Bill_Pacific
-
Posts
18 -
Joined
-
Last visited
Posts posted by Bill_Pacific
-
-
Having a very similar issue. Not happening to the few clients I have with V6 still installed only V7.3. Rebooting does not help in my case, I have had to uninstall/reinstall to get it fixed. but after a week or so the issue returns. I have already removed V7.3 from all the Macs having this issue. If another one shows up I will gather logs. Please post the fix
-
-
Hello All,
I am posting this here as I am not able to post in the false positive area.
My SEO team contacted me today and had this removed from their systems by ESET Endpoint Antivirus 8.1 with the latest VSDB.
I am wanting to exclude this from detection as I believe this is a false positive, I also know that the nature of this software is a bit odd so I can see why it was detected. Need to know if this is a false positive or not. I have 10 SEOs who are not able to do some work due to this.Detection Log below
Dir: C:\Users\user.name\AppData\Local\ESET\ESET Security\Quarantine\
0CA732EA2C31D33CDC96B4E39E814EA7249136F7.NDF "C:\Program Files (x86)\SeoTools for Excel\SeoToolsMaster64_packed.xll" "@NAME=MSIL/TrojanDropper.Agent.FGU@TYPE=Trojan@SUSP=mod" 27.08.2021 792576 bytesAlso detecting in WebAccess
HashB34B273B4F3BD8E6EEF03FB51FF69EF978C149ABNameMSIL/TrojanDropper.Agent.FGUDetection TypeTrojanObject typefileUniform Resource Identifier (URI)https://releases.seotoolsforexcel.com/SeoTools_v9.7.0.1_20210727.zipProcess nameC:\Program Files\Google\Chrome\Application\chrome.exeScanScannerHTTP filterDetection engine version23865 (20210827)Current engine version23865 (20210827) -
Hello All,
Windows server 2016
upgrade from 8.0 to 8.1 ESET Protect
This is more of an alert with a fix.
I did the upgrade to ESET Protect yesterday and have spent a bit of time trying to figure out why I was getting a 404 error trying to access the webconsole after the upgrade. I tried running a repair install and that did not work either. After digging around I found this C:\Program Files\Apache Software Foundation\apache-tomcat-9.0.35\webapps\era.new
I changed the name of the folder from 'era.new' to 'era' and it all worked.I did a lot of digging on the internet and did not find anything there either so I am hoping this will help other Admins.
-
After installing office and logging everything in the errors returned. I will start a ticket with local support.
Thank you @Marcos for the quick reply.
-
Ok I did some web surfing and ran a full indepth scan and it is still just the single error now, so as I said the suggestion from Marcos above, it did help.
-
That seemed to help. I only get one error after reboot now.
12/4/20, 10:00:00 AM Protoscan Proxy Agent Cannot read from socket: Software caused connection abort root
I am running an indepth scan as I did yesterday to double check.
-
I am testing the latest version of ESET for Mac as well as the new BigSur update.
Current specs areESET Security Management Center (Server), Version 7.2 (7.2.1278.0)
ESET Security Management Center (Web Console), Version 7.2 (7.2.230.0)ESET Endpoint antivirus for Mac 6.10.460.1
ESET Management Agent 7.2.3261.0
MacOS BigSur 11.0.1
MacBook Pro 2016
I am seeing in the Webconsole that the OS is not supported yet but I wanted to be sure that these errors are not something else. See errors below. The network is working fine on this machine.
Also is there any release date for a compatible version of ESET with BigSur?
-
So just removing the pointer to a "Initial static group" and the install goes through. Thanks again for all of your help. Issue has been resolved.
Is this something the developers are looking at? Pointing to a specific static group is helpful for some functions.
-
Thanks Marcos
I was ESET staff about 5 years ago. lol. A few things have changed. -
Hi Martin
I will try that. Thanks! -
So I found that if leave the default server to connect to as the fqdn it works. If I add an Ip address so systems outside of the network can connect it fails.
So for now I have them connecting to the FQDN and a policy will change to the IP address for external connections
-
Hello Martin and Marcos
I have tested on a different system (same OS) and came up with the same errors. Not sure if I am setting something up wrong like the Mac or the script? -
Hello Martin
Thanks again for your quick responses. I am going through the script and I am not seeing anything. I do see that a majority of the script seems to be encrypted though. I was hoping maybe you take a look at the script and tell me if you see anything. The password does not have any special characters. I am installing by right clicking and "run with" > terminal. I add the password after the download completes. I have been installing the same way for all of my Macs and this is the first time I hit an issue. I am wiping another Mac now and will test on that one once it is done. I am doing this incase there is a problem with the Mac Minor update that recently went through. Was hoping that would give me an answer to that. -
Hi Martin,
Thank you both for your quick responses. I will dig through the script and let you know.
-
Hello Marcos
this is the only place I see base64if test -n "$eraa_peer_cert_pwd"
then
echo " <key>PeerCertPassword</key><string>$eraa_peer_cert_pwd</string>" >> "$local_params_file"
echo " <key>PeerCertPasswordIsBase64</key><string>yes</string>" >> "$local_params_file"
fiI found b64 in a few places as well but not in the section following "eraa_policy_data=".
-
Hello
I am attempting to install the ESET Management Agent on a Mac v. 10.15.6. I have attempted several times and wiped/reinstalled the OS several times and still keep hitting an error. Not much could be found on the internet either.
ESET Security Management Center (Server), Version 7.2 (7.2.1278.0)
ESET Security Management Center (Web Console), Version 7.2 (7.2.230.0)from the install command
/Users/superman/Downloads/ESMCAgentInstaller.sh ; exit;
ESET Management Agent live installer script. Copyright © 1992-2020 ESET, spol. s r.o. - All rights reserved.
* Hostname: xx.xxx.xxx.xxx
* Port: 2222
* Installer: hxxp://repository.eset.com/v1/com/eset/apps/business/era/agent/v7/7.2.3261.0/agent_macosx_x86_64.dmg
Downloading installer image 'hxxp://repository.eset.com/v1/com/eset/apps/business/era/agent/v7/7.2.3261.0/agent_macosx_x86_64.dmg':
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 41.6M 100 41.6M 0 0 4905k 0 0:00:08 0:00:08 --:--:-- 6023k
Checking integrity of of downloaded package /tmp/EraAgentOnlineInstaller.G1UTb62h: OK
Mounting image '/tmp/EraAgentOnlineInstaller.G1UTb62h':
Password:
Checksumming Protective Master Boot Record (MBR : 0)…
Protective Master Boot Record (MBR :: verified CRC32 $D9F87118
Checksumming GPT Header (Primary GPT Header : 1)…
GPT Header (Primary GPT Header : 1): verified CRC32 $69571CD3
Checksumming GPT Partition Data (Primary GPT Table : 2)…
GPT Partition Data (Primary GPT Tabl: verified CRC32 $D7122ADD
Checksumming (Apple_Free : 3)…
(Apple_Free : 3): verified CRC32 $00000000
Checksumming disk image (Apple_HFS : 4)…
...............................................................................
disk image (Apple_HFS : 4): verified CRC32 $20E4C25C
Checksumming (Apple_Free : 5)…
(Apple_Free : 5): verified CRC32 $00000000
Checksumming GPT Partition Data (Backup GPT Table : 6)…
GPT Partition Data (Backup GPT Table: verified CRC32 $D7122ADD
Checksumming GPT Header (Backup GPT Header : 7)…
GPT Header (Backup GPT Header : 7): verified CRC32 $B580693D
verified CRC32 $92EFA1D6
/dev/disk2 GUID_partition_scheme
/dev/disk2s1 Apple_HFS /private/tmp/EraAgentOnlineInstaller.3Se9o4WQ
Installing package '/tmp/EraAgentOnlineInstaller.3Se9o4WQ/Agent-MacOSX-x86_64.pkg':
installer: Package name is ESET Management Agent
installer: Installing at base path /
installer: The install failed. (The Installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance. An error occurred while running scripts from the package “Agent-MacOSX-x86_64.pkg”.)
Cleaning up:
"disk2" ejected.
[Process completed]
from the EraAgentInstaller.log
2020-Sep-02 09:53:45 Information: installationcheck: Initialized logging to /tmp/erainstall.log
2020-Sep-02 09:53:45 Information: installationcheck: Output redirected to /tmp/erainstall.log
2020-Sep-02 09:53:45 Information: installationcheck: Created temporary directory /tmp/erainstall
2020-Sep-02 09:53:45 Information: installationcheck: Package path is ''
2020-Sep-02 09:53:45 Information: installationcheck: Default location is ''
2020-Sep-02 09:53:45 Information: installationcheck: Target volume is ''
2020-Sep-02 09:53:45 Information: installationcheck: Removed temporary directory /tmp/erainstall
2020-Sep-02 09:53:45 Information: installationcheck: Output redirection terminated
2020-Sep-02 09:53:45 Information: installationcheck: Moving installation log '/tmp/erainstall.log' to '/Users/superman/Library/Logs/Eset/RemoteAdministrator/EraAgentInstaller.log'
2020-09-02 09:53:47.N Information: Installer: *******************************************
2020-09-02 09:53:47.N Information: Installer: Initialized log file: /Users/superman/Library/Logs/Eset/RemoteAdministrator/EraAgentInstaller.log
2020-09-02 09:53:47.N Information: Installer: Creating directories...
2020-09-02 09:53:47.N Information: Installer: Created 'config' directory: /Library/Application Support/com.eset.remoteadministrator.agent/
2020-09-02 09:53:47.N Information: Installer: Created 'data' directory: /Library/Application Support/com.eset.remoteadministrator.agent//
2020-09-02 09:53:47.N Information: Installer: Created 'logs' directory: /Library/Application Support/com.eset.remoteadministrator.agent//Logs/
2020-09-02 09:53:47.N Information: Installer: Created 'libs' directory: /Applications/ESET Remote Administrator Agent.app//Contents/MacOS/
2020-09-02 09:53:47.N Information: Installer: Starting install sequence.
2020-09-02 09:53:47.N Information: Installer: Checking installed version ...
/tmp/PKInstallSandbox.GUNiqL/Scripts/com.eset.remoteadministrator.agent.aW2hkB/postinstall: line 555: /Applications/ESET Remote Administrator Agent.app//Contents/Helpers/CustomActions: Argument list too long
2020-09-02 09:53:47.N Information: Installer: /tmp/PKInstallSandbox.GUNiqL/Scripts/com.eset.remoteadministrator.agent.aW2hkB/postinstall: 620: Error '126' occured while checking installed version
2020-09-02 09:53:47.N Information: Installer: Performing installation rollback
Any assistance is appreciated
Thanks, Bill
1514: Error occurred while getting certificates from server: Current locale settings are invalid
in ESET PROTECT On-prem (Remote Management)
Posted
Hello
I am installing the Agent on a CentOS 7 server fully updated. getting an error Stating "Current locale settings are invalid"
Current settings (output of locale command)
LANG=en_US.UTF-8
LC_CTYPE="en_US.UTF-8"
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="en_US.UTF-8"
LC_NAME="en_US.UTF-8"
LC_ADDRESS="en_US.UTF-8"
LC_TELEPHONE="en_US.UTF-8"
LC_MEASUREMENT="en_US.UTF-8"
LC_IDENTIFICATION="en_US.UTF-8"
LC_ALL="en_US.UTF-8"
Initialized log file: /var/log/eset/RemoteAdministrator/EraAgentInstaller.log
ESET Management Agent Installer (version: 11.0.503.0), Copyright © 1992-2023 ESET, spol. s r.o. - All rights reserved.
Creating directories...
Creating 'config' directory path: /etc/opt/eset/RemoteAdministrator/Agent
Creating 'data' directory path: /var/opt/eset/RemoteAdministrator/Agent
Creating 'Pki Cache' directory path: /var/opt/eset/RemoteAdministrator/Agent/pki.eset.com/
Creating 'logs' directory path: /var/log/eset/RemoteAdministrator/Agent
Creating 'libs' directory path: /opt/eset/RemoteAdministrator/Agent
Directories created
The archive will be extracted to: /opt/eset/RemoteAdministrator/AgentInstallerData
Extracting, please wait...
The unpacked installer data will be moved to: /opt/eset/RemoteAdministrator/Agent
Checking OpenSSL ... done [OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008]
Checking installed version ...
Status of current installation is: NEW
New connection settings are 'hostname': '3.13.124.220', 'port': 2222
Checking server connection...
Connection checked successfully.
Getting certificate from server...
Failed getting certificates from server.
1514: Error occurred while getting certificates from server: Current locale settings are invalid
Cleaning up setup directories
Any help would be apreciated