the screens I very much dislike in ESET. It is poorly worded and honestly, doesn't make sense. Step #1 Why would ESET make this so difficult? Step #2 This step removes the agent, but only if the agent doesn't have a password (see step #1). Why doesn't it just say "uninstall Agent" (because that is what it does) in plain language? Who wrote this? Step #3 Remove Computer from database. Apparently putting a check mark also removes the license. But it doesn't say that is what it does. Who wrote this? If you do can figure how to do the above steps with the poorly worded de
  11. I created a GPO or SCCM script when the agent version was still 7.1.717.0. This is the one we have been using. But it still seems to be installing 7.1.717.0 agent even though 7.2.1266.0 is the current agent version. To clarify, does the GPO or SCCM script remember the old version it was built with and keep installing the old version until you recreate the .bat file, or is it supposed to automatically know what the new version is when the new version comes out and install the new version?
  12. Dynamic groups show computers as soon as a computer ESET agent talks on each machine, assuming your Dynamic template rule is working. So active talking computers will show as soon as they talk to the ESET server. Offline computers won't show in the dynamic group.
  13. You can also sync your computers from AD with a static group Sync task.
  14. This is why I was concerned about going with the Cloud Administrator from any of the A/V vendors when we were doing demos. They were all pushing for the cloud admin. We instead went with the on-prem ESET Administrator and it has been up and working while the cloud admin has been having issues.
  15. Update: One of our techs was working on this over the weekend and he says that he found the old Kaspersky A/V agent (our previous A/V provider) was still installed and after uninstalling the old Kaspersky A/V agent the "ESET Management Agent is outdated" message went away. He did this fix on about 30 workstations.
  16. I have the latest ESET SMC server version and I see the same issue suddenly happening over the weekend. On the main computers screen it says "ESET Management Agent is outdated" on some computers but if I drill down to one of those computers from the dashboard and view it's installed applications, the ESET agent version (7.2.1266.0) says it is "Up-to-date version". So it seems to be a bug since one part of ESET says the agent it is up to date and another says it is out of date. I am going to call support later today to have them sort it out.
  17. I'm curious, what does the ESET agent version report as when you look at one of those computers (SMC, computer, show details, installed applications). I have a group of computers incorrectly showing on the main console computer list screen as "ESET Management Agent is outdated" but when I drill down to the installed applications for that computer, the correct 7.2.1266.0 is showing installed and says it is "Up-to-date version" installed. So something is wrong on my Security Management Center reporting, as it says agent out of date on one screen and agent up to date on the other. I will call s
  18. How long did you wait? It takes about 10-30 minutes after an upgrade before the database is ready and it lets you log in. That is normal.
  19. I would recommend a new thread for agent reporting issue since that is not the topic of this thread and your upgrade worked.
  20. Create a Dynamic Group template for the older ESET version, to find your computers with the old version installed. Example template values below. Then create a Dynamic Group that uses that template to find the computers with the old agent. You could even create an agent install task to run in that dynamic group daily. Or just push the new agent install version to all or some in that group manually. You can create a similar dynamic group for the newer agent version to see the computers with the new version installed. Installed software . Application vendor = ESET, spol. s r.o. Insta
  21. Kill the ERAServer.exe in task manager when it gets to that point in the install and hangs. Then the install should proceed. At least that's what I had to do when we upgraded.
  22. You need to open the ESET agent communication ports on your firewall to allow external computers to report in.
  23. I had issue exporting to QRadar. After we upgraded the Security Management Center to 7.2.1266.0 Qradar could read the logs. So it was apparently a bug that got fixed in the newer Security Management Center. My settings.. Port 514, Syslog, TCP, Choose Verbosity, Export syslogs, LEEF format.
  24. Deleting recommendations doesn't help improve the product.
×
×
  • Create New...