tbsky

I am a little confused. if v7 can only be controlled by ESMC, then how a normal user can use it without xwindow/web gui?

thanks a lot for your sharing!! so v7 didn't have xwindow gui (then what's the egui for?), but v4 has xwindow gui. is that correct? I need to use a version with xwindow gui, then I think I will use V4.

Hi: one of our staff need to install linux version(at RHEL 7.7), so I tried to install and testing. but I need some clarify. the linux environment is RHEL 7.7. 1. linux file security => this works fine, I can create web service and use browser to manage it. but it seems have no xwindow user interface, is that correct? 2. endpoint antivirus linux 7.x => there seems have no web service for browser. I didn't see any gnome icon and I don't know where to start xwindow gui interface(is there any?). I try to run "/opt/eset/eea/lib/egui" but it just hang there and nothing happened. 3. business edition 4.x => I haven't try it. it seems an old version. should I try it?

the all-in-one installer with policy is for staffs who can not connect ESMC server temporary (out of office). but as you said, the policy is not very important. the policy will be applied when they connect ESMC server.the automatic activation is important since they can not connect ESMC at the beginning. so the current situation is acceptable.

yes the policy is about protect Endpoint/Agent from being uninstalled. 1. ESMC 7.1 at RHEL 7.7 2. I tried several 7.x version(endpoint antivirus) but none can be activated if I apply endpoint or agent policy.

I try other settings and it seems fine. could you try password settings both for client and agent to see if it is the root cause? it seems the root cause for my server.

only client password for endpoint and agent. I didn't try other settings. maybe I will try other settings later to see if this is the root cause. if I apply client or agent or both then the installer can not be activated.

thanks a lot for your confirm. I try previous version "7.1.2064.0" but still failed. so I guess all Japanese versions are special. this is the first time I need Japanese version. is there any workaround so I can make all-in-one Japanese version? and if I remember correctly, the endpoint package I downloaded from eset website like "eea_nt64.msi" seems universal language. why all-in-one installer has different language?

Hi: I try to pick some other languages like English,Chinese,Russian,Indonesian, all these can be downloaded. it seems only Japanese is effected. is it the eset server problem?

hi: I try to create all-in-one installer and select japanese language as attached. but when I want to download the package, it shows the package is not in repository as attached.

hi: I try to create endpoint antivirus all-in-one-installer which can activate automatically. after try and error, I found if I include endpoint policy or agent policy with the installer, then the installation can not activate. only installer without any policy can activate automatically. is this a known issue or I miss something important?

today the product list is missing again. according to your hint, I think maybe something changed at the server, so ESMC is effected. 1. downgrade mysql 5.7.29 to 5.28 => useless 2. downgrade mysql-connector-odbc 8.0.19 to 8.0.18 => useless, this makes me sad 3. upgrade all mysql component => useless 4. downgrade all mysql component => useless, this makes me panic 5. upgrade all mysql component, downgrade mysql-connector-odbc => useless 6. upgrade all, downgrade all, then upgrade mysql-connector-odbc => product list shows up again!! somthing happened at the upgrade/downgrade procedure. if that "something" didn't happen, then old mysql + old odbc won't cure it. now I downgrade to Mysql 5.7.28 + mysql-connector-odbc 8.0.18. my other ESMC servers are using these versions and the product list seems always fine.

but downgrade odbc driver didn't work for me. downgrade MySQL works. although I can not reproduce it. waiting for documentations about this issue. thanks a lot for your help!

according to your hint. I do some tests below: 1. downgrade mysql-connector-odbc-8.0.19 to mysql-connector-odbc-8.0.18 and reboot => useless, no correct product list. 2. downgrade MySQL 5.7.29 to MySQL 5.7.28 and reboot => bingo! the product list shows up again!! 3. upgrade to mysql-connector-odbc-8.0.19 and MySQL 5.7.29 and reboot => sadly, the product list still shows, can not reproduce. 4. create all-in-one installer and delete it => sadly, the product list still shows, can not reproduce. so the problem seems related to MySQL, since I downgrade it and reboot then it is fixed. but I can not reproduce it now. hope you can find the root cause and fix it.

I am using MySQL 5.7 with mysql-connector-odbc-8.0.19-1 under rhel 7.7. is there any work-around of the issue. I had setup several esmc server, but this is the first time I delete and recreate the all-in-one installer.

Hi: I just install a new ESMC 7.1 server and create all-in-one installer to deploy. after testing, I found it didn't activate automatically. so I think maybe something wrong. I delete the installer and create a new one. then I am surprised that I can't find the product (endpoint antivirus) any more. only some products I don't need show at the list ( as attached). how can I refresh the product list so I can find the product I need?

just give it a try and the answer is no. you can not uninstall v6 with v7 msi files. so what's is the correct command to remove v6 without v6 msi files?

Hi: I need to uninstall endpoint v6 then install v7 to get rid of the v6 policy inheritance . I wonder what's the best command line to use in script. after searching the forum, I found the command is MSIEXEC /uninstall X:\ESET\eea_nt64_enu.msi /qb REBOOT="ReallySuppress" PASSWORD="password" I don't have v6 msi now. can I use v7 msi file to remove v6? is there better command to use without using the msi file? thanks a lot for help!

I don't know if you have heard about the virus of my case. one of our business partner was infected by some kind of malware. all the outlook email content and contacts are stolen. someone use the email content and contact address to attach the virus. they only send to specific email address in the contact, so the general email RBL won't block the infected mail server ip address soon. and they change the virus file every day. very annoying.

indeed ESET have very few false positives. that's what I love most. you can prevent new malware by good human behavior, but you can not prevent the damage from false positive. in fact I had zero false positive since I use delayed update. I am very satisfied with the setting. In my current case I don't think regular update will help. since both livegrid and virustotal won't detect it. only Macfee and sometime Microsoft can detect the virus at the beginning. Microsoft is know to have high FP, I don't know about Macfee. but it detect the virus every time from virustotal engine. you said "it won't help in case of malicious documents". do you mean livegrid didn't detect document, only local virus signature will do the work? PS: as usual, virus from yesterday is detected by nod32 now. but today we still get new viruses, and they will be detected tomorrow. I don't know when will this stopped...

Hi: I use delayed update for maximum stability. but start from last week we are attacked by some kind of phishing mails. it includes a word doc virus about invoice, and that doc file changed every day. nod32 normally detect it after one day. livegrid doesn't detect it. upload the file to "virustotal" for scan, their nod32 engine also can not detect it (but will detect it tomorrow). I wonder if the "delayed update" can co-work with livegrid?

maybe set both 6.x and 7.x password would help, I haven't try. but I will upgrade all client to 7.x, so the policy would be strange at that time. and if someone remove the strange 6.x policy one day, the same behavior may come back. your information is valuable: "it might not work as expected in case settings were changed before upgrade to 7". so to prevent all these strange policy problem, I think I should uninstall all the 6.x before upgrade. I need to study how to do it. but may I ask again last time: is there any method to reset default policy for endpoint 7.2 without uninstall ?

unfortunately our local ESET support can only answer general questions. when I already RTFM , I can only ask for support in the forum.

according to Endpoint 7.2 document, there should be a different way for policy. although I don't know what it is yet. still waitng for someone answering the forum question.

howto do that? I didn't set password 6.x style policy. I only set password 7.x style policy. and client shows about now password settings get improvement every time. in fact, I want to reset all settings to 7.2 default without uninstall. is that possible?